Professional Documents
Culture Documents
Table of Contents
Introduction ............................................................................................................................................................................................... 3 The protection landscape ..................................................................................................................................................... 3 Backup and recovery .................................................................................................................................................................... 4
CA ARCserve Backup...................................................................................................................................................................................... 4 CA ARCserve D2D ............................................................................................................................................................................................ 8 CA ARCserve Central Applications ...................................................................................................................................................... 11 Using CA ARCserve Backup and CA ARCserve D2D together .................................................................................................. 12
High availability................................................................................................................................................................................ 16
CA ARCserve High Availability ............................................................................................................................................................... 16 Using CA ARCserve Backup, CA ARCserve D2D and CA ARCserve High Availability together ................................ 19
Disaster recovery............................................................................................................................................................................. 19
Bare Metal Recovery .................................................................................................................................................................................. 19 Other CA ARCserve DR options ............................................................................................................................................................. 20 Hybrid and off-site data storage .......................................................................................................................................................... 20
Introduction
Until recently, computer protection and recovery technologies were predominantly concerned with network-based backups of server and desktop computers using tape, and perhaps disk-based, technologies. However, the protection landscape has moved on, and some of the most significant new demands include: An increasingly mobile office work force. This work force exploits reliable and widespread broadband and cellular connectivity by using laptops, personal digital assistants (PDAs) and home-based desktops. Decentralization. Growth in regional branch offices and offshore resourcing leads to demands for higher service-level agreements (SLAs) for systems availability and business continuity (BC). Widespread adoption of virtualization and cloud computing for both servers and desktops through Virtual Desktop Infrastructure (VDI). There has been a shift from local to centralized information repositories, accessed through any kind of connected device. Advances in virtualization are also enabling backup from, and recovery to, best-of-breed virtualized environments. Cost pressures. The global recession is driving outsourcing and efficiencies in capital and operational costs. Increasing adoptions of Software-as-a-Service (SaaS) solutions and distributed online applications such as Microsoft Dynamics CRM and Microsoft SharePoint. This applies where traditional cluster and failover solutions of individual servers are not sufficient. Requirements for self-service backup and recovery for laptops and desktops. The aim is to reduce IT costs and reduce downtime for end users.
Therefore, a key challenge for any system and data protection strategy is how to protect this virtual, highly mobile, remotely deployed, distributed IT infrastructure. Tools that catered for traditional responses to catastrophic events and system failures are no longer enough; organizations demand tools that help them anticipate and avert disasters. The key question is: Are your current tools going to support your future IT investmentssuch as the cloud, virtualization, high availability (HA), remote and mobile workers, new applications, new operating systems and SaaS? This paper describes how the tools and technologies in the CA ARCserve Family of Products can help improve system, application and data protection, recovery and availability. This paper provides a general technical overview of the CA ARCserve Family of Products. Other papers in this series provide detailed information about protecting virtualized server environments; using the cloud for off-site data protection and disaster recovery (DR), archiving and system failover for high availability; and protecting desktops and laptops in addition to servers.
The CA ARCserve Family of Products provides many protection, recovery and availability technologies to help organizations meet these challenges. The CA ARCserve Family of Products includes CA ARCserve Backup, CA ARCserve D2D, CA ARCserve Central Applications, CA ARCserve Replication and CA ARCserve High Availability. Customers also have two SaaS solutions available to use: CA ARCserve D2D On Demand and CA Instant Recovery On Demand.
CA ARCserve Backup
CA ARCserve Backup r16 protects both virtual and physical computers. It is designed to ensure that there is always a reliable copy of data that can be used to recover whole systems, applications and individual files and folders. A deployment of CA ARCserve Backup uses a three-tier application architecture: backup agents, backup servers and central management.
Backup agents in CA ARCserve Backup provides the link between the system or application to be backed up and CA ARCserve Backup itself. Agents use system- or application-specific mechanisms to enable consistent backups of all system or application data. A computer may use several agents, for example, a server may use the CA ARCserve Backup Client Agent for Windows, as well as application-specific agents such as the Agent for Microsoft Exchange Server or Agent for Microsoft SharePoint Server. These agents are application-aware and are used to ensure application-consistent backups and granular restore. You can easily deploy backup agents in CA ARCserve Backup by using a simple wizard-based application to install and upgrade multiple agents simultaneously. This ensures that you are running the current version of all backup agents in CA ARCserve Backup. By configuring CA ARCserve Backup to upgrade agents automatically, you can reduce the administrative effort required to maintain your backup environment. In enterprise environments, CA ARCserve Backup uses backup domains so that any agent or backup server can be managed without needing to provide separate security credentials for each computer. You can connect backup servers in a domain by using a network or a storage area network (SAN), enabling multiple computers to share the same backup devices. In this way, you can create, monitor and remove jobs from a central location (Figure 1).
Figure 1. CA ARCserve Backup r16 architecture
Backup domains enable centralized job queue management, which in turn reduces the overhead required to manage backups across the organization. There are three fundamental domain roles: CA ARCserve Backup primary backup server. The CA ARCserve Backup primary backup server enables you to submit, manage and monitor backup and restore jobs running on member servers and the primary server. You can also manage devices and licenses associated with member servers, create reports, configure alert notifications and view activity log data for all servers within a domain. You can attach storage devices, such as disk arrays and tape libraries, to primary servers. The backup database in CA ARCserve Backup. To manage the storage environment and to track backup jobs and events, CA ARCserve Backup requires a suitable database in which to store information. CA ARCserve Backup supports Microsoft SQL Server 2008 Express and Microsoft SQL Server 2005 or later as the backup database. CA ARCserve Backup member server. A member server in a CA ARCserve domain receives instructions about jobs and devices from the primary server. Member servers send information to the primary server about jobs in progress, job history and activity log data to be stored in the backup database in CA ARCserve Backup. You can attach storage devices to a member server.
CA ARCserve Backup can store backups on disk and tape devices. CA ARCserve Backup also provides an integrated Backup Copy To Cloud Storage option so that backup data can be migrated to public and private cloud storage as part of a disk-to-disk-to-cloud (D2D2C) backup policy for additional storage or recovery locations, and for archival purposes. For more information about using
5
the cloud for backups, see the following whitepaper: Leveraging the Cloud for System and Data Backup, Recovery, Availability and Archiving with CA ARCserve r16 Products. The backup process in CA ARCserve Backup CA ARCserve Backup r16 provides agents for Windows servers as well as for Microsoft applications such as Exchange, SharePoint, Internet Information Services (IIS) and SQL Server. Backup agents are also available for other applications, such as SAP, IBM Informix, Sybase and IBM Lotus Domino, and for backing up applications on non-Windows platforms such as Linux and UNIX, Apple Mac OS X and IBM AS/400, and VMware virtual machines. It is the backup agent in CA ARCserve Backup that is responsible for backing up data and sending this data to the backup device or location specified in the backup job. CA ARCserve Backup includes two technologies to ensure that all files, including those files that are flagged as open for writing by an application or operating system process, are properly backed up so that applications and database transactions remain consistent: On Windows systems, CA ARCserve Backup uses snapshots of disks by using the Volume Shadow Copy Service (VSS) to provide point-in-time recovery, without the need to disconnect users or stop applications while you perform a backup. CA ARCserve Backup also provides the Agent for Open Files (OFA), which can back up both Windows and non-Windows systems and applications.
CA ARCserve Backup supports VSS through the Agent for Open Files and the Enterprise Option for VSS Hardware Snap-Shot. VSS support in CA ARCserve Backup is automatically installed when you install the Agent for Open Files. VSS works at the volume level, so an entire volume must be processed before the backup job can begin. Each Windows VSS writer with data on that volume must prepare its files (both open and closed) before the backup job can begin. By contrast, OFA works per file, so if the files to be backed up are closed when the request for the backup is made, the backup can begin immediately. When you are backing up a small amount of data (relative to the size of the volume on which it resides), using OFA to handle open files results in a much faster backup. OFA is, therefore, typically used in the following scenarios: When backing up small amounts of data on a large volume. When backing up files on a volume that has high utilization. When backing up files that are not supported by a VSS writer.
For VSS-aware Windows applications and operating systems, CA ARCserve Backup uses VSS writers to ensure that applications and files selected for backup are in a consistent state when the shadow copy backup request is processed. This is achieved by the VSS writer suspending all writes to a volume when the shadow copy is created. CA ARCserve Backup works with VSS writers for the following applications and services on Windows operating systems that support VSS writers (Windows Server 2003 Service Pack 1 (SP1) and above, and Windows XP and above): Exchange 2010 SharePoint 2010 SQL Server 2008 Internet Information Services Microsoft Hyper-V (on Windows Server 2008 and 2008 R2, and stand-alone Microsoft Hyper-V Server) Event Log Windows Management Instrumentation (WMI) Active Directory, through the Active Directory Application Mode (ADAM) writer Oracle Database 11g
Storage and backup efficiency To deal with the demands for more and more data to be backed up, and in less time, CA ARCserve Backup r16 provides several technologies that help maximize storage and backup efficiency. Data deduplication Data deduplication enables you to reduce the amount of space required for backup. In this way, more backups can be made onto the same media and backup data can be retained for a longer time. Using data deduplication, the backup process in CA ARCserve Backup ignores redundant data and stores only unique data to disk for subsequent backup. The deduplication process works at the data-block level rather than at the file level. This approach provides greater economy and increases disk space savings when identifying data for deduplication. The first time a block is backed up, it will be copied to the backup media and a reference to this block added to an index. During later backup operations, for any files that contain the same data blocks, the block itself will not be copied to the media, but references to the original unique block will added to the file index. In this way, CA ARCserve Backup can re-create the file during restore operations. Global deduplication is an additional configurable
6
option that helps reduce potential redundancy when backing up system (i.e. C) drives that potentially contain the same operating system and application files on multiple servers, and enables such backups to complete more quickly (Figure 2).
Figure 2. Data deduplication in operation
Data deduplication is available for Windows clients, and to enable it when creating a backup job only requires a few steps. During the backup process, CA ARCserve Backup scans and segments incoming data. For each segment of data, a hashing algorithm calculates a unique value. CA ARCserve Backup compares this unique hashing value to all other segments as the backup progresses. When CA ARCserve Backup discovers a duplicate hash value, a reference is added to a file to identify the storage location of the identical data segment. During data deduplication, CA ARCserve Backup creates three files for each backup session: Index hash files store hash values associated with each data segment. Index reference files identify the hash and store the address corresponding to each hash. Data files store unique instances of data segments that you back up.
To maximize performance, the data and index files can be located on different disks. The index files use a small percentage of the overall storage space required for the total data store. The speed of access to these files is critical to the performance of the deduplication process, so you should ensure that these files are stored on a high-speed read access volume. Subsequent backups scan data, breaking it into chunks, and a hash value is calculated. If the backup process finds identical hash values, the reference file is updated with the storage location of the original segment and the backup process continues. When restoring deduplicated data from backup, CA ARCserve Backup uses the index files to identify and locate data segments before reassembling the original data stream. Synthetic full backups Synthetic full backups (SFBs) are used to further increase backup and storage efficiency. Using SFB, a previous full backup session and its subsequent incremental sessions are synthesized to a full session. SFB is new for CA ARCserve Backup r16, and is only applicable to r16 or higher Windows Client Agents (not UNIX or Linux). SFB reduces the volume of data in a backup, resulting in less data being stored, so it is particularly useful for cloud storage. SFB jobs are submitted from any CA ARCserve Backup server (primary servers, member servers and stand-alone servers). However, they can only be used with data deduplication and diskstaging devices, such as in a disk-to-disk-to-tape (D2D2T) or disk-to-disk-to-cloud scenario. Using disk staging, you can easily migrate SFB sessions to cloud storage for long-term archiving, for legal compliance and to ensure that copies of data are retained off site. SFB uses the CA ARCserve Backup Agent for Open Files on the computers that you want to back up.
