CDP--buzz versus benefit.With all of the hype in the industry today over Continuous Data Protection (CDP) solutions, it is sometimes hard to separate the buzz from the benefit. For customers focused on solving real-world problems involving the recovery of business-critical data, understanding the distinction is paramount to making the right choices for safeguarding their electronic assets. The issue for these customers is that the industry is in a state of constant fluctuation over exactly what defines CDP and what a product must do to earn that label. By the strictest definition of the term, the Storage Networking Industry Association (SNIA) defines CDP as "a methodology that continuously captures or tracks data modifications and stores changes independent of the primary data, enabling recovery points from any point in the past. CDP systems may be block-, file- or application-based and can provide fine granularities of restorable objects to infinitely variable recovery points". This is generally interpreted to mean that to be a CDP solution, the product must capture data changes continuously, must store these changes in a location separate from the primary storage and must provide arbitrary and infinite recovery points for the data. The promise of being able to track every change and instantly recover to any point in time is undoubtedly appealing to companies. But there is a major problem with this promise and that problem is two-fold. The Problem with CDP Firstly, the capabilities described by the SNIA definition of CDP are not trivial. They require a solution to infinitely store data changes and provide a customer the ability to arbitrarily return to infinite points in time to recover previous versions of data. This makes CDP a very expensive proposition for customers. Some pure-bred CDP solutions sell for hundreds of thousands of dollars. The challenge is, as it used to be when debating synchronous versus asynchronous data replication, that most customers' data isn't valuable enough nor do those customers have a budget big enough to afford these types of CDP solutions. In this sense, pure-bred CDP solutions are a solution to a problem customers can afford not to solve. Evidence of this fact is that most true-CDP solutions have not gotten the sales most people thought they would get. Companies are voting with their budget dollars and right now most are casting votes against true-CDP and for near-CDP solutions or backup and recovery solutions that integrate CDP-like capabilities. While solutions based on the strictest definitions of CDP (as defined by SNIA) may gain some momentum in the market, the majority of customers don't have either a Recovery Point Objective (RPO) that requires stand-alone CDP or a budget to be able to afford a stand-alone CDP solution. Instead, they need something that provides them better recoverability than tape that's accessible enough for them to deploy it across their enterprise--not just on a few systems. Secondly, CDP has traditionally taken a very narrow approach to disaster recovery, mainly focusing on file-level recovery and not application data like that created by Microsoft Exchange Server or Microsoft SQL Server. In addition, the focus has been almost entirely on recovering the data and has ignored the importance of protecting and recovering the application. If the first line of defense in a disaster recovery solution is protecting the data, the second is undoubtedly protecting the application. By itself, the data provides a means for recovery but providing a real-time copy of the data and availability of the application associated with it enables a Recovery Time Objective (RTO) significantly better than that provided by solutions like tape backup or CDP. CDP provides no provision for RTO and focuses solely on RPO which is only half of the customer challenge. The Promise of CDP While true-CDP solutions have not gained traction with the larger market, the promise of CDP, despite its problems, thrives. It does so in the form known as near-CDP. Many traditional backup vendors have begun integrating the CDP story into their existing backup and recovery solutions. These vendors have differentiated themselves from their competitors by integrating CDP capabilities into existing solutions rather than attacking the concept head-on. These solutions provide the best of both worlds by providing several, but not infinite, points of recovery. This satisfies most customers' RPO goals far more readily than tape-based solutions by providing snapshot copies of important data for recovery purposes rather than relying on retrieval from tape. The Future of CDP Though near-CDP promises to be an easy way to augment the backup solutions that customers use today, it still doesn't account for the complete recovery of a company's business critical systems. To the end-user, recovery isn't complete until they are able to resume their work where they left off. This means not only restoring a previous version of the data but also the operating systems and applications and all the other aspects that are required to give users access to that information. Simply getting any old data loaded back onto a disk isn't a complete recovery and to the end user, there is no such thing as a "partial recovery." The future of CDP lies in hybrid solutions that incorporate its capabilities into an overall recovery management strategy that combines data replication and protection, application availability and point-in-time recovery. Alternatives exist today that provide just this unified approach to recovery. In these solutions, asynchronous file-based replication is combined with application availability and snapshot technologies to fulfill at least the spirit, if not the definition, of CDP. From a data protection perspective, real-time replication provides for the continuous capture of changes to protected data and the storage of those changes separate from the production data. If needed, a company can recover to this real-time copy of the data in the event of a major disaster. And because the solutions are typically based on byte-level replication including features such as compression and bandwidth throttling, they are more efficient at moving data across long distances when compared to the data movement technologies employed by pure-bred CDP solutions. For recovery from unwanted changes such as those caused by human error, viruses, or corruption, disk-based snapshot capabilities allow rollback to multiple (albeit not infinite) copies of the protected data. Because disk-based snapshots are usually difference-based (copy on write technology), they consume less storage space and their periodic nature also further reduces storage requirements when compared to keeping infinitely accessible copies of data changes. Both data replication and disk-based snapshots together ensure that the RPO goals for a company's data can be met. Where these solutions exceed the promise of CDP today is their ability to ensure RTO goals as well as RPO goals. By continuously monitoring the availability of the production systems and failing over to a secondary system in the event of an outage, they provide an RTO of minutes rather than hours or days. Most true CDP solutions today do not provide any high availability for the applications creating the data and instead leave recovery to the IT administrator who is most likely using a complex, manual, time-consuming process. Evaluating the Options Aside from a vendor's assurance or an industry expert's recommendation, though, how do you know what the right protection and recovery option is for your company or whether you are a candidate for CDP? Unfortunately, no solution is "one size fits all". The key to business continuity and recovery planning is first understanding the impact an outage, loss or major disaster would have on your ability to provide a product or service and then picking the right tools and putting in place the right procedures to minimize that impact. Because each company's business is unique, each business continuity recovery plan will also be unique. However, the high-level approach to planning is generally the same. Because budgets are limited, it is important to stack rank each of the critical business systems within your organization and assign the appropriate level of protection to them. Not all systems require the same levels of protection; in fact, some may not need protection at all. Successful plans account for this and are able to restore systems defined as business-critical as rapidly as possible while making the most of limited resources. The challenge for most companies in prioritizing these systems and picking the appropriate protection solution is to understand what value their data has. Business continuity and backup and recovery solutions solve for Recovery Point Objective (RPO) and Recovery Time Objective (RTO). Choosing the right solution is simply a matter of quantifying the value of the data the solutions protect and calculating the Return on Investment (ROI.) Summary The reality of CDP is that it has not lived up to the buzz it generated. It is not because the promise of CDP isn't appealing to customers. It is because CDP, as narrowly defined by industry organizations, was not permitted the opportunity to commingle with other data protection and recovery capabilities to enable a hybrid solution as described in this article which combines the best of CDP with the best of continuous data replication and application availability while keeping costs down. Successful vendors will continue to build CDP into their products where it is appropriate and successful IT organizations will learn to leverage the technology to address all of their recovery goals while staying within budget and without sacrificing capabilities. Bob Roudebush is Director of Solutions Engineering at Double-Take Software. www.doubletake.com |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion