Content Based Planning Methodology€¦ · will affect scheduling times, job priorities, and...
Transcript of Content Based Planning Methodology€¦ · will affect scheduling times, job priorities, and...
Chapter 16
Content Based Planning Methodology
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
322 - Content Based Planning Methodology
This chapter will focus on a content based design approach for business data that takes into account disaster
recovery, data availability, and data preservation strategies. This chapter will not only focus on Simpana software
strategies, it will focus on other methods to meet SLA‘s including hardware and appliance based solutions that
can integrate with Simpana software.
This chapter will focus on these main concepts:
Meeting SLA‘s for disaster recovery, data recovery, high availability, and data preservation.
Understanding and designing solutions for business system dependencies.
Addressing protection needs and current capabilities and performing Gap Analysis to improve SLA‘s or
adjust requirements.
Design strategies to provide comprehensive on-site, off-site and archiving protection.
Survey Environment
Some CommVault administrators make a fundamental mistake by building storage policies before they really
understand what they do and what their business requirements actually are. Fortunately, many policy
configurations can be modified, though changing configurations can come at a price. Before you begin building
storage policies a thorough survey of all business systems should be conducted. The best way to perform this
would be to meet with key business system owners to determine protection requirements and to conduct
inventories of your infrastructure. This in the real world rarely happens. Usually when CommVault engineers
arrive on-site, little information is available to configure policies. Taking these situations into consideration, this
chapter will not only work on building policies from scratch, but also modifying existing policies.
Another issue when assessing environments is the lack of cooperation from the other side of the wall. On the
business end, people are hesitant to make decisions, especially when it comes to data protection. Unfortunately,
the CommVault administrator becomes the scape goat when disaster strikes and data is lost. Getting people to
sign off on policies can be difficult, if not impossible. This situation is also taken into account and some methods
of dealing with these scenarios are provided.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 323
Detailed flow for survey phase illustrates the level of detail that can be documented
when performing in-depth analysis of the production environment. This level of detail
not only assists in designing a CommCell® environment but also is important when
considering an overall disaster recovery strategy.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
324 - Content Based Planning Methodology
Identify Business Systems
When designing data protection strategies it is important to assess entire business systems, not just servers. In
today‘s data centers it is very common for business systems to have many components including backend servers,
front end servers, storage resources, and network resources. All these components should be looked at as a whole
to properly define protection requirements.
Example: Viewing business systems from the owners view may be different from the
view that IT has. The following chart illustrates several business systems that have a
common backend database. Though the database server is a single system, each
business system may require separate protection requirements.
Business System Purpose Value Owners Backend Resources
Payroll Track employee
payroll
4 Finance MS-SQL
Sales Tracker Track all sales leads,
activity, and historical
sales data
3 Sales MS-SQL
HR database Maintain records on
all current and past
employees
2 Corp MS-SQL
Identify & Classify all Components of Business System
When surveying the business environment all the components that make up a business system should be
analyzed. Who owns the system, its value to the company, the cost of downtime, the cost of recreating data, cost
of data loss, servers it runs on, storage it uses, networks it relies on, etc… Each component should also be
classified as IT or business. Each classified component may require different protection and retention methods.
Business Classification
Data whose primary purpose is to directly support business functions is classified as Business Data Types. This
would be the actual data being managed for business purposes such as e-mail, financial databases, home folders,
or web content. If this data is lost, it could cost thousands or even millions to recreate if it can be recreated at all.
Although IT may manage the servers, the data owners are ultimately responsible for the business data. DBA‘s,
managers, Chief Officers, VP‘s all invest a lot of time and money to build or purchase business systems which
make their work more efficient and more profitable. The loss of the data on these systems could be catastrophic.
Rebuilding a database server is easier than recreating a lost database. Business systems may require different
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 325
protection requirements than the core IT data on that same system. Compliance requirements may also require the
data be kept for long time periods, encrypted, placed on WORM media, etc…
Business data can be an entire system or component of system (e.g. critical database running on a
database server or a sales tracking system in SharePoint).
Business data can be containerized into subclients. These will be used to determine different SLA‘s for
different business systems.