Backup management An enterprise backup environment comprises many components and is distributed across many servers, storage devices and applications. To effectively monitor and maintain an enterprise environment, CA ARCserve Backup provides a range of tools to manage performance and operations efficiently. Storage Resource Management The Storage Resource Manager (SRM) features in CA ARCserve Backup enable you to easily view the status of computers and applications, and ensure that systems are functioning as expected. Systems are automatically categorized according to their role in the backup domain: Tier 1 contains high-priority nodes. Tier 2 is available for customized use. Tier 3 contains low-priority nodes.
By default, Tier 1 nodes include all CA ARCserve Backup primary and member servers. Nodes with CA ARCserve Backup application agents installed, such as Oracle, Exchange and SQL Server, are included in Tier 1. Tier 3 nodes automatically include all remaining nodes, including file system agents. Node assignments for each tier can be easily customized to meet particular organizational needs. Global Dashboard The CA ARCserve Backup Global Dashboard provides a graphical view of backup and system information gathered by CA ARCserve Backup and its backup agents, and provides a snapshot view of all backup activity. Status data is sent to the primary server, where it is stored in the CA ARCserve Backup database and queried. Information is aggregated into interactive Dashboard reports, enabling you to easily find the status of all backup jobs, identify failing backup nodes and identify whether data is encrypted and ready for disaster recovery. From these high-level views, it is easy to select specific backup nodes or jobs and obtain more detailed information. To help avoid unplanned downtime, you can also use the Global Dashboard to configure alerts to be sent when specified percentages for alert threshold levels are exceeded, such as for network bandwidth or CPU utilization. Infrastructure Visualization After backup agents have been deployed, the new CA ARCserve Backup r16 Infrastructure Visualization (IV) view provides a simple network diagram view of the entire physical and virtual environment. This diagram view includes all of the servers, storage and other devices, with primary and member servers at the top of the hierarchy under the CA ARCserve Backup domain. You can drill down and get details of specific device configurations such as CPU, operating system and memory information. You can also get quick overviews of server and device statuses, and links to relevant Dashboard reports. Using IV, you can easily see the backup status of nodes backed up by each CA ARCserve Backup server in your environment. Centralized licensing management CA ARCserve Backup simplifies license administration by managing most licensing tasks centrally from the primary backup server. This helps to reduce complexity, meet legal requirements and minimize the administrative effort required to maintain your backup infrastructure. The CA ARCserve Backup Global Dashboard provides an overview of enterprise licensing, and also enables you to obtain detailed licensing information for specific backup nodes and for individual CA ARCserve Backup products.
CA ARCserve D2D
CA ARCserve D2D r16 provides disk-based protection for physical and virtual Windows servers, desktops and laptops, enabling quick restore of files, volumes, databases and emails as well as entire systems. CA ARCserve D2D is designed to protect whole systems for rapid recovery and minimal downtime in the event of system failure. CA ARCserve D2D is designed to be extremely easy to use so that end users can perform desktop and laptop recovery procedures. CA ARCserve D2D does not have agents as such; the CA ARCserve D2D application is installed on all systems that are to be protected. Each installation can either be managed locally on that computer or configured to be managed from a central location. CA ARCserve D2D r16 supports both server and workstation operating environments, simplifying protection across your environment and saving IT time, training costs and maintenance. CA ARCserve D2D is supported on the following desktop and laptop platforms: Windows Vista, all editions, 32-bit and 64-bit.
