Published: 19 Jan 2012
With plenty of viable options available, backing up remote offices and branch offices (ROBOs) shouldn’t be neglected any longer.
Data protection for remote offices and branch offices (ROBOs) has always been a challenge, and it can present some real risks to corporate data. Key factors that contribute to the generally mediocre state of data protection in many ROBOs are an absence of local IT staff, dependence on shared resources, an inadequate backup infrastructure and a false sense that remote-office data is somehow less relevant.
A reliance on difficult-to-manage and more error-prone tapes for ROBO backups contributed to these data protection woes, but the use of disk in place of tape in recent years has helped alleviate some of the problems. “According to surveys we conducted, tape-based backup has dropped by 50% in ROBOs between 2007 and 2010,” said Lauren Whitehouse, a senior analyst at Enterprise Strategy Group (ESG), Milford, Mass. Besides disk-based backup, technological advances in data deduplication, networking and the emergence of the cloud are giving companies a slew of ROBO data protection options that simply weren’t available a few years ago.
ROBO backup options
Local backup without an offsite copy. Backing up data locally at the remote office to tape or disk is the most basic ROBO data protection approach. Typically used in small remote offices with a few users, administrative overhead is modest especially if disk is used as a backup target. If tape is the backup medium, an administrative resource is usually designated to change tapes and put them in a secure place, such as a fire-resistant safe. But with all backups and primary data in the same facility, the risk of losing both is real. The lack of an offsite disaster recovery (DR) copy is the gravest weakness of this approach. “Backing up locally without offsite copy should only be considered if the data in the ROBO isn’t of significant value for the company,” said Greg Schulz, founder and senior analyst at StorageIO Group, Stillwater, Minn.
Determining the best ROBO backup option
Enlarge ROBO backup: Key considerations diagram.
Local backup with a tape-based offsite copy. To overcome the DR shortcomings of the former approach, local backups are supplemented with a scheduled tape-based offsite copy. Although in declining use, tape has been, and still is, very popular to get backups to a DR location. If local backups are tape based, selected backup sets are moved offsite according to a predefined schedule. If local backups are taken to disk, backup sets designated for off-siting are first moved from disk to tape. With the support of both tape- and disk-based backups in contemporary backup apps, the heavy lifting of juggling data between disk and tape is performed by the backup application according to preconfiguredbackup schedules and configurations. The challenge in using tapes for local or offsite backups is the additional overhead of changing and loading tapes, and getting them to an offsite location. In most cases, companies opt for vendors like Iron Mountain to manage their offsite tape backups. These offsite backup vendors have well established processes to keep tapes safe and secure.
Backing up to a centralized data center without retaining a local copy. Larger companies and enterprises, where standardization and defined processes are in place, usually favor centralizing data protection of their ROBOs. Being able to leverage existing infrastructure and IT resources not only results in cost savings but in better managed data protection. Configuring backups is as simple as installing and configuring backup agents on servers and systems in the remote office, and they’re managed along with other backups, adding little overhead.
With all backups managed remotely, the remote management capabilities of the backup application are essential. “Remote management features are no longer a differentiator, but are pretty standard now in backup applications,” ESG’s Whitehouse said. For centralized backup of ROBOs to work, available bandwidth and the impact of backups in progress on users, as well as on other apps, must be clearly understood.
For some ROBOs, centralized backups may not be an option at all unless network changes are made and additional bandwidth is provisioned. Features like source-side deduplication -- deduplication of data before it leaves the ROBO site -- compression and bandwidth throttling are key features that can help minimize the impact of remote backups on the network and reduce backup times.
The biggest challenge of centralized backup without a local copy is recovery. While backups are incremental with changes trickling across the network over time, recovery is more taxing since a much larger amount of data may have to be restored in a short span of time. Even with a feature like source-side deduplication that helps to quicken recovery, a predefined recovery plan that outlines the recovery strategy for various scenarios is a must.
“Due diligence of analyzing the impact of remote backups on the network and a clearly defined recovery strategy are essential to preventing unpleasant surprises,” StorageIO Group’s Schulz said.
Backing up to a centralized data center with a local copy at the ROBO. The practicality of a centralized backup of a ROBO without a local copy for quick recovery declines with the amount of data to be protected. “As you approach and exceed 10 TB of data, a cached copy of the latest backup set becomes increasingly relevant,” said Steve Wojtowecz, vice president of storage software development for IBM Tivoli. In a centralized backup with a local copy scenario, a backup application usually backs up data to a local disk target where it’s then replicated asynchronously to the central data center backup infrastructure. All major backup application vendors have supplemented their apps with replication options: CommVault Simpana with DASH Copy; EMC Avamar by means of a storage node in the ROBO to replicate local backups to a centralized Avamar Data Store; IBM with Tivoli Storage Manager FastBack; Symantec with both NetBackup and Backup Exec appliances. In all these solutions, replication is a component of a larger backup suite and architecture, and works well in places that have standardized on a backup suite. They’re less suitable in companies with a more heterogeneous backup landscape.
