Content Based Planning Methodology€¦ · will affect scheduling times, job priorities, and performance tuning to provide higher priority jobs with adequate resources. For recovery,

Chapter 16

Content Based Planning Methodology

CommVault Concepts & Design Strategies: https://www.createspace.com/3726838

322 - Content Based Planning Methodology

This chapter will focus on a content based design approach for business data that takes into account disaster

recovery, data availability, and data preservation strategies. This chapter will not only focus on Simpana software

strategies, it will focus on other methods to meet SLA‘s including hardware and appliance based solutions that

can integrate with Simpana software.

This chapter will focus on these main concepts:

Meeting SLA‘s for disaster recovery, data recovery, high availability, and data preservation.

Understanding and designing solutions for business system dependencies.

Addressing protection needs and current capabilities and performing Gap Analysis to improve SLA‘s or

adjust requirements.

Design strategies to provide comprehensive on-site, off-site and archiving protection.

Survey Environment

Some CommVault administrators make a fundamental mistake by building storage policies before they really

understand what they do and what their business requirements actually are. Fortunately, many policy

configurations can be modified, though changing configurations can come at a price. Before you begin building

storage policies a thorough survey of all business systems should be conducted. The best way to perform this

would be to meet with key business system owners to determine protection requirements and to conduct

inventories of your infrastructure. This in the real world rarely happens. Usually when CommVault engineers

arrive on-site, little information is available to configure policies. Taking these situations into consideration, this

chapter will not only work on building policies from scratch, but also modifying existing policies.

Another issue when assessing environments is the lack of cooperation from the other side of the wall. On the

business end, people are hesitant to make decisions, especially when it comes to data protection. Unfortunately,

the CommVault administrator becomes the scape goat when disaster strikes and data is lost. Getting people to

sign off on policies can be difficult, if not impossible. This situation is also taken into account and some methods

of dealing with these scenarios are provided.


Content Based Planning Methodology - 323

Detailed flow for survey phase illustrates the level of detail that can be documented

when performing in-depth analysis of the production environment. This level of detail

not only assists in designing a CommCell® environment but also is important when

considering an overall disaster recovery strategy.



Identify Business Systems

When designing data protection strategies it is important to assess entire business systems, not just servers. In

today‘s data centers it is very common for business systems to have many components including backend servers,

front end servers, storage resources, and network resources. All these components should be looked at as a whole

to properly define protection requirements.

Example: Viewing business systems from the owners view may be different from the

view that IT has. The following chart illustrates several business systems that have a

common backend database. Though the database server is a single system, each

business system may require separate protection requirements.

Business System Purpose Value Owners Backend Resources

Payroll Track employee

payroll

4 Finance MS-SQL

Sales Tracker Track all sales leads,

activity, and historical

sales data

3 Sales MS-SQL

HR database Maintain records on

all current and past

employees

2 Corp MS-SQL

Identify & Classify all Components of Business System

When surveying the business environment all the components that make up a business system should be

analyzed. Who owns the system, its value to the company, the cost of downtime, the cost of recreating data, cost

of data loss, servers it runs on, storage it uses, networks it relies on, etc… Each component should also be

classified as IT or business. Each classified component may require different protection and retention methods.

Business Classification

Data whose primary purpose is to directly support business functions is classified as Business Data Types. This

would be the actual data being managed for business purposes such as e-mail, financial databases, home folders,

or web content. If this data is lost, it could cost thousands or even millions to recreate if it can be recreated at all.

Although IT may manage the servers, the data owners are ultimately responsible for the business data. DBA‘s,

managers, Chief Officers, VP‘s all invest a lot of time and money to build or purchase business systems which

make their work more efficient and more profitable. The loss of the data on these systems could be catastrophic.

Rebuilding a database server is easier than recreating a lost database. Business systems may require different



protection requirements than the core IT data on that same system. Compliance requirements may also require the

data be kept for long time periods, encrypted, placed on WORM media, etc…

Business data can be an entire system or component of system (e.g. critical database running on a

database server or a sales tracking system in SharePoint).