8
Windows 7, all editions, 32-bit and 64-bit. Windows XP Professional and Windows XP Home, 32-bit and 64-bit.
CA ARCserve D2D is supported on the following server platforms: Windows Server 2008 and Windows Server 2008 R2, all editions including Server Core, 32-bit and 64-bit. Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-Vphysical host only. Windows Small Business Server 2003 R2, Windows Small Business Server 2008 and Windows Small Business Server 2011. Windows Server 2003 SP1 and R2, all editions, 32-bit and 64-bit.
CA ARCserve D2D is supported by the following applications for recovery: Exchange Server 2003 SP1, stand-alone configuration. Exchange Server 2007, stand-alone or cluster continuous replication (CCR) configuration. Exchange Server 2010, stand-alone or database availability group (DAG) configuration. SQL Server 2005 Express, Standard, Workgroup and Enterprise. SQL Server 2008 and SQL Server 2008 R2 Express, Web, Standard, Workgroup and Enterprise.
Systems can be backed up to a wide range of storage locations, including portable USB disk drives and hard disks, FireWire devices, network attached storage (NAS), SAN, file servers and network shares. In addition, by using the File Copy feature, systems can be copied to off-premise cloud storage. If a server is running Exchange, granular mailbox recovery is automatically enabled; if a server is running SQL Server, individual databases can be recovered (Figure 3).
Figure 3. CA ARCserve D2D r16 architecture
The backup process in CA ARCserve D2D A challenge for any data protection strategy, whether it aims to protect servers or workstations, is how to deal effectively with the backup of large data volumes, requiring large storage capacity and where much data is duplicated. CA ARCserve D2D includes block-level Infinite Incremental (I2 technology) backups to help reduce backup storage consumption as much as possible, and to speed up the backup and recovery process. Block-level Infinite Incremental (I2 technology) backups involve two related technologies. First, using block-level incremental tools, the volume to be backed up is divided into a number of subordinate data blocks that are then backed up. The initial backup
9
is regarded as the "parent backup" and will be a Full Backup of the entire volume to establish the baseline blocks to be monitored. Before starting the backup, a VSS snapshot is created, and then an internal monitoring driver checks each block to detect any changes. As scheduled, CA ARCserve D2D will then incrementally back up only those blocks that have changed since the previous backup. For all subsequent backups, CA ARCserve D2D will then incrementally back up only those blocks that have changed since the previous backup. CA ARCserve D2D enables you to schedule the subsequent block-level incremental backups ("child backups") as frequently as every 15 minutes to always provide accurate, up-to-date backup images. CA ARCserve D2D uses the Windows VSS writer, so it only works for Windows operating systems that support the VSS writer. These operating systems are Windows Server 2003 SP1 and above, and Windows XP and above. However, without additional steps, the incremental snapshots (backups) would continue, as often as 96 times each day (every 15 minutes). These periodic snapshots would accumulate a large chain of backed-up blocks to be monitored each time a new backup is performed, and require added space to store these ever-growing backup images. Because of this, there is a second set of technologies, Infinite Incremental backups that enable you to set a limit for the number of incremental child backups that are stored. When this specified limit is exceeded, the oldest incremental child backup is merged into the parent backup to create a new baseline image consisting of the "parent plus oldest child" blocks (unchanged blocks will remain the same). This cycle of automatically merging the oldest child backup into the parent backup repeats for each subsequent backup, enabling you to perform Infinite Incremental (I2) snapshot backups while maintaining the same number of stored (and monitored) backup images. Every time CA ARCserve D2D performs a successful backup, a point-in-time snapshot image or recovery point (RP) of the backup is also created. New in r16, CA ARCserve D2D enables you to specify the schedule settings for your recovery points to be copied (and exported if necessary). This enables you to set an export schedule, so you can recover a file, a folder or a whole machine if the primary backup destination fails. This can be launched manually (ad-hoc) or automatically based on a specified schedule. CA ARCserve D2D provides a backup speed throttling capability; you can specify the maximum speed (MB/min) at which your backups are written to reduce CPU or network utilization. This option is especially useful for cloud-based backups, to prevent the backup from consuming all available bandwidth while it is uploaded to the cloud. An important assessment exercise must therefore be to determine an