Speed and security: Combating the backup Babel

In an enterprise where the network has grown organically with the company, there is likely to be a very piecemeal approach to backup.

Desktop devices tied to particular places might have a consistent routine in place, but this is likely to be different matter for mobile workers, particularly if they operate remotely from the main office. Data held on the intranet and extranet, or from applications operating within virtual machines, will also be problematic, and each may have its own heterogeneous backup system.

Aside from the sheer management headache of maintaining all these different types of backup, which could be using a variety of different applications, there are very real implications for both performance and security.

In this feature, we explore these issues and how to combat them.

The Problem

When multiple different backup applications are used at once, there are likely to be many files that are kept on more than one backup. Although deduplication could work within each individual software system, if supported by the application in question, each one will be a silo with no connection to others.

So there will be no deduplication between them. This won't just mean more storage is used than is really necessary; more bandwidth will be required as well, because the same file will be sent multiple times over the network, both during backup and restore processes.

There will be no facility to centralise security either. A variety of different systems of encryption will be in force, with varying levels of ability. Administrators will spend time maintaining the security regimes of each backup system.

Depending on the backup repository technology used, it may be possible to employ deduplication once the data is all stored in a central facility.

However, whenever this data is moved between remote repositories to the data centre for long-term archiving, all the deduplicated data must be reconstituted, or "rehydrated", prior to transmission.

This also requires greater network bandwidth, causes inefficient usage of disk space, and incurs management overhead costs. When backups span multiple repositories, there will be no way remove duplicate files stored on more than one repository.

The Solution

The solution to this backup Babel is a system that can centralise data from heterogeneous sources, with enough built-in intelligence to detect duplicate files even when they are coming from different platforms and part of different backup sets.

One combination that can readily combat all the issues at hand is HP's StoreOnce in tandem with the Data Protector software. The HP StoreOnce hardware offers a full range of options for backup repositories.

The StoreOnce Virtual Storage Appliance allows any virtualised storage to form the basis of a centralised backup infrastructure. It is hardware-independent and hypervisor-agnostic, although there is a cost-effective version specifically tailored for use with Hyper-V which offers 4TB per license.

But there is also a complete set of specially tailored hardware solutions for every level of data capacity requirement, most of which can be expanded from a base level as need increases. Capacities range from the entry-level StoreOnce 2700's 5.5TB usable capacity to a maximum of 1,728TB for the range-topping StoreOnce 6500 42U rack.

Each system emulates a number of tape library types, in particular LTO-2, 3, 4 and 6 Ultrium, as well as Disk To Disk, so that standard backup software can address the storage in a traditional way. Both Ethernet and Fibre Channel connections are available, with StoreOnce Catalyst or iSCSI Virtual Tape Library targets available as options, and regular NAS for Ethernet as well.

The native deduplication of StoreOnce can reduce the disk space required to store backup sets by around a factor of 20, which means more data can be kept for longer before archiving is necessary. This, in turn, means restoring from the faster online repository is more readily available, so that recovery from lost or corrupt files can be faster, with reduced impact on business productivity.

However, the HP StoreOnce Catalyst software also provides intelligent deduplication prior to transmission, so duplicate files are detected before the backup is sent. This occurs on application servers or localised backup servers.

Not only does this mean more efficient usage of the storage available, but also much reduced bandwidth requirements. In fact, HP internal testing has demonstrated that backup can be up to three times faster and recovery five times faster than the closest competitor offering.

The federated system of HP StoreOnce Catalyst means deduplication only has to be performed once, and then the data can be moved around as desired without the need for rehydration, and even span across nodes. But companies can also choose where in the process the deduplication takes place, placing this wherever it makes sense for a particular type of business.

The Benefits

Using HP StoreOnce with the Catalyst software alongside HP Data Protector brings further benefits that address the security and the management problems of heterogeneous environments.

The Data Protector software supports Windows, Linux and Unix operating systems, with support for virtual environments and remote workers using intermittent connections. This means the backup regime of every system on the network can be administered centrally, using one interface, vastly reducing the management overhead.

On top of this, StoreOnce encryption can be both on disk and in-flight, so that data is kept secure both during the backup or restore process as well as when stored.

However, with Data Protector the security policies can be centrally managed as well. That way, a consistent policy can be implemented across platforms. Instead of some clients being more secure than others, due to the plethora of backup regimes in force, the administrator can ensure that all clients are equally protected.

The ability of HP StoreOnce and Catalyst software's federated deduplication to span nodes means that fewer, larger stores need to be created as well. This simplifies the structure of the backup provision, which will be particularly beneficial when a StoreOnce appliance is serving a large number of targets.

The HP StoreOnce 6500 supports up to 384 backup targets, so can act as the hub for a huge network of remote office. Whatever the size of your business, reducing the complication of your backup strategy can significantly reduce costs.

HP StoreOnce, particularly in tandem with the Catalyst and Data Protector softwares, has the potential to reduce the cacophony of different regimes so that one more easily managed backup voice can be heard across the entire enterprise.