Business data can be containerized into subclients. These will be used to determine different SLA‘s for

different business systems.

IT Classification

IT data classifications include operating systems, system databases, domain controllers, DNS servers, etc... This

data does not directly serve a business purpose but it is the foundation in which business systems run. The

primary purpose of protecting IT data is for Disaster recovery purposes. For example, a database server has a

system database, some configuration files, and an underlying operating system which all qualify as IT data. There

is also a financial database that runs on the server which is classified as business. This system may require

different protection and retention methods that will be defined by its owner.

IT systems that support business systems.

Dependencies required for business system to function.

o Domain controllers.

o Network configurations including: routers, switches, VPN, and SAN configurations.

o Front end and back end servers.

The following diagram shows the division of data on a database server into IT and

business classifications. The different data can be defined in separate subclients and

managed based on storage, retention and destruction policies.



Granular Classification of Business Data

Depending on protection and recovery requirements, business systems can be divided and categorized to meet

very specific requirements. An Email server would be classified as both IT and business. It must be protected for

disaster recovery purposes, which is primarily a function of IT. The ability to recover or preserve specific

mailboxes or data stores will be associated with business classifications. Using Simpana agents and subclients,

different data can be containerized and protected to meet both business and IT requirements. This will add a level

of administrative complexity but will allow the administrator to implement solutions to meet business

requirements.

Example: An Exchange server is being protected for business and IT. The database and

file system are protected to disaster recovery purposes. A Mailbox iDataAgent is used

for granular backup and recovery of Sales and Management mailboxes. Management

and Executives mailboxes are journaled and protected with the Compliance iDataAgent.

All journaled messages are also content indexed for eDiscovery purposes.

Data

Classification

Requirement

Protection Method

Exchange operating system

IT DR protection File System iDataAgent

Exchange database

IT DR protection Exchange Database iDataAgent

Sales & management mailboxes Business Provide fast

recovery for

deleted / lost

messages

Exchange Mailbox iDataAgent

All management and executives

Email

Business Provide message

preservation and

discovery for

ALL messages

Exchange Compliance Archive

iDataAgent and Content Indexing

Understand Value & Protection Requirements

The value of a business system will determine protection requirements. Mission critical business systems will

have shorter Recovery Time Objective (RTO) and Recovery Point Objective (RPO) values. Financial and

communication data may have longer retention and data preservation requirements. Each business system should

be looked at granularly and protection requirements should be defined.



The following chart illustrates protection requirements for an Exchange server. OS data

and Exchange databases are protected primarily for DR purposes and have an IT

classification. Managers and Executives mailboxes and journal mailboxes are protected

for business and compliance reasons. Each business component is defined separately

and assigned classification and priorities.

Server Data Protection Classification Data Type

Priority 1 -4

Data Center Location Server Location

DC_Exch1 File System IT Windows 3 Main Center / Corp Physical Exch_1

DC_Exch1 Database IT Exchange DB store 2

Main center / corp Physical Exch_1

DC_Exch1

Sales and Managers mailboxes Business

Exchange mailboxes 4

Main center / corp Physical Exch_1

DC_Exch1

Manager and executives Journal Business

Exchange Journal MB 4

Main center / Corp physical Exch_1

Determine Service Level Agreements

Service level agreements are used to establish protection and recovery windows and acceptable amount of data

loss within those windows.

Recovery Time Objectives

Recovery Point Objectives

Retention Requirements

o On and off site disaster recovery

o Data recovery

o Data preservation and compliance copies

Prioritize Data Type

Set priorities for different data types to establish its value to the company. For data protection the priority levels

will affect scheduling times, job priorities, and performance tuning to provide higher priority jobs with adequate

resources. For recovery, a high priority data type can ensure certain business systems become available before

others. An example would be dividing E-Mail databases into different subclients. Group higher priority mailboxes

into smaller databases on the mail server and lower priority mailboxes into other databases. Consider a mail

server recovery time if the total size of all databases was 600GB with mailboxes thrown into different databases

with no rhyme or reason. Now consider that same server with the highest priority mailboxes in a small dedicated

database about 60GB in size. The high priority database can be recovered first and the lower priority databases

recovered later.



