Architecture is priceless, and history wants to make architects pay dearly. According to legend, after the completion of St. Basil’s Cathedral in Moscow, Tsar Ivan the Terrible gouged out the architect’s eyes; he did not want him to design a superior structure. Similarly, when the Taj Mahal was completed, Shah Jahan supposedly cut off the architect’s hands. While historical evidence indicates these are myths, architects should consider in the long term, what value can they deliver to keep themselves safe?
In this series, I introduced the Protection Storage Architecture , explored Protection Storage and Data Source Integration. Now to Data Management Services, where the fun begins.
Data Management Services – Why Do They Matter?
What value should a protection team deliver? First, application teams need to access the right version of data, when they need it. That means high-performance and user-visible data protection. Second, management needs analytics and reporting for regulatory compliance, service-level enforcement, and cost management. Third, users, auditors and lawyers need to be able to access the right historical information, quickly and accurately.
Without data management services, companies fail audits and lose data, productivity and business. Only the backup team has the technology and organizational scope to deliver the protection services.
Data Management Services – Why Have They Become a Challenge?
A decade ago, the backup application exercised absolute control over every aspect of the end-to-end protection workflow. Therefore, it was simple for it to deliver reporting, cataloging and management of protection storage (a.k.a. tape). Things changed when traditional backups could not scale with data growth and virtualization. To meet their business needs, the application, hypervisor, and storage teams began to deploy their own solutions, using tools integrated into their data sources – the accidental architecture. The backup application (and team) lost control and visibility over the environment.
Despite the increasing variety of protection mechanisms, the business still needs consolidated data management services. The backup team must gain visibility into all the protection copies – even those created outside the backup application.
Data Management Services – The Baseline
The protection team must ensure:
- Recovery and Access. Information must be protected, regardless of: where it resides (data center, remote office, mobile device, cloud), the protection mechanism (snapshot, data-source mover, backup or archive client), and the location of protection copy (backup appliance, cloud, or tape). The protection data must be accessible, regardless of use case (disaster recovery, operational recovery, archive access), mechanism (instant access, granular object recovery, or search-driven access) or who drives the recovery (protection team, application admin, end-user). Even though the backup team may neither create nor recover the protection data, the business still holds it responsible for rapid and reliable recovery and access. (And, yes, backup teams, now is the time to curl up into the fetal position.)
- Policy Management. The protection team must create, manage, and report on protection policies for both regulatory and service-level compliance. In addition to cataloging and reporting on all the copies, the protection team must supplement the data source administrator’s policies. For example, imagine that a DBA runs her own database dump and plans to retain it for 30 days. If corporate policy is 90 day retention, the protection team must find a way to deliver that retention. Ideally the supplement would be efficient (clone the DBA’s copy) vs. inefficient (create your own primary backup copy). Regardless, the protection team is the “one throat to choke” for policy compliance.
- Protection Storage Management. Protection storage management involves far more than managing purpose-built backup appliances. This includes: primary storage (e.g. snapshots and replicas), backup appliances, WAN network bandwidth (to replicate between sites), tape and cloud. The protection team needs to ensure that the entire infrastructure is available for recovery and backup. Furthermore, they need to plan for the expansion of the environment – projecting future costs and purchases.
Data Management Services – Bonus Levels
With a consolidated view of the organization’s information, protection teams can deliver value beyond the baseline and accelerate the business. With data and metadata analytics (like the NSA of the enterprise) the protection team can expand their business impact.
First, organizations crave visibility and control over their infrastructure spending and growth. The protection team has can track data growth rates by division, application, location and data type. Not only does this help them project what they will need (protection storage, bandwidth, compute), but it can also provide insight into the primary storage and application environment.
Second, the protection team can derive insight from the data. Most groups either view only their silo of information, so they lack the full visibility across all the data. The protection team has a catalog of every piece of data in the environment. With that pool of data, some groups are already searching for security/compliance leaks, optimizing test & development and hardening their systems.
After delivering the baseline, the protection team is well positioned to deliver advanced services.
Protection Storage Architecture – The Value
The protection storage architecture positions the backup team to evolve into a high-value service provider. You need all three components of the architecture to succeed. You can’t provide the data management services without consolidating the protection. You can’t consolidate the protection without integrating with the data sources. And you can’t integrate with the data sources without the right protection storage. Hence, you need an architecture that loosely couples all three architectural components.
With the right architecture, the protection team can deliver tremendous and keep their eyes and hands.