In heterogeneous backup environments, replication is usually deferred to backup targets that are capable of performing replication independently of the backup software in use. One way of accomplishing this is via general-purpose disk-based or software-based replication with the caveats of lacking backup focus and features, and adding complexity. That’s when dedicated backup targets with replication capabilities come into play. They’re backup storage appliances padded with features relevant to backup and recovery, such as replication, deduplication, compression and centralized management. Leading the pack and best known is the EMC Data Domain family, with appliances ranging from 1 terabyte to hundreds of terabytes of capacity. Hewlett-Packard with its StoreOnce Backup System and Quantum’s DXi-Series of backup appliances also compete in this space. Because these intelligent backup targets are decoupled and independent from backup applications, they’re required in both the ROBOs and the central data center. While the data center appliance that aggregates backups from the ROBO appliances is usually a large redundant system with sufficient capacity, appliances in ROBOs are generally much smaller, single systems. Unlike replication options that leverage an existing backup suite, these backup appliances are usually less cost effective, especially since they’re required in all locations.
Using a cloud backup service without retaining a local copy. The recent rise of cloud computing and cloud storage gives companies yet another data protection option for their ROBOs. Backing up directly to the cloud is very similar to backing up to a centralized data center, especially from the ROBO’s perspective.
Instead of in-house IT managing backups, responsibility for backups is deferred to a managed service provider (MSP). This is especially attractive for smaller and midsize companies with IT generalists who are forced to juggle and prioritize competing tasks, and may be unable to give ROBO data protection sufficient attention. Favored by many chief financial officers, cloud-based backup becomes part of monthly operational expenses (OPEX) rather than a capital expense (CAPEX) as is the case with in-house backup infrastructure and software.
Setup and configuration are as simple as installing agents on protected systems and support, if needed, is provided by the MSP. Despite the now de facto standard encryption of data in-transit and at-rest in the cloud, security concerns are still a major impediment for more rapid adoption.
With ROBOs spread around the globe, compliance and privacy requirements further complicate cloud backup adoption. In most cases, the geographic location of data in the cloud is unknown, which poses a challenge in countries that require data to stay within defined geographic boundaries. “Strict privacy requirements in some European countries are in conflict with regulations like the USA Patriot Act, which basically enables the government to go through any data,” ESG’s Whitehouse noted. Customers who opt for cloud-based backup can choose from a fast-growing list of cloud backup providers. Business-level cloud-based backup offerings are available from EMC with Mozy, Carbonite, Symantec with Backup Exec.cloud, IBM with SmartCloud Resilience, i365 and Iron Mountain, as well as many regional providers.
Using a cloud backup service with a local backup data copy. Direct backup into the cloud has the same restore challenges as backup to a centralized data center when a local copy of the backup isn’t retained. It works well if the amount of protected data is small, but can be problematic for larger amounts of data. If a lot of data needs to be restored, some service providers offer an option to have backup data shipped to customers on a disk or network-attached storage (NAS) device. Some services, such as i365, provide an on-site option to cache the latest backup on-premises to enable local recovery. “Although there are a large and growing number of cloud backup MSPs, most only support directly backing up into the cloud and only very few provide an on-premises option for quick recovery,” StorageIO’s Schulz said.
Do-it-yourself cloud backup. The benefit of delegating ROBO backups to a cloud backup service is best suited for small to midsize companies with limited IT resources. For larger firms and companies that want to supplement in-house backup infrastructure with cloud storage, an external backup service provider usually isn’t the best option, mostly because they’re difficult to integrate into the existing backup infrastructure and are likely to end up as isolated backup islands that run in parallel and are independent of the existing backup environment. If the intention is to extend existing backup infrastructure into the cloud, direct backup to cloud storage from the likes of AT&T, Amazon, Microsoft, Nirvanix and Rackspace is the way to go. Direct backup to cloud storage can be done from the backup application, if it supports cloud storage, or via a cloud backup gateway. While Arkeia Network Backup, CommVault Simpana, and Symantec NetBackup and Backup Exec support cloud storage as a backup target, EMC Avamar, EMC NetWorker and IBM Tivoli Storage Manager currently don’t support direct backup to the cloud.
Cloud backup gateways such as Riverbed Whitewater decouple cloud backup from the backup application. Akin to backup target appliances, cloud backup gateways are disk targets to which backup applications write. They manage communication and interface with cloud storage providers, and perform tasks such as deduplication, compression, encryption and scheduling. Furthermore, they allow recent backups to be kept on-premises for quick recovery.
ROBO backup trends
The dismal state of ROBO backups should be a specter of the past. With the emergence of non-tape-based options, there’s no longer an excuse for mediocre and negligent data protection of remote-office and branch-office data. From technical advances in networking and security, backup applications with features like dedupe and cloud integration, to cloud backup MSPs and cloud backup gateways, IT managers now have an arsenal of options to judiciously and cost-effectively protect remote-office data. Even though tape is still alive in many places, the trend is clearly toward disk-based backups, centralization and adoption of the cloud as a viable backup media.
BIO: Jacob N. Gsoedl is a freelance writer and a corporate director for business systems.