Protection Windows

Operation windows will be different for different data types and different servers. Using CommVault software

different parts of a server can be backed up at different times. Some data types such as databases may require

short protection windows if the database has to be placed in an offline state in order to back it up. Knowing

protection windows can also assist in determining the best methods for protecting data such as using snapshots

instead of traditional backup.

Recovery Objectives

Recovery objectives are based on time to recover (RTO) and acceptable amount of data loss (RPO). These

numbers determine the Service Level Agreements (SLA) for business systems and data. Recovery Time

Objectives determine the length of time a business system can be down. This can also include Mean Time to

Repair (MTR) and Maximum Tolerable Downtime (MTD). Recovery objectives should be based on business

systems and not servers.

Recovery Point Objective determines the acceptable amount of data loss. The more frequent protection operations

are run, the shorter the RPO will be. Each protection point; through traditional backup, log backup, or snapshot

creates recovery points. Understanding the business data, the value of the data to the company, the cost associated

with recreating it, or the cost to the company if the data cannot be recreated should factor in to the RPO value.

More valuable data can be protected on more regular intervals and less valuable data protected on longer

intervals. For the most valuable data protection options such as log shipping, snapshots or replication can be

implemented to further reduce the RPO.

The last person who should determine protection requirements and methods should be the backup administrator.

Owners of the data should be consulted to gather as much information about the data so appropriate protection

strategies can be designed and implemented. Meet with all key personnel to determine requirements for protecting

the data. This may include system administrators, managers, DBA‘s, and auditors. Address SLA requirements

and assess current protection methods. Analyze requirements and capabilities and determine whether protection

methods must be altered or SLAs must be readdressed. This will ultimately come down to cost. The Risk

Assessment chapter will focus on this concept in more detail.



Sample table showing an Exchange server with different IT and business components.

Each component has and RTO and RPO associated with it along with the current

protection methods.

Server Data Recovery Time Objective

Recovery Point Objective

Online / Offline Protection to Meet Objectives

DC_Exch1 File System 8 hours 24 hours Weekly Full Daily Inc

DC_Exch1 Sales Mail Database 8 hours 24 hours Nightly full backups

DC_Exch1 Users Mail Database 24 hours 24 hours Nightly full backups

DC_Exch1 Managers + mailboxes

2 hours (2 month) 24 hrs after 24 hours

Nightly mailbox backups to disk target for recovery requests

DC_Exch1 Manager + Journal

1 hour (6 month) 24 hrs after 24 hours nightly compliance backup

Identify Retention Objectives for Each Data Type

Retention objectives should be based on the three primary reasons for protecting data: Disaster Recovery,

Compliance, and Data Recovery. Disaster recovery retention requirements are best to be handled by IT and

should be based on how many complete sets or cycles should be kept. Compliance copies are usually point in

time copies such as month end or quarter end and the retention should be based on how long the data needs to be

kept for. Data Recovery may include all protected data within a time period (full and incremental) and the

retention should be based on how far back in time data can be recovered.

Retention times can be customized for different business data types. For example, on an Exchange server there is

a data recovery requirement for regular users to recover a deleted message for 60 days, but for sales people the

requirement may be one year. By creating these different business data types, different retentions can be set to

meet business requirements.

The table on the following page illustrates different business and IT requirements for

protecting data in primary, near line, and offline (off-site) retention requirements.

These values make up retention requirements for DR, data recovery, and data

preservation/compliance copies.



Data Destruction Policies

Once data exceeds its useful lifecycle, destruction of that data may be required. This is one of the most

overlooked aspects of data protection. Proper data destruction policies are essential for meeting company and

government compliance requirements. Several Simpana features can be used to assist in meeting data destruction

requirements:

Mark media to be erased can be used to mark a tape to be erased after all jobs exceed retention on the

tape. Erase media jobs must be scheduled for each tape library where data should be destroyed once it

exceeds its useful lifecycle.