IT Classification
IT data classifications include operating systems, system databases, domain controllers, DNS servers, etc... This
data does not directly serve a business purpose but it is the foundation in which business systems run. The
primary purpose of protecting IT data is for Disaster recovery purposes. For example, a database server has a
system database, some configuration files, and an underlying operating system which all qualify as IT data. There
is also a financial database that runs on the server which is classified as business. This system may require
different protection and retention methods that will be defined by its owner.
IT systems that support business systems.
Dependencies required for business system to function.
o Domain controllers.
o Network configurations including: routers, switches, VPN, and SAN configurations.
o Front end and back end servers.
The following diagram shows the division of data on a database server into IT and
business classifications. The different data can be defined in separate subclients and
managed based on storage, retention and destruction policies.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
326 - Content Based Planning Methodology
Granular Classification of Business Data
Depending on protection and recovery requirements, business systems can be divided and categorized to meet
very specific requirements. An Email server would be classified as both IT and business. It must be protected for
disaster recovery purposes, which is primarily a function of IT. The ability to recover or preserve specific
mailboxes or data stores will be associated with business classifications. Using Simpana agents and subclients,
different data can be containerized and protected to meet both business and IT requirements. This will add a level
of administrative complexity but will allow the administrator to implement solutions to meet business
requirements.
Example: An Exchange server is being protected for business and IT. The database and
file system are protected to disaster recovery purposes. A Mailbox iDataAgent is used
for granular backup and recovery of Sales and Management mailboxes. Management
and Executives mailboxes are journaled and protected with the Compliance iDataAgent.
All journaled messages are also content indexed for eDiscovery purposes.
Data
Classification
Requirement
Protection Method
Exchange operating system
IT DR protection File System iDataAgent
Exchange database
IT DR protection Exchange Database iDataAgent
Sales & management mailboxes Business Provide fast
recovery for
deleted / lost
messages
Exchange Mailbox iDataAgent
All management and executives
Business Provide message
preservation and
discovery for
ALL messages
Exchange Compliance Archive
iDataAgent and Content Indexing
Understand Value & Protection Requirements
The value of a business system will determine protection requirements. Mission critical business systems will
have shorter Recovery Time Objective (RTO) and Recovery Point Objective (RPO) values. Financial and
communication data may have longer retention and data preservation requirements. Each business system should
be looked at granularly and protection requirements should be defined.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 327
The following chart illustrates protection requirements for an Exchange server. OS data
and Exchange databases are protected primarily for DR purposes and have an IT
classification. Managers and Executives mailboxes and journal mailboxes are protected
for business and compliance reasons. Each business component is defined separately
and assigned classification and priorities.
Server Data Protection Classification Data Type
Priority 1 -4
Data Center Location Server Location
DC_Exch1 File System IT Windows 3 Main Center / Corp Physical Exch_1
DC_Exch1 Database IT Exchange DB store 2
Main center / corp Physical Exch_1
DC_Exch1
Sales and Managers mailboxes Business
Exchange mailboxes 4
Main center / corp Physical Exch_1
DC_Exch1
Manager and executives Journal Business
Exchange Journal MB 4
Main center / Corp physical Exch_1
Determine Service Level Agreements
Service level agreements are used to establish protection and recovery windows and acceptable amount of data
loss within those windows.
Recovery Time Objectives
Recovery Point Objectives
Retention Requirements
o On and off site disaster recovery
o Data recovery
o Data preservation and compliance copies
Prioritize Data Type
Set priorities for different data types to establish its value to the company. For data protection the priority levels
will affect scheduling times, job priorities, and performance tuning to provide higher priority jobs with adequate
resources. For recovery, a high priority data type can ensure certain business systems become available before
others. An example would be dividing E-Mail databases into different subclients. Group higher priority mailboxes
into smaller databases on the mail server and lower priority mailboxes into other databases. Consider a mail
server recovery time if the total size of all databases was 600GB with mailboxes thrown into different databases
with no rhyme or reason. Now consider that same server with the highest priority mailboxes in a small dedicated
database about 60GB in size. The high priority database can be recovered first and the lower priority databases
recovered later.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
328 - Content Based Planning Methodology
Protection Windows
Operation windows will be different for different data types and different servers. Using CommVault software
different parts of a server can be backed up at different times. Some data types such as databases may require
short protection windows if the database has to be placed in an offline state in order to back it up. Knowing
protection windows can also assist in determining the best methods for protecting data such as using snapshots
instead of traditional backup.
