Continuous data protection offers clear-cut advantages over traditional backup, snapshots, and replication.
By Jim Addlesberger
Advancements in technology do not come without a fight. In recent years we have repeatedly witnessed this phenomenon. There was resistance to a new tape format called LTO: “Who needs it when we have DLT?” Or, what about the concept of backing up to disk, or virtual tape libraries (VTLs)? And of course we had the iSCSI versus Fibre Channel debate. “Why would you want to use IP when FC has finally become the performance standard and costs are on the way down?”
Well, guess what? When these so-called crazy ideas got into the market place and users began to try them out, they discovered there were substantial benefits and over time many of these technologies have become refined, then legitimized.
About two years ago, the concept of continuous data protection (CDP) appeared on the scene. It sounded logical, at least on the surface, as everyone has complained for years about losing data and how inefficient restore technologies are. For years we have been held captive by a process-tape backup-that takes way too long, negatively impacts production performance, is known to fail frequently, and yet is relied on 100% for data security.
However, although CDP can solve these problems, many observers are still saying that “CDP is immature, nobody knows what it really is, and we have snapshot technology today and D2D for staging and short-term retrieval, and that’s all we really need.”
What is it?
Let’s take a closer look at what CDP really is and why it is worth your investment, at least for certain applications in your infrastructure. According to the Storage Networking Industry Association (SNIA):
“The SNIA DMF CDP SIG defines CDP as follows: Continuous data protection (CDP) is a methodology that continuously captures or tracks data modifications and stores changes independent of the primary data, enabling recovery points from any point in the past. CDP systems may be block-, file-, or application-based and can provide fine granularities of restorable objects to infinitely variable recovery points.
So, according to this definition, all CDP solutions incorporate these three fundamental attributes:
- Data changes are continuously captured or tracked;
- All data changes are stored in a separate location from the primary storage; and
- Recovery point objectives are arbitrary and need not be defined in advance of the actual recovery.”
This definition is clear enough, although vendors without “true” CDP-say, “near” CDP-try to muddy the water. The truth is that CDP captures all changes continuously in a separate place and recovery points are not defined in advance. Replication- or snapshot-based systems that capture data periodically, say every 15 minutes, are clearly not continuous, and leave users vulnerable to potential data loss. The zero data loss associated with true CDP has real value and makes understanding the distinction of true CDP worthwhile.
Today’s data-protection alternatives are represented in the figure.
With traditional backup, protection is generally a disruptive daily event that has to be scheduled and managed. When there is a problem with the backup, it can fail and schedules can overlap. You are then left to clean up a mess as you try to reschedule or give up and have an even greater exposure to data loss until the next scheduled backup.
The backup window has been a nightmare for administrators for some time, and the shift to global trade and 24x7 operation has made backup nearly impossible for some companies. Open file managers and specialized backup APIs have helped by making it possible to keep files semi-open during backup. However, in reality they do implement a “rolling close” and slow down operations considerably, requiring that backups still be scheduled for times where system activity is very low.
Snapshots help reduce gaps in protection associated with backup, but only to a point. Snapshots typically rely on proprietary hardware deployments, so they cannot be used universally in a mixed environment. There are practical limitations on the number of snapshots that can be maintained, dependent on how active the system can be. Integrating applications into your backup schematic is complex and may require professional services or experienced consultants.
Replication maintains an exact or near real-time image of the primary dataset. While this can be helpful in the case of physical interruption, it does nothing to protect against logical corruption, nor does it provide a time dimension. Corruption or accidental deletion on the primary dataset is instantaneously replicated to the secondary dataset-an undesirable phenomenon we call “corruption times two.” Third-mirror splits and BCVs (Business Continuance Volumes-an EMC term) may be used to “freeze” points in time. However, this approach is costly and complex, both in terms of disk usage and operational management. Customized scripting and vendor verification are often required, and yet even with all this overhead you still have not eliminated the gaps in coverage between splits.
With CDP you can continuously capture all changes made to the data on your servers, including changes to the metadata such as permissions and attributes. CDP employs an automatic process that occurs in real-time, with no scheduling involved and no need to pre-select times to snapshot data. Everything is captured, and no intervention is required.
CDP offers the best RPO available today, eliminating the protection gaps inherent with backup, snapshots, and replication because meaningful events, such as database checkpoints, transactions, and file save events, are captured and marked, and data is captured exactly as it is written to the primary file system: There is no secondary processing or reconstruction of blocks to file.
CDP is not a series of granular snapshots or point-in-time copies: All changes are captured as, and when, they occur. Changes are ordered and applied in the sequence in which they occurred, thereby maintaining time congruence and logical sequencing at all times.
How does CDP work? Simplistically, a CDP agent sits on the server to be protected (e.g., SQL, Exchange, SharePoint, File Server, etc.) and captures every committed write to the database, Exchange store, or, in the case of files, each time a file is saved or closed. This committed write is simultaneously transferred via another server (local or remote) to its direct-attached or block-level repository and is time-stamped and secured.
The performance impact on the production server can be minimal-say about 3%. For remote repositories, transactions are sent asynchronously and buffered if the network is busy. There is a small exposure here, but usually no more than the loss of the last transaction should a disruption occur.
The CDP repository’s size is under your control. Protect a day, a week, or more of transactions. Since most panic restores are needed for data less than 8 to 72 hours old, your RPO usually does not have to be long. And best of all you can now restore directly from the repository and do it quickly rather than have to deal with tape. This means that you have the capability of recovering from logical or physical corruption to any moment in time-with greatly enhanced RPO and improved RTO. CDP improves the availability of business applications, while simultaneously reducing costs and improving operational efficiency.
Another benefit of CDP is that you can eliminate backup windows by backing up the repository from any point in time rather than dealing with the production servers. You can also derive more value from your data by making a complete time-dimensioned repository of data available for offline analysis, reporting, or testing.
A couple of case studies will illustrate the benefits of CDP. For example, an airport on the West Coast that had already deployed Microsoft clustering was faced with making its SQL databases even more secure. Although clustering can make server resources more highly available, it is still possible to encounter failure conditions that can halt the cluster and cause all data to be lost. Microsoft Replication was one option, but the airport felt that it demanded too many system resources from the production servers, potentially causing application performance to deteriorate. After consideration, the storage administrators turned to a CDP solution to achieve an extra measure of data protection. They now capture all the changes, and the repository resides on a Windows 2000 server attached to a SAN. The performance impact on protected servers is minimal-less than 3%. Protection is continuous, so there are no protection gaps and neither are there backup schedules or backup windows that have to be managed.
In another example, a research center was concerned that traditional tape backup-brick level, full or incremental-of Exchange was not the most reliable way of recovering lost or corrupt data. They were looking for a solution to mitigate risk while not having the high cost of acquisition or longer-term total cost of ownership. They found their answer in a CDP for Exchange solution. The research center reports that it has performed dozens of random Exchange recoveries since installing CDP for Exchange. The data is consistently accurate and they are even able to quickly recover individual e-mails.
CDP is not just a new toy. For those high-risk applications where the time to recover is short, CDP can be a lifesaver. CDP is being deployed today by savvy data-center administrators to reduce risk and to enable them to sleep better at night.
James (Jim) Addlesberger is president and founder of NavigateStorage, a data protection solutions provider (www.navi gatestorage.com).