appropriate level of throttling; as you lower the maximum backup speed, it increases the amount of time that it takes to perform the backup. New in r16, CA ARCserve D2D data protection can encrypt backed-up data by using secure, Advanced Encryption Standard (AES) encryption algorithms and decrypt the encrypted data after recovery. CA ARCserve D2D provides encryption password management so that you do not need to remember encryption passwords. Recovery using CA ARCserve D2D CA ARCserve D2D enables backup snapshots to occur as frequently as every 15 minutes, supporting demanding RPO requirements. As well as file and folder recovery tools, CA ARCserve D2D also provides a range of volume, application and system recovery tools to deliver on demanding RTOs, including systems restore to dissimilar hardware (discussed in the Disaster Recovery section later in this paper). 1. Basic recovery process
If you need to restore a whole volume, the most recent backed-up version of each block is located and the entire volume is rebuilt using these current blocks. During the block-level incremental backup process, CA ARCserve D2D not only captures the data, but also creates a catalog containing all information related to the operating system, installed applications, configuration settings, required drivers and so on. If necessary, you can then restore this backed-up image to recover your data or your entire machine, or recover to dissimilar hardware if necessary. 2. Explorer integration
To easily recover files and folders, CA ARCserve D2D provides Windows Explorer Shell Integration. By using the ARCserve D2D View, a list of recovery points in the folder is displayed. You can open each recovery point and browse to the individual files and folders in that RP, and then manually copy them (or use drag and drop) for quick restores of individual files from a particular RP. This approach can also be used to recover an Exchange mail object. In the normal Windows Explorer view of an RP folder, you see a list of raw data within the CA ARCserve D2D backup location, with separate catalog, index and vstore folders and no direct access to the actual backed-up files.
10
3.
Exchange granular mailbox recovery is a new r16 feature, and is enabled by using the Exchange Granular Restore Catalog option when configuring CA ARCserve D2D. An Exchange Granular Restore backup captures information about the mail message, the mail folder and the mailbox levels of Exchange in a single-pass backup through the Exchange database. With this option enabled, you can then perform granular recoveries of the Exchange database by selecting from a list of objects inside Exchange and specifying exactly what you want to recover without first having to recover or dump the Exchange database to an alternate location. Exchange granular mailbox recovery is supported on Exchange 2003, Exchange 2007 and Exchange 2010. However, Exchange granular mailbox recovery should only be enabled where such recoveries are likely to be required. When you generate an Exchange Granular Restore Catalog during each backup, it results in an increased backup window and an increased workload. This is because the backup process needs to open every mailbox and authenticate and build the granular information, which, for a large number of mailboxes, could be a time-consuming task. If you disable this option, CA ARCserve D2D just saves the basic information for Exchange. Managing CA ARCserve D2D CA ARCserve D2D is easily managed, and provides tools for ensuring compliance with legal and archive requirements. CA ARCserve D2D uses a Web 2.0 interface for configuring and managing backup and recovery tasks. CA ARCserve D2D can be remotely deployed over the network by using the CA ARCserve D2D console, with nodes added manually by name. After CA ARCserve D2D has been deployed, you can select these remote nodes from the base CA ARCserve D2D home page for management. As well as the Web user interface, there is the CA ARCserve D2D Monitor, which runs in the Windows notification area. From the Monitor, you can open the CA ARCserve D2D home page, start an immediate backup, access settings, start a restore and manually check for updates. The Web UI includes social media links to help IT get the latest information, tips and tricks, and to access community groups and CA development for additional support and problem solving. From the Advanced option in Monitor, you can access additional options such as creating the BMR boot kit, starting and stopping the CA ARCserve D2D service and configuring alert notifications. CA ARCserve D2D enables you to specify email alerts for events such as: Missed jobsany scheduled job that did not run at the scheduled time. All unsuccessful backup, catalog, file copy, restore or copy recovery point job attempts, including all failed, incomplete and canceled jobs, and crashed attempts. All successful backup, catalog, file copy, restore or copy recovery point job attempts. The free space at the backup destination being lower than a value that you specify.