Recovery Objectives
Recovery objectives are based on time to recover (RTO) and acceptable amount of data loss (RPO). These
numbers determine the Service Level Agreements (SLA) for business systems and data. Recovery Time
Objectives determine the length of time a business system can be down. This can also include Mean Time to
Repair (MTR) and Maximum Tolerable Downtime (MTD). Recovery objectives should be based on business
systems and not servers.
Recovery Point Objective determines the acceptable amount of data loss. The more frequent protection operations
are run, the shorter the RPO will be. Each protection point; through traditional backup, log backup, or snapshot
creates recovery points. Understanding the business data, the value of the data to the company, the cost associated
with recreating it, or the cost to the company if the data cannot be recreated should factor in to the RPO value.
More valuable data can be protected on more regular intervals and less valuable data protected on longer
intervals. For the most valuable data protection options such as log shipping, snapshots or replication can be
implemented to further reduce the RPO.
The last person who should determine protection requirements and methods should be the backup administrator.
Owners of the data should be consulted to gather as much information about the data so appropriate protection
strategies can be designed and implemented. Meet with all key personnel to determine requirements for protecting
the data. This may include system administrators, managers, DBA‘s, and auditors. Address SLA requirements
and assess current protection methods. Analyze requirements and capabilities and determine whether protection
methods must be altered or SLAs must be readdressed. This will ultimately come down to cost. The Risk
Assessment chapter will focus on this concept in more detail.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 329
Sample table showing an Exchange server with different IT and business components.
Each component has and RTO and RPO associated with it along with the current
protection methods.
Server Data Recovery Time Objective
Recovery Point Objective
Online / Offline Protection to Meet Objectives
DC_Exch1 File System 8 hours 24 hours Weekly Full Daily Inc
DC_Exch1 Sales Mail Database 8 hours 24 hours Nightly full backups
DC_Exch1 Users Mail Database 24 hours 24 hours Nightly full backups
DC_Exch1 Managers + mailboxes
2 hours (2 month) 24 hrs after 24 hours
Nightly mailbox backups to disk target for recovery requests
DC_Exch1 Manager + Journal
1 hour (6 month) 24 hrs after 24 hours nightly compliance backup
Identify Retention Objectives for Each Data Type
Retention objectives should be based on the three primary reasons for protecting data: Disaster Recovery,
Compliance, and Data Recovery. Disaster recovery retention requirements are best to be handled by IT and
should be based on how many complete sets or cycles should be kept. Compliance copies are usually point in
time copies such as month end or quarter end and the retention should be based on how long the data needs to be
kept for. Data Recovery may include all protected data within a time period (full and incremental) and the
retention should be based on how far back in time data can be recovered.
Retention times can be customized for different business data types. For example, on an Exchange server there is
a data recovery requirement for regular users to recover a deleted message for 60 days, but for sales people the
requirement may be one year. By creating these different business data types, different retentions can be set to
meet business requirements.
The table on the following page illustrates different business and IT requirements for
protecting data in primary, near line, and offline (off-site) retention requirements.
These values make up retention requirements for DR, data recovery, and data
preservation/compliance copies.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
330 - Content Based Planning Methodology
Data Destruction Policies
Once data exceeds its useful lifecycle, destruction of that data may be required. This is one of the most
overlooked aspects of data protection. Proper data destruction policies are essential for meeting company and
government compliance requirements. Several Simpana features can be used to assist in meeting data destruction
requirements:
Mark media to be erased can be used to mark a tape to be erased after all jobs exceed retention on the
tape. Erase media jobs must be scheduled for each tape library where data should be destroyed once it
exceeds its useful lifecycle.
Disable Managed Disk Space. For disk libraries, managed disk space is used to maintain data in storage
beyond its retention requirements. Disable this option in the Retention tab of the storage policy copy if
you do not want to use this feature. Note that this option is enabled by default.
