Backup and restore is a game of capacity or volume. You have to protect not only your 5TB back-office Oracle database but the army of multihundred-gigabyte Windows servers scattered throughout the enterprise. High-capacity backup tends to have the most sex appeal, but because every enterprise has dozens to hundreds of Windows servers, backing up this data is just as important--and much more operationally cumbersome.
The critical nature of Windows backup is reflected in the way the industry has matured. In the early 1990s, Microsoft LAN Manager was considered a second-tier, departmental file-and-print server that competed with NetWare. At that time, backup of Microsoft (and Novell) servers was done by small, focused companies like Cheyenne and Palindrome. With the introduction and subsequent success of Windows NT, Windows server backup became too significant for storage management leaders to ignore. As a result, Computer Associates (CA) grabbed its Long Island neighbor Cheyenne (the product is now known as ARCserve), while Palindrome was gobbled up by Seagate and then subsequently sold to Veritas (the product is now known as Backup Exec).
Because of these acquisitions, CA and Veritas (now part of Symantec) dominate the Microsoft server market, but a new vendor is about to enter the game in a big way. In September 2004, Microsoft announced it would throw its hat into the data protection ring with a disk-to-disk backup product called Data Protection Server (a.k.a. System Center Data Protection Manager or Data Protection Manager [DPM]), which is scheduled for release in the second half of 2005. In typical Microsoft fashion, the firm is already lining up its massive marketing and distribution machine to ensure DPM gets off to a fast start.
So what exactly is this new Windows-based storage product? In its initial form, DPM provides disk-based backup of Windows file servers. Here's a simple description of how it works. DPM agents are pushed to individual servers as part of an Active Directory policy. Once installed, these agents become part of the DPM server domain, which means storage managers can apply backup policies to individual systems or server groups. The server-based DPM agents monitor and log any changes to files on the protected servers, and then replicate any byte-level changes asynchronously to the Data Protection Server at regularly scheduled intervals (e.g., hourly or daily). Once files are backed up to the DPM server, users can take advantage of Microsoft's Volume Shadow Copy Service (VSS) functionality to create point-in-time copies of the DPM repository. In this way, DPM enhances data protection by capturing data changes more frequently than typical nightly backups and maintaining an online, disk-based file image for easier restores.
So Microsoft is once again jumping into an established marketplace with its unique "special sauce." But what are its chances?
ESG sought the answer to this question with a research survey of 232 storage and IT professionals. Respondents worked at organizations ranging in size from fewer than 100 employees to more than 20,000, and came from eight defined industry segments. (In addition to the eight segments, 9% of respondents said they worked in "Other" industries.) When respondents were asked, "Do you believe your organization would use a disk-based data protection suite from Microsoft?," nearly half said they would.
Why would these users embrace a Windows-based storage management solution? There are several reasons:
- Microsoft's offering fits the growing disk-to-disk backup trend. In ESG's April 2005 research report, Tape Replacement Realities, 18% of those surveyed said they've replaced--not augmented--tape libraries with near-line disk arrays, while another 58% would consider doing so. Why? Tape is too slow, prone to media errors and doesn't meet current needs for frequent incremental backups and online restores. In this climate of active tape replacement, Microsoft's DPM product hits the market at a perfect time.
- DPM complements other Windows-based tools. As Windows servers proliferate, many shops have embraced other Microsoft support tools like Active Directory, Microsoft Operations Manager and Systems Management Server. Bill Gates and company have also tightened the integration between these tools through successive releases. DPM will be tightly integrated with Active Directory out of the gate in terms of agent distribution, identity and policy administration, and it'll certainly talk to other Windows tools in the future. Companies that have invested in these tools see DPM as a way to improve backup/ restore and leverage their existing management infrastructure to lower training and operating costs.
- It's cheap and easy to use. DPM clients will be priced at $100 each, while servers cost $650. As my colleague Steve Duplessie says, "At that price, DPM is as good as free." What's more, nearly 100% of the Windows shops surveyed by ESG have a network directory infrastructure based upon Microsoft Active Directory. Installing the DPM server and deploying the clients will be a walk in the park.
Waiting for Windows DPM
ESG believes Microsoft will inevitably become part of the data protection infrastructure over time. This implementation activity will likely start in the small- and medium-sized business market where Windows is the dominant OS, and then migrate up market from there.
Smart users will recognize this predictable evolution and plan accordingly by doing the following:
- Considering short- and long-term Windows backup needs. Because corporate Windows servers are backed up to tape, storage managers should start by assessing their backup needs across the board. Which servers have the shortest backup windows? Would the business be better protected if any of these systems were backed up more frequently than once per day? Would online restore be especially beneficial for particular users and files? Start with data center-resident Windows servers and work your way out to the edge and then out over the WAN to remote offices.
One last thing: Don't forget to think about desktop backup. Few companies back up PCs and laptops, yet these systems often contain business-critical or confidential data. Over time, DPM may be a viable solution to this perpetual problem.
- Integrating DPM into existing backup processes and technologies. It's a safe bet that Microsoft won't support Unix, Linux or any other operating environment in DPM--so you won't be throwing out your Legato, Tivoli or Veritas tools any time soon. Instead, these enterprise-class systems will likely provide backup services to DPM servers. Storage professionals must design a backup architecture that protects the DPM systems, fits into disaster recovery plans and doesn't saturate the network with backup traffic during business hours. Smart storage managers will work with their primary data protection vendors to follow their DPM support roadmaps, while ensuring that Windows storage management adheres to broader operations and risk management processes.
- Introducing the storage team to Active Directory. DPM will be distributed, registered and administered through a combination of its own management console and Active Directory--a piece of infrastructure storage professionals generally know little about. They won't need to become MCSEs, but they do need a basic understanding of Active Directory as it relates to DPM configuration, policy management and data protection. Plan on sending storage professionals out for training or scheduling time with your in-house Windows administration staff for some knowledge transfer sessions.
- Becoming experts on Windows security. Users are universally spooked by Windows security as the platform is a frequent target of the black hat community. ESG believes this reality shouldn't deter the use of DPM; rather, organizations (and storage professionals) should become familiar with Windows security best practices to gain DPM benefits while minimizing risks. This means deploying secure Windows configurations using reference models from Microsoft or security organizations like the SANS Institute, monitoring Microsoft vulnerabilities, following attack vectors "in the wild," and developing prudent and effective patching practices.
The bottom line
Only a fool would dismiss Microsoft as a non-factor in any software play, and DPM is no exception. ESG believes companies will deploy DPM liberally as they move to disk-based backup, and as DPM progresses and supports SQL Server and Exchange. Storage executives should begin their upfront planning accordingly--no later than the beginning of 2006. This will help ease the transition process and accelerate ROI. 2