Disable Managed Disk Space. For disk libraries, managed disk space is used to maintain data in storage

beyond its retention requirements. Disable this option in the Retention tab of the storage policy copy if

you do not want to use this feature. Note that this option is enabled by default.

Erase Data is a licensed feature which allows the granular logical deletion of data within a job. This

option is enabled in the General tab of the storage policy properties. Note that this option is enabled by

default and any media written to an erase data enabled policy cannot be recovered with Media Explorer,

the Catalog option, or Restore by Job.

VaultTracker policies and reports. These reports are critical when tapes are being stored off-site.

Before the data can be destroyed the tapes must be recalled. Using Due Back VaultTracker policies you

can run reports on tapes that have exceeded retention and must be destroyed.

Server Data Protection Method

Primary Target

Primary Retention

Near Line Target

Near Line Retention

Off Site Target

Off Line Retention

Archive Target

Off Line Retention

DC_Exch1 File System

File System iDA

Dedupe Disk_1 14 days N/A N/A

LTO 4 tape 14 days N/A N/A

DC_Exch1 Exchange Database

Exch DB Agent

Dedupe Disk_1 14 days N/A N/A

LTO 4 tape 1 month N/A N/A

DC_Exch1

Managers and sales mailboxes

Exch mailbox Agent

Dedupe Disk_1

2 months

LTO 4 Tape 1 years N/A N/A N/A N/A

DC_Exch1

Manager and executives Journal

Exchange Compliance Archive

Dedupe Disk_1

6 months

LTO 4 Tape 2 Years N/A N/A

LTO 4 Tape

EOQ 5 Years



Addressing Unrealistic Requirements

What do you think most people would consider the most important business system? In most cases it‘s one of two

things, their system or Email. Regarding Email, it is a communication method and should be high on a priority list

for recovery. Of course recovering a communication method versus recovering users Email are two different

things. This is an example of business and IT systems. If the sales department wants their Email accessible within

one hour of disaster, well that might be improbable, but resuming communication on the other hand can be done

in a short time period. When an owner of a critical business system proposes unrealistic requirements, it‘s

important to understand that in most cases they do not understand the capabilities and limitations of technology.

Providing details on capabilities for protection beforehand can not only help to avoid unrealistic expectations but

also assist the business system owners in better understanding what it is you can do for them. Again, they don‘t

know the technology so acting as a liaison between business and IT to narrow the gap can be mutually beneficial.

Another method to alter unrealistic requirements is to propose solutions and related company costs. This could

quickly change minds when they fully understand what it would take to accommodate their requirements. Always

consider that maybe their requirements are realistic. If a financial system loses 15 minutes worth of data and the

cost to the company would be estimated at five million dollars, then the benefit in a larger investment could be

well worth it.

Using Default Policies

Another approach to determining business system requirements is to present it in a multiple choice

manner. Don‘t ask them what they want, show them what they can have. Policies can be

predetermined by IT and upper management. Once agreed to, business owners can be presented

with the options. I have seen this becoming more common recently and it makes the decision

making process much easier.

The benefit of this is to align everyone into a more simple structure. The power behind this is that

if custom requirements are needed, policies can be modified by adding secondary copies or

creating new policies for the custom requirements.



Gather Technical Data

Physical location of each component of the system.

Server location within physical or virtual environment.

Current data size and projected growth.

Once the data has been classified, technical information must be gathered. Technical statistics in a well-organized

and documented environment can be gathered through reports, documentation, and system analysis.

Location of Data

The location of data relative to storage can greatly affect the performance of data protection operations. Is the

data direct attached, network attached, SAN attached? Is the data on a physical or virtual server, local or remote

location, local subnet, remote, accessed over a VPN? All of these questions can affect the solution to protect the

data. Snapshots might be better than traditional backups; replication may be better than relying on someone at a

remote location to swap tapes, or locating a media agent in closer proximity to the data to avoid too many router

hops can be critical decisions in providing adequate protection for data.