You can also configure email alerts if particular performance key indicator (PKI) thresholds are met, such as CPU usage, disk throughput, memory usage and network input/output (I/O). The CA ARCserve D2D File Copy feature can help meet regulatory compliance requirements by copying and archiving important documents, emails and other critical data as necessary to comply with internal rules and external regulations. Using File Copy, you specify how long to retain data before it is purged, and then the number of file versions to retain. You can specify how often files are copied, and files can be copied to disk or to the cloud.
groups of protected computers so that you can target report data that is unique to a set of systems with common characteristics. For example, the Virtualization Most Recent Protection Status Report displays the status of all backed-up VMware and Hyper-V VMs. CA ARCserve Central Applications also provide tools to help manage and use virtualization technologies to improve system and data protection: CA ARCserve Central Host-Based VM Backup. In VMware environments, CA ARCserve D2D is used together with CA ARCserve Central Host-Based VM Backup to provide the ability to perform a single-pass backup of each VM on a VMware host server without having to install any agent or other software inside each guest VM. For more information, see the following whitepaper: Protecting Virtual Servers with CA ARCserve r16 Products. CA ARCserve Central Virtual Standby. CA ARCserve Central Virtual Standby makes CA ARCserve D2D backups available to run like regular VMware Virtual Machine Disk (VMDK) or Microsoft Virtual Hard Disk (VHD) virtual servers for rapid system recovery, and to help bring system RTOs down to a matter of minutes. For more information, see the following whitepaper: Protecting Virtual Servers with CA ARCserve r16 Products.
However, simple replication also presents its own challenges: Protecting against backup storage failure. There must be simple and reliable ways to enable continuous replication to a second storage device if the primary storage fails or for off-site storage for DR. Protecting against replicated data corruptions. Replicating data continuously means that corrupt data will also be automatically replicated. Therefore, there must be non-disruptive ways either to rewind to specific backup points or file versions, or to take periodic snapshots from the Replica server that can be used for point-in-time recoveries.
CA ARCserve Replication
CA ARCserve Replication r16 is designed to complement whatever backup solution you use. It provides continuous asynchronous replication to a second storage device if the primary storage fails or is used as off-site storage for DR. CA ARCserve Replication also provides true CDP with data rewind to complement regular backups and snapshot solutions. CA ARCserve Replication replicates data from the storage device on the Production server to storage on a Replica server located on the local area network (LAN), or to remote and cloud-hosted servers. CA ARCserve Replication provides a single solution for protecting Windows, Linux and UNIX servers and data. It can be used on both physical and virtual server environments and protects data wherever it is stored (direct attached storage (DAS), NAS and SAN). There are several options for replication:
12
One-to-one replication. For cost-effective protection, the standard CA ARCserve Replication scenarios ensure that data is continuously copied to a second Replica server. Full System replication. In a CA ARCserve Replication Full System Replication scenario, the entire source system is replicated to an offline virtual or cloud-based server. The offline Replica server can be made available if the Production server or storage is down. For more information, see the following whitepapers: Leveraging the Cloud for System and Data Backup, Recovery, Availability and Archiving with CA ARCserve r16 Products; Protecting Virtual Servers with CA ARCserve r16 Products. One-to-many replication. CA ARCserve Replication scenarios can have one Production host and multiple Replica hosts to ensure that data is stored at more than one location for disaster recovery purposes. Many-to-one replication. CA ARCserve Replication scenarios can have multiple Production hosts and a single Replica host. This type of replication can be used to help reduce costs, such as by replicating multiple DAS devices to a single device on a single physical server.