Erase Data is a licensed feature which allows the granular logical deletion of data within a job. This
option is enabled in the General tab of the storage policy properties. Note that this option is enabled by
default and any media written to an erase data enabled policy cannot be recovered with Media Explorer,
the Catalog option, or Restore by Job.
VaultTracker policies and reports. These reports are critical when tapes are being stored off-site.
Before the data can be destroyed the tapes must be recalled. Using Due Back VaultTracker policies you
can run reports on tapes that have exceeded retention and must be destroyed.
Server Data Protection Method
Primary Target
Primary Retention
Near Line Target
Near Line Retention
Off Site Target
Off Line Retention
Archive Target
Off Line Retention
DC_Exch1 File System
File System iDA
Dedupe Disk_1 14 days N/A N/A
LTO 4 tape 14 days N/A N/A
DC_Exch1 Exchange Database
Exch DB Agent
Dedupe Disk_1 14 days N/A N/A
LTO 4 tape 1 month N/A N/A
DC_Exch1
Managers and sales mailboxes
Exch mailbox Agent
Dedupe Disk_1
2 months
LTO 4 Tape 1 years N/A N/A N/A N/A
DC_Exch1
Manager and executives Journal
Exchange Compliance Archive
Dedupe Disk_1
6 months
LTO 4 Tape 2 Years N/A N/A
LTO 4 Tape
EOQ 5 Years
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 331
Addressing Unrealistic Requirements
What do you think most people would consider the most important business system? In most cases it‘s one of two
things, their system or Email. Regarding Email, it is a communication method and should be high on a priority list
for recovery. Of course recovering a communication method versus recovering users Email are two different
things. This is an example of business and IT systems. If the sales department wants their Email accessible within
one hour of disaster, well that might be improbable, but resuming communication on the other hand can be done
in a short time period. When an owner of a critical business system proposes unrealistic requirements, it‘s
important to understand that in most cases they do not understand the capabilities and limitations of technology.
Providing details on capabilities for protection beforehand can not only help to avoid unrealistic expectations but
also assist the business system owners in better understanding what it is you can do for them. Again, they don‘t
know the technology so acting as a liaison between business and IT to narrow the gap can be mutually beneficial.
Another method to alter unrealistic requirements is to propose solutions and related company costs. This could
quickly change minds when they fully understand what it would take to accommodate their requirements. Always
consider that maybe their requirements are realistic. If a financial system loses 15 minutes worth of data and the
cost to the company would be estimated at five million dollars, then the benefit in a larger investment could be
well worth it.
Using Default Policies
Another approach to determining business system requirements is to present it in a multiple choice
manner. Don‘t ask them what they want, show them what they can have. Policies can be
predetermined by IT and upper management. Once agreed to, business owners can be presented
with the options. I have seen this becoming more common recently and it makes the decision
making process much easier.
The benefit of this is to align everyone into a more simple structure. The power behind this is that
if custom requirements are needed, policies can be modified by adding secondary copies or
creating new policies for the custom requirements.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
332 - Content Based Planning Methodology
Gather Technical Data
Physical location of each component of the system.
Server location within physical or virtual environment.
Current data size and projected growth.
Once the data has been classified, technical information must be gathered. Technical statistics in a well-organized
and documented environment can be gathered through reports, documentation, and system analysis.
Location of Data
The location of data relative to storage can greatly affect the performance of data protection operations. Is the
data direct attached, network attached, SAN attached? Is the data on a physical or virtual server, local or remote
location, local subnet, remote, accessed over a VPN? All of these questions can affect the solution to protect the
data. Snapshots might be better than traditional backups; replication may be better than relying on someone at a
remote location to swap tapes, or locating a media agent in closer proximity to the data to avoid too many router
hops can be critical decisions in providing adequate protection for data.
