Software CDP products are more plentiful and diverse, making the product choice more difficult.
BackupExec stands in stark contrast to near-CDP products, like Microsoft DPM, which behaves like a snapshot tool offering limited granularity. However, Goodwin points out that DPM is well optimized for backup tasks, is easy to implement, and its snapshot nature makes it virtually immune to data bombs. "DPM is not going to have a problem dealing with those scenarios," he says. "But its recovery point is no better than one hour."
Other CDP products include offerings from Atempo Inc., IBM Tivoli, Topio Inc., and FilesX Inc. Atempo's LiveBackup handles transparent CDP for Windows desktop and laptop PCs in the global enterprise. Files are sent remotely to LiveBackup servers across wide area networks (WAN), local area network (LAN) or Internet connections. The Topio Data Protection Suite (TDPS) software has been gaining popularity for its ability to replicate and recover enterprise data across a variety of locations, platforms and storage. Xpress Restore software from FilesX touts bare-metal recovery capability for Exchange, SQL and file servers.
In terms of application-specific CDP products, Atempo supports Microsoft Exchange with its LiveServ for Exchange Servers product. Other application-specific CDP software products include NearPoint for Exchange from Mimosa Systems Inc., TimeData for SQL, TimeData for Windows Fileserver and TimeData for Exchange from TimeSpring Software Corp. The Enterprise Rewinder from CA can configure, monitor, manage and perform recovery on all of your Exchange, SQL, Oracle, file and other application servers from a single console.
Selecting the right product
Ultimately, an organization must consider the need for CDP very carefully before making a purchase decision. The goal of CDP is to minimize recovery points and recovery times, but if those objectives are met with more conventional technologies (e.g., snapshots), CDP may not provide optimum value to an organization. Analysts suggest the following points that will help you identify the best product for your own production environment.
Determine the CDP granularity. True-CDP products typically journal storage activity down to individual writes, while near-CDP products behave like more conventional snapshot systems. Both approaches clearly provide value, but it's important to evaluate the behavior of each CDP offering against your specific data protection needs. Organizations with extremely tight RPOs may require true-CDP platforms. Otherwise, an enterprise may opt for less expensive and more readily available snapshot or near-CDP products.
Weigh file-based vs. block-based CDP. File-based applications are often best served by a file-based CDP product, which can restore individual files on demand and is often quicker for smaller or limited restorations. By comparison, block-based applications often run on raw volumes for improved performance. Block-based CDP products operate at a lower level and can handle all types of applications, but recovery takes a bit longer since the entire volume must be restored before recovering particular files.
Consider the application(s) that CDP is intended to protect. CDP is typically implemented to support specific applications in the enterprise, such as email or database servers. Pick a CDP product that supports your mission-critical applications, as well as any related applications. As an example, a CDP product intended for Oracle should also support related applications, like enterprise resource planning (ERP), finance or other applications that use the database.
Evaluate the management overhead. Expect to invest significant time to plan, integrate, configure, tune and optimize a CDP platform. But once the product is operating, it should run almost unattended. At most, it should demand no more management time than other snapshot or replication platforms. "The more time you have to spend with it, the less value that [CDP] solution has," Schulz says. "If you're buying a solution where you have to put more manpower around it, that tells me you have the wrong solution." Pilot testing can help to identify management requirements.
Test and evaluate the product in-house. CDP technology should be tested thoroughly before making a purchase decision. Evaluate the interoperability with existing storage and other elements in your infrastructure. Examine the impact of scripts and drivers (agents) on servers. Test restorations and ensure that key applications will continue to run without disruption -- especially in a busy transactional environment where content may be buffered in memory.
Best practices for implementation
At this point, it's difficult to identify a complete set of best practices for CDP -- there just aren't enough deployments yet for best practices to fully solidify. "CDP is such a new technology that best practices are still not quite prevalent," says Arun Taneja, consulting analyst and founder of the Taneja Group in Hopkinton, Mass, noting that Mimosa and other application-focused CDP products do tout a more established user base. Still, some well-grounded policies can help smooth common CDP implementation issues.
Don't use CDP to replace other backup or data protection plans. Just as tape, D2D, VTL, replication and snapshots fill specific storage roles, CDP fills a unique need in the overall data protection scheme. While it might be technically feasible to use CDP in place of other storage platforms, analysts are unanimously against the idea. "The bigger question is where does this [CDP] fit into the data protection continuum, and how does it improve your process?" Goodwin says.
Ensure adequate network bandwidth to move data. Data protection technologies require network bandwidth to move data from one place to another. With a CDP deployment, Goodwin suggests maintaining at least 20% additional space and bandwidth capacity to accommodate an unexpected restore job. Otherwise, network performance may suffer (possibly compromising service levels) during restorations.
Start small, build out and tweak as necessary. As a relatively new technology, it's difficult to predict the impact of CDP on existing infrastructures, so users typically opt to start by deploying CDP to protect a single noncritical application (or a critical application in parallel with existing protection initiatives, like snapshots). Schulz points to his own experience with CDP problems. "What caught my attention was the extra traffic it [CDP] was putting on my network, and extra traffic it was causing to some storage," he says. "All of a sudden my backup jobs were running a little longer because they were picking up the CDP caches that I hadn't thought about excluding." The goal is to evaluate the behaviors and limitations of CDP -- gaining experience with the CDP product before extending the deployment.
Remember to implement security measures. CDP allows for fast restoration, but understand who is authorized to restore data, when restores are permitted and where restorations can occur. Be sure that users can only restore data that they are responsible for and authorized to handle. Otherwise, CDP's flexibility may become a serious security threat to the organization. ***
This was first published in August 2006