Size, Change and Growth of Data

Understanding current and future storage capacity needs is essential in determining where data should go, how

long it can stay there for, and whether or not additional investment in storage is required. Predicting and trending

growth expectations can be accomplished through historical reporting and analysis tools. Estimating growth

requirements can allow you to anticipate storage requirements which may alter your purchase decisions for more

hardware or persuade decision makers to go with more efficient storage methods such as deduplication. Not

planning for future requirements can result in adjusting protection requirements to fit capacity needs. That change

in policy could have negative effects on you and your company later on down the road.

System & Business Dependencies

This may be one of the most overlooked aspects of providing adequate protection for data. The simplest example

would be protecting an Exchange server but not protecting your Domain Controller. The thought might be ―We

have so many domain controllers, we don‘t need to protect them‖. Then active directory becomes corrupt or a full

site disaster destroys all of your DC‘s. Your dependency required to rebuild your Exchange server is now

unavailable. Granted this is an extreme example but it should be noted that dependencies and the time it takes to

rebuild them will have an effect on your recovery objectives. All system dependencies should be considered for

all business systems.

Business dependencies can also be important. Consider the CFO who is the only person who knows a critical

password which will be required before a system can be rebuilt. Consider a Web provider who must perform

actions on their end so remote users can access a database on your end. The point is, when it comes to system

dependencies you should leave no stone unturned. Figure out every dependency within your environment for each

system.



Production & Storage Infrastructure

Where production data is located and its proximity to protected storage will play a large role in designing storage

policies. The following section addresses the three key aspects of infrastructure:

Production data location.

Library configuration and placement.

Data paths from production to storage.

Production Data Location

The location of production data should be taken into consideration when planning Media Agent placement and

storage policy design. Large amounts of data being transmitted over a production network can not only slow

down backup performance but also inconvenience end users (not to mention frustrate network administrators).

Take the following into consideration for addressing the location of production data:

Direct attached data will require movement over the network when backing up data. If possible

consider multi-homing the server and connecting it to a dedicated backup network.

SAN attached data can be protected using a LAN Free path if a Media Agent is installed directly on the

Client. Consider using this approach when large amounts of data require protection.

Network attached storage can be backed up over the network or directly into a SAN if the NAS device

is capable of SAN integration. The Simpana software supports either method.

Remote data can either be backed up over a WAN or a Media Agent can be installed at the remote

location. Using Simpana deduplication with client side deduplication would be the best method for

protecting data over the WAN using minimal bandwidth. If a Media Agent is at the remote location,

using Simpana deduplication and DASH Copy will allow data to be Auxiliary copied over the WAN

using minimal bandwidth.



Diagram illustrating production data location.

Library configuration and placement

The location of libraries and their proximity to production data and Media Agents should be considered when

designing a CommCell environment. Consider the following implementation methods and caveats:

Direct attached library is the easiest to configure but it creates a single point of failure if the Media

Agent goes offline. Ensure there are adequate Media Agent resources when using this method.

SAN attached library is useful when backing up data over LAN Free paths or when consolidating large

amounts of data into a central library location. For disk libraries using Simpana Deduplication, it is

strongly NOT recommended to use multiple Media Agents in a Round Robin configuration as restore

performance can suffer significantly. For tape libraries, using multiple Media Agents writing to a

Dynamic Drive Sharing (DDS) library is ideal for providing scalability and fault tolerance for backups

and restores.

Network attached library is best used in environments where dedicated backup networks are used for

data protection operations. Avoid moving large amounts of data over production networks. Network

storage with dedicated backup networks and multiple Media Agents is the preferred method for

protecting data when using Simpana deduplication. This will provide scalability, high availability and

adequate restore performance.



The following diagram shows LAN and LAN-Free clients and various Media Agent and

library physical architecture. Libraries can be direct, SAN or NAS.

Data Paths

LAN based paths will be used when backing up clients with no Media Agents installed. There is a

general rule that all data must be moved through Media Agents when writing to protected storage. The

exception to that rule is direct NDMP dumps of NAS filers that are SAN attached.

LAN Free (SAN) paths can be used with Client / Media Agents to avoid using the production network

for data protection jobs. This is useful when protecting large amounts of data especially to SAN attached

tape libraries.

