Proposal Guidelines Archives Information Security Glossary Catalog InfoSecurityNetBASE Auerbach Publications Information Systems Security
Auerbach Publications

An Overview of Continuous Data Protection

Pat Hanavan

IT organizations have been caught between a rock and a hard place. Charged with protecting their company’s information, IT organizations have established aggressive service level agreements (SLAs) that impact the manner in which they implement data protection by setting recovery point objectives (RPO) and recovery time objectives (RTO).

Organizations struggle with shrinking or non-existent backup windows, the need to recover quickly, often to a specific point in time, and even meeting compliance or regulatory guidelines. Backing up to tape is no longer adequate; not only is it difficult to administer for backups and recoveries, but it lacks the speed, reliability, flexibility and simplicity IT needs to meet stringent SLAs. Backing up to disk using virtual tape emulation or virtual tape libraries also falls short as the administration of the solution is tape-centric and schedule driven. Add in the explosion of data, along with the challenge of protecting remote offices, and you have the challenge facing many of today’s business – with IT sitting on the front lines of aligning business needs with today’s technology.

As a result, a growing number of IT organizations are augmenting their traditional backup and recovery strategies with continuous data protection (CDP) solutions. CDP dramatically improves RPOs and RTOs while eliminating backup windows. What’s more, CDP not only reduces the need for tape in the backup and recovery process but it also makes recovery easy enough that users can often recover their own files, without help from IT.

What is Continuous Data Protection?

Continuous Data Protection (CDP) is a process that lets organizations continuously capture or track data modifications and stores changes independent of the primary data, enabling recovery from specific points in the past. CDP systems may be block, file-, or application-based and can provide fine granularities of restorable objects to infinitely variable points in time.

CDP reduces the complexity of the data protection system and eliminates the classic challenge of the backup window because it eliminates the need for full, incremental, or differential backups by protecting data immediately and then continuously backing it up to disk. CDP is not a complete replacement for traditional backup but rather an important component of a well-rounded backup and recovery strategy.

Can CDP be leveraged for backing up and recovering email?

As the predominant form of communication for business transactions, email is an application that is mission-critical to organizations of all sizes. It generates a huge amount of information that must be immediately available and protected. The loss of a single message may generate hours of unnecessary and frustrating labor for administrators and/or users and can lower productivity or affect business operations. And with the introduction of Exchange 2007, organizations need protective solutions that can support the latest offering from Microsoft.

Not surprisingly, the amount of email data requiring protection and availability is growing exponentially. IT, in turn, is faced with the challenge of backing up this critical data within the existing backup window and recovering it quickly. Moreover, they must not only be able to back up and recover whole email databases but they also require a system which enables recovery of individual mailboxes or emails. However, if administrators want to back up email databases for complete disaster recovery purposes and be able to recover individual email, folders, or mailboxes, they typically have had to do separate backups.

New granular recovery technologies have emerged that enable mail messages, mailboxes, and folders to be restored individually without having to restore an entire email database, and without separate and redundant mailbox backups. In an Exchange environment, for example, only a single-pass full or incremental backup of Exchange is required, which dramatically decreases the time required to protect all mailboxes while also reducing the backup storage requirement.

CDP significantly streamlines backup and recovery of email by completely eliminating the need to perform scheduled daily email backups, and speeding recovery, thereby delivering email continuity for businesses.

How does CDP enable end users to recover their own data?

Because CDP is a disk-based protection and recovery solution, it is possible to enable end users to retrieve their own data. Some CDP solutions provide this type of functionality; some utilizing a simple Web interface that requires no training and enables end users to retrieve previous versions of files without contacting IT. Empowering end users to retrieve their own data frees up IT to focus on other business-critical needs of the organization.

With these self-service recovery solutions, retrieving lost, corrupted, or overwritten data is as easy as searching for and downloading a file from the Internet. There is no backup tape to locate or load and no additional information to restore to find the correct file. Best of all, these solutions do not require the installation of client software or agents on individual desktops laptops, and a familiar web paradigm requires no additional training. Users need only a standard Web browser, making data retrieval easier than ever.

Does CDP help protect against data loss or corruption resulting from security threats?

CDP offers inherent security against threats by protecting data from the impact of destructive attacks from viruses, worms, Trojan horses and the like. By continuously backing up data, CDP enables organizations to retrieve the last “clean” version of data that was stored before the attack. Being able to “dial back” to just before a loss is a huge win for today’s businesses and IT.

What role does traditional tape backup play in data protection today?

For decades, tape has proven to be an effective means for data protection and recovery. Tape is an inexpensive medium for storing data, and its portable format can easily be moved offsite. IT administrators are also familiar with tape and tape backup procedures, making it a relatively simple task to perform—although only trained administrators can recover data from tape.

Tape based backup systems also lacks the flexibility and simplicity that many organizations need today in a data protection solution. Speed of recovery, most especially for individual files or emails, is also an issue with tape solutions. Proper tape media management and rotation, combined with the need to monitor and manage the health of the tape hardware are complex systems which require IT knowledgeable personnel.

Today, more and more organizations are moving to a disk-to-disk-to-tape strategy. They are leveraging the inherent speeds and reliability of disk-based backup – including continuous protection- and then migrating backed up data to tape for secondary data protection and longer term data protection or offsite storage.

Utilizing both disk-based and tape-based data protection systems and methods in the right manner will bring the greatest protection for businesses, and will help IT align its strategies to best meet business needs.


About the Author
Pat Hanavan is the Vice President of Product Management of Symantec’s Data and Systems Management Group. Hanavan’s product management team is responsible for overall product direction, strategies and business performance for the following product lines: Backup Exec, Backup Exec System Recovery, pcAnywhere and Ghost Solutions Suite. These products are the industry leaders in their respective categories, and they are regularly awarded by users and publications for their innovations, ease of use and performance. Prior to his product management responsibilities, Pat was responsible for the Backup Exec engineering team for many years and was a major contributor to driving technology innovations in collaboration with key partners. The technology innovations within VERITAS’ products were in the areas of SAN based backup solutions, disk based data protection methods, open file protection and alternate backup methods. Hanavan was also a founding member and active contributor to the company’s Patent Filter Committee, and is a Symantec inventor as well.

© Copyright 2007 Symantec. Used by permission.