Size, Change and Growth of Data
Understanding current and future storage capacity needs is essential in determining where data should go, how
long it can stay there for, and whether or not additional investment in storage is required. Predicting and trending
growth expectations can be accomplished through historical reporting and analysis tools. Estimating growth
requirements can allow you to anticipate storage requirements which may alter your purchase decisions for more
hardware or persuade decision makers to go with more efficient storage methods such as deduplication. Not
planning for future requirements can result in adjusting protection requirements to fit capacity needs. That change
in policy could have negative effects on you and your company later on down the road.
System & Business Dependencies
This may be one of the most overlooked aspects of providing adequate protection for data. The simplest example
would be protecting an Exchange server but not protecting your Domain Controller. The thought might be ―We
have so many domain controllers, we don‘t need to protect them‖. Then active directory becomes corrupt or a full
site disaster destroys all of your DC‘s. Your dependency required to rebuild your Exchange server is now
unavailable. Granted this is an extreme example but it should be noted that dependencies and the time it takes to
rebuild them will have an effect on your recovery objectives. All system dependencies should be considered for
all business systems.
Business dependencies can also be important. Consider the CFO who is the only person who knows a critical
password which will be required before a system can be rebuilt. Consider a Web provider who must perform
actions on their end so remote users can access a database on your end. The point is, when it comes to system
dependencies you should leave no stone unturned. Figure out every dependency within your environment for each
system.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 333
Production & Storage Infrastructure
Where production data is located and its proximity to protected storage will play a large role in designing storage
policies. The following section addresses the three key aspects of infrastructure:
Production data location.
Library configuration and placement.
Data paths from production to storage.
Production Data Location
The location of production data should be taken into consideration when planning Media Agent placement and
storage policy design. Large amounts of data being transmitted over a production network can not only slow
down backup performance but also inconvenience end users (not to mention frustrate network administrators).
Take the following into consideration for addressing the location of production data:
Direct attached data will require movement over the network when backing up data. If possible
consider multi-homing the server and connecting it to a dedicated backup network.
SAN attached data can be protected using a LAN Free path if a Media Agent is installed directly on the
Client. Consider using this approach when large amounts of data require protection.
Network attached storage can be backed up over the network or directly into a SAN if the NAS device
is capable of SAN integration. The Simpana software supports either method.
Remote data can either be backed up over a WAN or a Media Agent can be installed at the remote
location. Using Simpana deduplication with client side deduplication would be the best method for
protecting data over the WAN using minimal bandwidth. If a Media Agent is at the remote location,
using Simpana deduplication and DASH Copy will allow data to be Auxiliary copied over the WAN
using minimal bandwidth.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
334 - Content Based Planning Methodology
Diagram illustrating production data location.
Library configuration and placement
The location of libraries and their proximity to production data and Media Agents should be considered when
designing a CommCell environment. Consider the following implementation methods and caveats:
Direct attached library is the easiest to configure but it creates a single point of failure if the Media
Agent goes offline. Ensure there are adequate Media Agent resources when using this method.
SAN attached library is useful when backing up data over LAN Free paths or when consolidating large
amounts of data into a central library location. For disk libraries using Simpana Deduplication, it is
strongly NOT recommended to use multiple Media Agents in a Round Robin configuration as restore
performance can suffer significantly. For tape libraries, using multiple Media Agents writing to a
Dynamic Drive Sharing (DDS) library is ideal for providing scalability and fault tolerance for backups
and restores.
Network attached library is best used in environments where dedicated backup networks are used for
data protection operations. Avoid moving large amounts of data over production networks. Network
storage with dedicated backup networks and multiple Media Agents is the preferred method for
protecting data when using Simpana deduplication. This will provide scalability, high availability and
adequate restore performance.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 335
The following diagram shows LAN and LAN-Free clients and various Media Agent and
library physical architecture. Libraries can be direct, SAN or NAS.
Data Paths
LAN based paths will be used when backing up clients with no Media Agents installed. There is a
general rule that all data must be moved through Media Agents when writing to protected storage. The
exception to that rule is direct NDMP dumps of NAS filers that are SAN attached.
LAN Free (SAN) paths can be used with Client / Media Agents to avoid using the production network
for data protection jobs. This is useful when protecting large amounts of data especially to SAN attached
tape libraries.
