Module 9

Planning a Disaster Recovery Solution

Module Overview

• Planning for Disaster Mitigation

• Planning Exchange Server Backup

• Planning Exchange Server Recovery

Lesson 1: Planning for Disaster Mitigation

• Identifying Data Loss Scenarios

• Data Loss Mitigation Features

• Designing a Disaster Mitigation Strategy

• What Is the Relationship Between Disaster Recovery and High Availability?

• Designing a High Availability Solution for Disaster Mitigation

• Backup-Less Exchange Server

• What Are the Timelines for Disaster Recovery?

• Scenarios Requiring Backup and Restore

Identifying Data Loss Scenarios

Data loss scenarios

• Lost item

• Lost mailbox

• Lost database

• Lost server

Data Loss Mitigation Features

• Deleted item recovery

• Deleted mailbox retention

• DAGs

• Shadow redundancy

Mitigating data loss avoids the need to recover from backupMitigating data loss avoids the need to recover from backup

Designing a Disaster Mitigation Strategy

Considerations include:

Increasing Deleted Item Retention increases database size

Increasing Deleted Mailbox Retention increases database size

DAGs prevent service outages due to lost databases and lost servers

Replay lag time may prevent data corruption on a passive copy in a DAG

What Is the Relationship Between Disaster Recovery and High Availability

• High availability keeps the system up and running when a failure occurs

• Disaster recovery is required when high availability fails

Designing a High Availability Solution for Disaster Mitigation

For Mailbox servers:

• Use DAGs for mailbox databases

• Replicate public folder database contents

For non-Mailbox servers, include:

• Multiple Hub Transport servers

• A Client Access array

• Multiple Edge Transport servers

Backup-Less Exchange Server

For the DAG configuration:

• Use three or more database copies

• Locate one database copy in a remote site

• Create a lagged database copy

• Enable circular logging

Enable single-item recoveryEnable single-item recovery

Backup-less Exchange Server reduces costs due to:

• Simplified management

• No backup software or hardware

• No RAID

What Are the Timelines for Disaster Recovery?

Recovery Time Objective:

• How quickly is the disaster recovery performed?

Recovery Point Objective:

• From what point in time is the disaster recovery performed?

Scenarios Requiring Backup and Restore

Scenarios:

• Recover a message when single-item recovery not enabled

• Recover a mailbox after the mailbox retention period has passed

• Recover a public folder item after the item retention period has passed

• Recover from a failed database when a DAG is not in use

• Recover from a failed server when a DAG is not in use

Lesson 2: Planning Exchange Server Backup

• Identifying Backup Requirements for Mailbox Servers

• Identifying Backup Requirements for Non-Mailbox Servers

• Choosing an Exchange Server Backup Solution

• Designing an Exchange Server Backup Schedule

• Designing an Exchange Server Backup Management Solution

• What Is System Center Data Protection Manager?

Identifying Backup Requirements for Mailbox Servers

You should back up:

• Mailbox databases

• Public folder databases

• Transaction logs

Configuration data is stored in AD DSConfiguration data is stored in AD DS

Identifying Backup Requirements for Non-Mailbox Servers

Generally, non-Mailbox server backups are required only to restore additional configuration options set after installation

Generally, non-Mailbox server backups are required only to restore additional configuration options set after installation

Server role You should back up

Client Access• Customized configuration and Web pages

• SSL certificate

Hub Transport Message transport logs

Edge Transport All server configurations

Unified Messaging Custom audio files

Choosing an Exchange Server Backup Solution

Only VSS backups are supported for Exchange Server 2010Only VSS backups are supported for Exchange Server 2010

Consider replication as part of the backup solutionConsider replication as part of the backup solution

Media Description

Tape Is physically easy to transport and very durable

Disk Increases backup performance

SAN-based Allows you to take backup traffic off the main network and keep it on the SAN

VSS backup to disk is effectively incrementalVSS backup to disk is effectively incremental

Designing an Exchange Server Backup Schedule

To design a backup schedule, you need to know:

• How frequently must Exchange servers be backed up?

• How does this vary based on server role?

• What is the backup window?

• How does the backup schedule impact recovery?

Designing an Exchange Server Backup Management Solution

• Assign a team or administrator to take primary responsibility for managing backups

• Monitor backups on a daily basis, and address backup failures immediately

• Transport backup media offsite regularly

• Rotate tapes based on your organization’s data storage requirements

• Perform test restores occasionally

What Is System Center Data Protection Manager?