NDMP libraries can use either LAN based or LAN Free paths. LAN based paths use CIFS or NFS

shares to protect data over the network through a Media Agent and into protected storage. If the NAS

filer is attached to a SAN with a tape library, direct NDMP dumps can be executed and managed by the

Simpana software to provide a LAN Free path. This method does not require the data to be moved

through a Media Agent.



GridStor™ Technology can be used to allow multiple data paths to be used in a Round Robin or

failover pattern. Round Robin is best used with SAN attached tape libraries or NAS attached disk

libraries. Failover can be used when a preferred Media Agent and/or library path should be used but

other paths can be used in case of inaccessible primary paths. Careful consideration should be taken into

account when using Simpana deduplication.

The following diagram illustrates the data path options available when using GridStor

technology for LAN based and LAN-Free paths.



Simpana Specific Considerations

There are also some Simpana specific considerations regarding the number of storage policies that may be

required. The following highlights these situations.

Incremental Storage Policy

An Incremental Storage Policy links two policies together. The main policy will manage all Full backup jobs. The

incremental policy will manage all dependent jobs (incremental, differential or logs). This is useful when the

primary target for full backups needs to be different than dependent jobs. Traditionally this has been used with

database backups where the full backup would go to tape and log backups would go to disk. A more recent

adoption of this feature is for writing full database jobs to deduplicated disk and log jobs to non-deduplicated

disk. In either case when logs are protected multiple times per day, to shrink RPOs, replaying the logs from non-

deduplicated disk can be faster than tape or deduplicated disk.

Microsoft SQL Log Storage Policy

MS-SQL subclients have a unique configuration where Full and Differential backups can be directed to one

storage policy and Log backups can be directed to a second policy. This is the same concept as Incremental

Storage Policies except that instead of linking the policies together, the two policies are defined in the Storage

Device tab of the SQL subclient.

Legal Hold Policy

When using the Simpana Content Indexing and compliance search feature, auditors can perform content searches

on end user data. The search results can be incorporated into a legal hold. By designating a storage policy as a

Legal Hold policy, the auditor will have the ability to associate selected items required for legal hold with

designated legal hold policies. It is recommended to use dedicated legal hold policies when using this feature.

Legal Hold Storage Policies can also be used with Content Director for records management policies. This allows

content searches to be scheduled and results of the searches can be automatically copied into a designated Legal

Hold Policy.

Erase Data

Erase data is a powerful tool that allows end users or Simpana administrators to granularly mark objects within a

job as unrecoverable. For object level archiving such as files and Email messages, if an end user deletes a stub,

the corresponding object in CommVault protected storage can be marked as unrecoverable. Administrators can

also browse or search for data through the CommCell Console and mark the data as unrecoverable.

It is technically not possible to erase specific data from within a job. The way erase data works is by logically

marking the data unrecoverable. If a browse or find operation is conducted the data will not appear. In order for

this feature to be effective, any media managed by a storage policy with Erase Data enabled will not be able to be

recovered through Media Explorer, Restore by Job, or Cataloged.

It is important to note that enabling or disabling this feature cannot be applied retroactively to media already

written to. If this option is enabled then all scratch media written by the policy from the point erase data is

enabled cannot be recovered other than through the CommCell Console. If it is disabled then all scratch media



written by the policy from the point it is disabled can be recovered through Media Explorer, Restore by Job, or

Cataloged.

If this feature is going to be used it is recommended to use dedicated storage policies for all data that may require

the Erase Data option to be applied. For data that is known to not require this option disable this feature. Note:

This option is enabled by default on all new storage policies created as of Simpana v9 sp3.

Group Security

If specific groups need rights to a specific storage policy to manage it than it is recommended that different

policies be created for each group. This is a very effective separation of power method in larger departmentalized

organizations. Each department group can be granted management capabilities to their own storage policies.

Media Password

The Media Password is used when recovering data through Media Explorer or by Cataloging media. When using

hardware encryption or the Simpana software copy based encryption with the Direct Media Access option set to

Via Media Password, a media password is essential. By default the password is set for the entire CommCell

environment in the System applet in Control Panel. Storage policy level media passwords can be set which will

override the CommCell password settings. For higher level of security or if a department requires specific

passwords, use the Policy level password setting which is configured in the Advanced tab of the Storage Policy

Properties.