NDMP libraries can use either LAN based or LAN Free paths. LAN based paths use CIFS or NFS
shares to protect data over the network through a Media Agent and into protected storage. If the NAS
filer is attached to a SAN with a tape library, direct NDMP dumps can be executed and managed by the
Simpana software to provide a LAN Free path. This method does not require the data to be moved
through a Media Agent.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
336 - Content Based Planning Methodology
GridStor™ Technology can be used to allow multiple data paths to be used in a Round Robin or
failover pattern. Round Robin is best used with SAN attached tape libraries or NAS attached disk
libraries. Failover can be used when a preferred Media Agent and/or library path should be used but
other paths can be used in case of inaccessible primary paths. Careful consideration should be taken into
account when using Simpana deduplication.
The following diagram illustrates the data path options available when using GridStor
technology for LAN based and LAN-Free paths.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 337
Simpana Specific Considerations
There are also some Simpana specific considerations regarding the number of storage policies that may be
required. The following highlights these situations.
Incremental Storage Policy
An Incremental Storage Policy links two policies together. The main policy will manage all Full backup jobs. The
incremental policy will manage all dependent jobs (incremental, differential or logs). This is useful when the
primary target for full backups needs to be different than dependent jobs. Traditionally this has been used with
database backups where the full backup would go to tape and log backups would go to disk. A more recent
adoption of this feature is for writing full database jobs to deduplicated disk and log jobs to non-deduplicated
disk. In either case when logs are protected multiple times per day, to shrink RPOs, replaying the logs from non-
deduplicated disk can be faster than tape or deduplicated disk.
Microsoft SQL Log Storage Policy
MS-SQL subclients have a unique configuration where Full and Differential backups can be directed to one
storage policy and Log backups can be directed to a second policy. This is the same concept as Incremental
Storage Policies except that instead of linking the policies together, the two policies are defined in the Storage
Device tab of the SQL subclient.
Legal Hold Policy
When using the Simpana Content Indexing and compliance search feature, auditors can perform content searches
on end user data. The search results can be incorporated into a legal hold. By designating a storage policy as a
Legal Hold policy, the auditor will have the ability to associate selected items required for legal hold with
designated legal hold policies. It is recommended to use dedicated legal hold policies when using this feature.
Legal Hold Storage Policies can also be used with Content Director for records management policies. This allows
content searches to be scheduled and results of the searches can be automatically copied into a designated Legal
Hold Policy.
Erase Data
Erase data is a powerful tool that allows end users or Simpana administrators to granularly mark objects within a
job as unrecoverable. For object level archiving such as files and Email messages, if an end user deletes a stub,
the corresponding object in CommVault protected storage can be marked as unrecoverable. Administrators can
also browse or search for data through the CommCell Console and mark the data as unrecoverable.
It is technically not possible to erase specific data from within a job. The way erase data works is by logically
marking the data unrecoverable. If a browse or find operation is conducted the data will not appear. In order for
this feature to be effective, any media managed by a storage policy with Erase Data enabled will not be able to be
recovered through Media Explorer, Restore by Job, or Cataloged.
It is important to note that enabling or disabling this feature cannot be applied retroactively to media already
written to. If this option is enabled then all scratch media written by the policy from the point erase data is
enabled cannot be recovered other than through the CommCell Console. If it is disabled then all scratch media
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
338 - Content Based Planning Methodology
written by the policy from the point it is disabled can be recovered through Media Explorer, Restore by Job, or
Cataloged.
If this feature is going to be used it is recommended to use dedicated storage policies for all data that may require
the Erase Data option to be applied. For data that is known to not require this option disable this feature. Note:
This option is enabled by default on all new storage policies created as of Simpana v9 sp3.
Group Security
If specific groups need rights to a specific storage policy to manage it than it is recommended that different
policies be created for each group. This is a very effective separation of power method in larger departmentalized
organizations. Each department group can be granted management capabilities to their own storage policies.
Media Password
The Media Password is used when recovering data through Media Explorer or by Cataloging media. When using
hardware encryption or the Simpana software copy based encryption with the Direct Media Access option set to
Via Media Password, a media password is essential. By default the password is set for the entire CommCell
environment in the System applet in Control Panel. Storage policy level media passwords can be set which will
override the CommCell password settings. For higher level of security or if a department requires specific
passwords, use the Policy level password setting which is configured in the Advanced tab of the Storage Policy
Properties.