A backup solution from Microsoft

• To back up Windows servers

• Can back up application servers

• Enterprise license is required for Exchange Server backup

The backup process

1. DPM triggers snapshot

2. VSS writer communicates with Exchange

3. Exchange creates consistent databases

4. VSS snapshot is taken

5. Transaction logs are truncated

6. Snapshot copied to disk

Lesson 3: Planning Exchange Server Recovery

• Options to Recover Exchange Server Functionality

• Options to Recover Mailbox Data and Databases

• Planning the Recovery of Mailbox Servers

• Planning the Recovery of Non-Mailbox Servers

• Planning the Recovery of Edge Transport Servers

• Creating a Disaster Recovery Plan

• Maintaining a Disaster Recovery Plan

Options to Recover Exchange Server Functionality

Restore the lost server

• Build a new server

• Restore system state (optional)

• Install Exchange Server with recovery mode

• Restore any necessary data

Replace the lost roles

• Build a new server with equivalent functionality

• Add roles to an existing Exchange Server

Options to Recover Mailbox Data and Databases

Option Description

Database restore Replaces an existing database

Recovery database Restores database to an alternate location for data recovery

Database portability Restores database without having to recover a specific server

Dial-tone recovery Restores server functionality rapidly before historical mailbox contents are restored

DAG recovery Mounts a database copy on a different Exchange Server computer

When a physical server fails, you have several options for recovery When a physical server fails, you have several options for recovery

Planning the Recovery of Mailbox Servers

Considerations:

• Use DAG to avoid the need to recover

• Separate transaction logs and databases

• Use a dial-tone database to speed up recovery

• Allocate disk space for a recovery database

Planning the Recovery of Non-Mailbox Servers

The basic functions of non-Mailbox servers can be recovered without backing up existing servers

The basic functions of non-Mailbox servers can be recovered without backing up existing servers

• Adding the server role to an existing Exchange server in the same site

• Deploying a new server with the same server role

Replace a failed non-Mailbox server by:

Deploying a new server can result in some applications requiring reconfiguration Deploying a new server can result in some applications requiring reconfiguration

Configuration information for Edge Transport servers is stored in AD LDS

Configuration information for Edge Transport servers is stored in AD LDS

To recover:

• Use a cloned configuration

• Back up configuration by using the ExportEdgeConfig.ps1 script

• Import configuration on the new server by using the ImportEdgeConfig.ps1 script

• Reestablish EdgeSync

Planning the Recovery of Edge Transport Servers

A Disaster Recovery Plan is a plan for restoring functionality when an event happens that causes IT systems to fail

A Disaster Recovery Plan is a plan for restoring functionality when an event happens that causes IT systems to fail

Disaster Recovery Plan components:

• SLA recovery requirements

• Risk assessment

• Budget

• High-level process document

• Testing plan

• Auditing plan

• Maintenance plan

• Training plan

Creating a Disaster Recovery Plan

Maintaining a Disaster Recovery Plan

Testing a disaster recovery plan

• Test component failure and system

• Test workstation impact

• Test performance

Refining a disaster recovery plain

• Revise based on test results

• Review SLA requirements and business needs

• Review risks and mitigation methods

• Retest any components that are modified

Lab: Planning a Disaster Recovery Solution

• Exercise 1: Planning Disaster Recovery for Vancouver

• Exercise 2: Planning Disaster Recovery for San Diego

• Exercise 3: Implementing Single-Item Recovery

Logon information

Estimated time: 45 minutes

Lab Scenario

• You are a messaging engineer for A. Datum Corporation, an enterprise-level organization with multiple locations. A. Datum Corporation is an international corporation involved in technology research and investment, and it is planning to upgrade from Exchange Server 2003 to Exchange Server 2010.

• High availability planning is complete, but the disaster recovery plan needs to be further developed. Specifically, you need to consider the details of the messaging SLA to ensure that disaster recovery is possible within the appropriate time frame.

• Finally, you must implement part of your proposed disaster recovery plan.

Lab Review

• Which role group is used to provide a user with permission to perform a Multi-Mailbox Search?

• How does single-item recovery differ from the recovery of deleted items in previous versions of Exchange Server?

Module Review and Takeaways

• Review Questions

• Best Practices