Using Encryption with a Deduplication Policy

If Client side encryption is going to be used with deduplicated data, separate storage policies must be used to

separate encrypted and non-encrypted data. The ability to encrypt deduplicated data is a powerful tool which is

unique to Simpana software. This is because the encryption will take place after the block has been hashed and

compared. Using encryption for deduplicated data is especially useful when backing up deduplicated data to

Cloud storage.

Content Indexing

Simpana Content Indexing can be used to proactively or retroactively index the contents protected data. A storage

policy can manage data either requiring or not requiring indexing. Consideration in this case should be placed on

subclient design. Data that does require indexing should be defined in separate subclients from data not requiring

indexing. The subclients requiring indexing can be selected in the Content Indexing tab of the storage policy

properties.

Filters

Filters can be applied through the Global Filter applet in Control Panel or locally at the subclient level. If specific

folder locations require special filters, a dedicated subclient should be used. Define the subclient content to the

location where the filters will be applied and configure local filters for that subclient. The option to use Global

Filters can still be used allowing the global and local filters to be combined.

If global filters are being used but specific subclient data should not have certain filters applied define the content

in a separate subclient. Global filters can still be enabled for the subclient but the exclusions list can be used to

override the global filter settings.



Open File Handling

Open file Handling using Microsoft VSS or CommVault QSnap can be used to ensure open files are protected.

VSS is an available option for Windows 2003 or higher agents. Non Windows agents can use CommVault QSnap

to ensure open files are protected.

Pre/Post Scripts

Pre/Post Process scripts can be used to quiesce applications prior to protection. This is very useful when

protecting proprietary database systems or for quiescing databases within virtual machines prior to using the

Simpana Virtual Server Agent for snapping and backing up the VM.

Assess Current Protection Strategies

Whether you are deploying the Simpana software for the first time or you are modifying or redesigning your

CommCell environment, a methodical approach can be used to better ensure a successful implementation to meet

current and future needs. This section will focus on assessing current protection methods that can be used to assist

in improving new deployments or existing CommCell infrastructures.

Identify Current Protection Methods

What are the current methods for protecting data? These methods can have a significant effect on protection and

recovery windows as well as retention and media management requirements.

The following table shows different data types and the current protection methods.

Data

Protection Method

Frequency

File Server Traditional backup Weekly full / daily incremental

SQL Server SQL database dumps Nightly

Exchange Exchange DB agent Nightly full

NAS Filer Traditional backup through file

share

Weekly full / daily incremental

Virtual machines (low priority) File system agents in VM Weekly full / daily incremental

Virtual machines (high priority) File system agents in VM Weekly full / daily incremental

Virtual machines (running applications) Application quiescing and file

system agents in VM

Weekly full / daily incremental



Retention and Destruction Strategies

Retention policies should be determined for all data within an environment. Depending on specific business and

compliance requirements data destruction policies should be determined as well.

The following table shows the different data types and retention and destruction

policies.

Data

On-Site Retention

Policies

Off-Site Retention

Policies

Destruction Policies

File Server 30 days 60 days None

SQL Server 7 days None 60 days

Exchange 14 days 60 days 60 days

NAS Filer 30 days 60 days None

Virtual machines (low

priority)

14 days 60 days None

Virtual machines (high

priority)

30 days 60 days None

Virtual machines (running

applications)

7 days 60 days 60 days

Protection Windows

Protection windows may be different for weekdays and weekends. This information should also be documented

as it will be used when performing gap analysis to determine if changes need to be made to meet current and

future projected operation windows.

The following chart illustrates weekday and weekend operation windows.

