by Paul Mayer
Previous Guest Columns

Policy-based networks: Why not further along?
by Steve Pettit
July 2004

Solve the bandwidth dilemma
by Teejay Riedl
June 2004

 Identify your storage options
by Paul Mayer
May 2004

Visualize the virtual network
by James Leach
April 2004

Maximize the power of fax
by Tom Linhard
March 2004

Who will dominate Web conferencing?
by Ian Widger
February 2004

NAS gains traction
by Joe Disher
January 2004

Focus on data context, not content
by D. Keith Denton
December 2003

Are you ready for Web-age collaboration
by Robert Moore
November 2003

DNS growth has just begun
by Paul V. Mockapetris
October 2003

Has convergence innovation been stifled?
by Iain Milnes
September 2003

Manage VoIP quality and performance
by Robert Massad
August 2003

Is "wireless security" an oxymoron?
by Michael Sutton
July 2003

Pick a provider in 10 easy steps
by Dave McCandless
May 2003

A necessary evolution
by Tom Harper
March 2003

Seek certification of outside partners
by Lindell Wilson
February 2003

Choose a systems integrator
by Judy Matthys
December 2002

 

  

Identify your storage options

Well-defined data categories and service-level agreements are a must for effective data protection.

When designing a system for data protection, defining discrete categories of data according to the criticality of data is crucial. After these categories have been identified, an organization should establish the following values for each category:

Recovery point objective (RPO). RPO is the measurement of the point in time to which a data source can be restored, following an event that caused data loss. For example, if an organization that uses a traditional tape backup experiences database corruption, its point of recovery for that corrupt database would be from the last backup. A practical way to establish an RPO for a category of data is to assess how much of that data an organization can afford to lose in the form of unprotected transactions and weigh it against the cost to protect incremental transactions.

Recovery time objective (RTO): RTO measures the amount of time that an organization will not have access to a category of data while the data is being recovered. To establish RTO, the organization should consider the comprehensive costs of downtime, including tangible expenses, such as lost productivity and relinquished orders, and intangible measures, such as employee and customer frustration.

Retention requirement for recovery data: This measures how long a copy of data must be kept. Some organizations retain incremental copies of data until a full backup is performed, at which time the incremental backups and snapshots are cycled and the storage space released. To properly architect this type of system, however, organizations should consider several factors: Will they ever need to refer back to incremental backups, checkpoints or snapshots? What if a data corruption is discovered after the incremental backups have been cycled? Will the RPO be met for that data if it must be returned to a point in time two weeks back? Also, are there regulatory requirements that might require auditing of the data on a finer granularity than a weekly or monthly point in time?

Establishing as small a number of data categories as possible is beneficial in simplifying the backup-and-recovery process. For example, defining as few as two data categories may be possible: mission critical and non-mission critical. Mission-critical data may require a recent recovery point, instantaneous recovery time and small backup window, while non-mission critical may require nightly backup and same-day recovery time, with an eight-hour backup window.

The next step is to consolidate storage resources. This allows an organization to optimize management of the resources and improve the overall reliability and scalability of the storage environment.

Strategies for storage consolidation include storage area networks, network-attached storage, iSCSI technology, or simply consolidating many small RAIDs and tape libraries into larger, direct-attached, centralized models.

In addition to these methods, virtual means of consolidation can be utilized. For example, organizations can deploy single-pane administrative consoles to administer backup operations from a central location. They can also use storage resource-management (SRM) technologies to monitor and manage centralized and decentralized storage resources.

Next, perform a data inventory to determine: how much data exists and what applications are associated with each set of data; what level of protection is in place for this type of data; and in which category does this data best fit. An organization can use SRM tools to improve the efficiency of this audit but will need to manually perform many of the qualitative portions.

Once this audit is complete, an organization should select and implement technologies and procedures according to priority. The first priority should be to deliver fundamental protection for all data sources. Attention can then be turned to meeting the requirements within each defined data category. When the system fully meets the service levels in each category for local data protection, the organization can further augment the system to achieve the requirements for disaster recovery.

A myriad of hardware and software technologies are available to help an organization meet its RTO, RPO and backup windows. Once implemented, test and monitor the performance and reliability of the entire system on a regular basis.

For more information from Datalink:
www.rsleads.com/405cn-250

Paul Mayer is product manager for Datalink, Chanhassen, Minn.