Using Encryption with a Deduplication Policy
If Client side encryption is going to be used with deduplicated data, separate storage policies must be used to
separate encrypted and non-encrypted data. The ability to encrypt deduplicated data is a powerful tool which is
unique to Simpana software. This is because the encryption will take place after the block has been hashed and
compared. Using encryption for deduplicated data is especially useful when backing up deduplicated data to
Cloud storage.
Content Indexing
Simpana Content Indexing can be used to proactively or retroactively index the contents protected data. A storage
policy can manage data either requiring or not requiring indexing. Consideration in this case should be placed on
subclient design. Data that does require indexing should be defined in separate subclients from data not requiring
indexing. The subclients requiring indexing can be selected in the Content Indexing tab of the storage policy
properties.
Filters
Filters can be applied through the Global Filter applet in Control Panel or locally at the subclient level. If specific
folder locations require special filters, a dedicated subclient should be used. Define the subclient content to the
location where the filters will be applied and configure local filters for that subclient. The option to use Global
Filters can still be used allowing the global and local filters to be combined.
If global filters are being used but specific subclient data should not have certain filters applied define the content
in a separate subclient. Global filters can still be enabled for the subclient but the exclusions list can be used to
override the global filter settings.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 339
Open File Handling
Open file Handling using Microsoft VSS or CommVault QSnap can be used to ensure open files are protected.
VSS is an available option for Windows 2003 or higher agents. Non Windows agents can use CommVault QSnap
to ensure open files are protected.
Pre/Post Scripts
Pre/Post Process scripts can be used to quiesce applications prior to protection. This is very useful when
protecting proprietary database systems or for quiescing databases within virtual machines prior to using the
Simpana Virtual Server Agent for snapping and backing up the VM.
Assess Current Protection Strategies
Whether you are deploying the Simpana software for the first time or you are modifying or redesigning your
CommCell environment, a methodical approach can be used to better ensure a successful implementation to meet
current and future needs. This section will focus on assessing current protection methods that can be used to assist
in improving new deployments or existing CommCell infrastructures.
Identify Current Protection Methods
What are the current methods for protecting data? These methods can have a significant effect on protection and
recovery windows as well as retention and media management requirements.
The following table shows different data types and the current protection methods.
Data
Protection Method
Frequency
File Server Traditional backup Weekly full / daily incremental
SQL Server SQL database dumps Nightly
Exchange Exchange DB agent Nightly full
NAS Filer Traditional backup through file
share
Weekly full / daily incremental
Virtual machines (low priority) File system agents in VM Weekly full / daily incremental
Virtual machines (high priority) File system agents in VM Weekly full / daily incremental
Virtual machines (running applications) Application quiescing and file
system agents in VM
Weekly full / daily incremental
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
340 - Content Based Planning Methodology
Retention and Destruction Strategies
Retention policies should be determined for all data within an environment. Depending on specific business and
compliance requirements data destruction policies should be determined as well.
The following table shows the different data types and retention and destruction
policies.
Data
On-Site Retention
Policies
Off-Site Retention
Policies
Destruction Policies
File Server 30 days 60 days None
SQL Server 7 days None 60 days
Exchange 14 days 60 days 60 days
NAS Filer 30 days 60 days None
Virtual machines (low
priority)
14 days 60 days None
Virtual machines (high
priority)
30 days 60 days None
Virtual machines (running
applications)
7 days 60 days 60 days
Protection Windows
Protection windows may be different for weekdays and weekends. This information should also be documented
as it will be used when performing gap analysis to determine if changes need to be made to meet current and
future projected operation windows.
The following chart illustrates weekday and weekend operation windows.