Data

Weekdays

Weekends

File Server 8 hours 48 hours

SQL Server 1 hour 1 hour

Exchange 8 hours 48 hours

NAS Filer 8 hours 48 hours

Virtual machines (low priority) 8 hours 48 hours

Virtual machines (high priority) 8 hours 48 hours

Virtual machines (running applications) 1 hour 1 hour



Recovery Objectives

Recovery objective should be defined for data and also assigned a priority level for recovery. Recovery Time

Objectives (RTO) determine how long before a business system must be brought back online. Recovery Point

Objectives (RPO) determine the acceptable amount of data loss that can be sustained.

The following table shows RTO and RPO requirements for different data. Note that

objectives are not defined for some data. It must be determined if objectives need to be

defined or if the data is not critical to the continuation of business operations.

Data

Recovery Time Objective

Recovery Point Objective

File Server None defined 24 hours

SQL Server 1 hour 1 hour

Exchange 4 hours 24 hours

NAS Filer None defined 24 hours

Virtual machines (low priority) None defined None defined

Virtual machines (high priority) 4 hours 24 hours

Virtual machines (running applications) 1 hour 1 hour



Perform Gap Analysis

Gap Analysis is the concept of analyzing required protection goals against actual results. This requires careful

planning and analysis of results over time. It basically comes down to a simple yes or no whether goals are being

met. If goals are not being met then either environmental changes must be made or requirements must be

modified.

The following table represents a Gap analysis audit based on previous tables from this

section. This analysis will be expanded in the next section where various solutions will

be discussed to shrink the gap.

Data

On Site

Retention

Policies

Off Site

Retention

Policies

Destruction

Policies

Weekday

Window

Weekend

Window

RTO

RPO

File Server YES YES N/A YES YES Not tested YES

SQL Server YES YES NO YES YES NO NO

Exchange YES YES NO YES YES NO YES

NAS Filer NO NO N/A NO NO NO NO

Virtual

machines

(low

priority)

YES YES N/A NO YES Not tested YES

Virtual

machines

(high

priority)

YES YES N/A NO YES Not tested YES

Virtual

machines

(running

applications)

YES YES NO NO NO NO NO



Modify Protection Methods or Requirements

In some cases, modifying Simpana configurations can solve problems if requirements are not being met. In other

instances adding Simpana features can help achieve goals. Simpana configurations and features can only protect

the data as fast as the environment will let it and only store the data as long as storage capacity is available. The

following table shows various Simpana solutions to assist in meeting protection goals.

The following table proposes specific solutions to overcome or shrink the gaps between

required protection goals and actual results. This chart also illustrates additional

Simpana features that can be implemented in a CommCell environment.

Data

On Site

Retention

Policies

Off Site

Retention

Policies

Destruction Policies

Weekday

Window

Weekend

Window

RTO

RPO

File Server Test and

readdress

RTO needs

SQL Server Use VaultTracker

policies to recall and

destroy data on tapes

Use SQL database agent to multi-

stream backup/restore.

Schedule log backups hourly

Exchange Use VaultTracker



Divide and

prioritize

database

recovery

NAS Filer Policies are not being met

because protection

windows are not being

met.

Use SnapProtect if

hardware supports it.

Use NDMP dump to tape

(if attached to SAN).

Use Image level backup

Adjusting protection methods should

improve RTO and RPO. Retest after

changing methods.

Virtual

machines

(low priority)

Use VSA

agent

Test and

readdress

RTO needs

Virtual

machines

(high

priority)

Use VSA

agent

Test and

readdress

RTO needs

Virtual

machines

(running

applications)

Use VaultTracker



Use SnapProtect and

VSA if hardware

supports.

Alternately, use

application agents in VM

VSA/SnapP

rotect

provides

faster

restore /

revert snaps

With VSA/SnapProtect

snap every hour.

Alternately use agents

in machine performing

log/incremental

backups hourly.

The chapter Risk Assessment will take a more detailed look at addressing and assessing technologies and Simpana

features to assist in meeting protection requirements. It will address various technologies outside of CommVault

and their cost-value-risk trade-off. It will also go into technical details on Simpana configuration options and the

value-risk assessment for using each option.



Documents

Content Based Planning Methodology€¦ · will affect scheduling times, job priorities, and performance tuning to provide higher priority jobs with adequate resources. For recovery,