Data
Weekdays
Weekends
File Server 8 hours 48 hours
SQL Server 1 hour 1 hour
Exchange 8 hours 48 hours
NAS Filer 8 hours 48 hours
Virtual machines (low priority) 8 hours 48 hours
Virtual machines (high priority) 8 hours 48 hours
Virtual machines (running applications) 1 hour 1 hour
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 341
Recovery Objectives
Recovery objective should be defined for data and also assigned a priority level for recovery. Recovery Time
Objectives (RTO) determine how long before a business system must be brought back online. Recovery Point
Objectives (RPO) determine the acceptable amount of data loss that can be sustained.
The following table shows RTO and RPO requirements for different data. Note that
objectives are not defined for some data. It must be determined if objectives need to be
defined or if the data is not critical to the continuation of business operations.
Data
Recovery Time Objective
Recovery Point Objective
File Server None defined 24 hours
SQL Server 1 hour 1 hour
Exchange 4 hours 24 hours
NAS Filer None defined 24 hours
Virtual machines (low priority) None defined None defined
Virtual machines (high priority) 4 hours 24 hours
Virtual machines (running applications) 1 hour 1 hour
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
342 - Content Based Planning Methodology
Perform Gap Analysis
Gap Analysis is the concept of analyzing required protection goals against actual results. This requires careful
planning and analysis of results over time. It basically comes down to a simple yes or no whether goals are being
met. If goals are not being met then either environmental changes must be made or requirements must be
modified.
The following table represents a Gap analysis audit based on previous tables from this
section. This analysis will be expanded in the next section where various solutions will
be discussed to shrink the gap.
Data
On Site
Retention
Policies
Off Site
Retention
Policies
Destruction
Policies
Weekday
Window
Weekend
Window
RTO
RPO
File Server YES YES N/A YES YES Not tested YES
SQL Server YES YES NO YES YES NO NO
Exchange YES YES NO YES YES NO YES
NAS Filer NO NO N/A NO NO NO NO
Virtual
machines
(low
priority)
YES YES N/A NO YES Not tested YES
Virtual
machines
(high
priority)
YES YES N/A NO YES Not tested YES
Virtual
machines
(running
applications)
YES YES NO NO NO NO NO
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
Content Based Planning Methodology - 343
Modify Protection Methods or Requirements
In some cases, modifying Simpana configurations can solve problems if requirements are not being met. In other
instances adding Simpana features can help achieve goals. Simpana configurations and features can only protect
the data as fast as the environment will let it and only store the data as long as storage capacity is available. The
following table shows various Simpana solutions to assist in meeting protection goals.
The following table proposes specific solutions to overcome or shrink the gaps between
required protection goals and actual results. This chart also illustrates additional
Simpana features that can be implemented in a CommCell environment.
Data
On Site
Retention
Policies
Off Site
Retention
Policies
Destruction Policies
Weekday
Window
Weekend
Window
RTO
RPO
File Server Test and
readdress
RTO needs
SQL Server Use VaultTracker
policies to recall and
destroy data on tapes
Use SQL database agent to multi-
stream backup/restore.
Schedule log backups hourly
Exchange Use VaultTracker
policies to recall and
destroy data on tapes
Divide and
prioritize
database
recovery
NAS Filer Policies are not being met
because protection
windows are not being
met.
Use SnapProtect if
hardware supports it.
Use NDMP dump to tape
(if attached to SAN).
Use Image level backup
Adjusting protection methods should
improve RTO and RPO. Retest after
changing methods.
Virtual
machines
(low priority)
Use VSA
agent
Test and
readdress
RTO needs
Virtual
machines
(high
priority)
Use VSA
agent
Test and
readdress
RTO needs
Virtual
machines
(running
applications)
Use VaultTracker
policies to recall and
destroy data on tapes
Use SnapProtect and
VSA if hardware
supports.
Alternately, use
application agents in VM
VSA/SnapP
rotect
provides
faster
restore /
revert snaps
With VSA/SnapProtect
snap every hour.
Alternately use agents
in machine performing
log/incremental
backups hourly.
The chapter Risk Assessment will take a more detailed look at addressing and assessing technologies and Simpana
features to assist in meeting protection requirements. It will address various technologies outside of CommVault
and their cost-value-risk trade-off. It will also go into technical details on Simpana configuration options and the
value-risk assessment for using each option.
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838
CommVault Concepts & Design Strategies: https://www.createspace.com/3726838