CA ARCserve Replication architecture To provide replication and CDP, CA ARCserve Replication requires several key components to be installed (Figure 4). In a basic environment, a Production and Replica server can be used to host all these components.
Figure 4. CA ARCserve Replication r16 architecture
RHA engine The Replication engine is installed on the Production (source) and Replica (target) hosts and must be running before replication can start. Engines can be installed separately on each host, through a remote installer on numerous hosts at the same time or during scenario creation. On Windows computers, the Replication engine runs as a Windows service. Scenarios A scenario defines the type of replication from the Production server to any number of designated Replica servers, and is saved as an XML file. It also establishes the data recovery procedure and includes information about: The type of application or database server to be protected. The type of data protection solution. Special tasks such as Integrity Testing for Assured Recovery. The connection details of the Production and Replica hosts. The directories, sub-directories, databases and files that will be replicated and their location on the Production and Replica hosts. Configurable properties of the scenario and the Production and Replica hosts, which affect different settings and operations, such as synchronization method, replication mode, spool size and report and event-handling rules. Recovery and Switchover/Failover parameters.
Control Service The Control Service contains the entire dataset of the existing scenarios. It is responsible for the management of all scenariorelated-tasks, such as creation, configuration, monitoring and running of the scenarios. The Control Service is typically installed on
13
a dedicated server, but can be installed on the Production or Replica server if necessary. The Control Service must be installed on a Windows computer. CA ARCserve Replication operations CA ARCserve Replication is storage-agnostic, and can protect physical and virtual server data on DAS, NAS and SAN, and cloudbased devices. On 32-bit and 64-bit Windows, CA ARCserve Replication protects the following application and database servers: Microsoft File Servers Exchange Server SharePoint Server SQL Server (including protecting BlackBerry Enterprise Server databases) IIS Microsoft Dynamics CRM Oracle databases CA ARCserve RHA Control Service Microsoft Hyper-V VMware vCenter Server Citrix XenServer
For more information about protecting virtual server environments, see the following whitepaper: Protecting Virtual Servers with CA ARCserve r16 Products. After an initial synchronization between the live (Master) server and the Replica server has completed, the Replication engine only sends file changes back to the Replica server. This technique reduces the bandwidth that is required for daily backups of remote data and applications. An Assessment Mode enables you to measure the amount of bandwidth that is required to replicate data, prior to implementation. Replication is already optimized because only changes are sent to the Replica server, but you can further optimize bandwidth and transfer time by choosing to compress data before sending it to the Replica server. CA ARCserve Replication also provides additional performance-related technologies: Multi-stream replication means that replication data can be sent over multiple IP sessions even within a single scenario. This improves replication and synchronization times for most scenarios, but has the greatest impact for customers with scenarios running across high-latency wide area network (WAN) connections. Bandwidth limiting enables you to control the size of the allowed incoming bandwidth on the Replica host. You can either define one limit size that will apply to all hours of the day, or specify different values for different hours. By using the Bandwidth Scheduler, you can decrease the bandwidth size during busy hours and increase it during off-peak hours to optimize your bandwidth resources.
Replication can be automatic, so that all changes made on the Production server are automatically replicated to the Replica server. However, to help manage replication over WAN connections, periodic replication can be configured so that replication is triggered manually or on a schedule, or aggregated and sent on a periodic basis. New in r16, CA ARCserve Replication provides full, end-to-end, 128-bit Secure Sockets Layer (SSL) encryption between on-premise and off-premise servers without the need to use third-party virtual private networks (VPNs). With r16, CA ARCserve Replication adds new protection options for Windows Server failover clustering. Using continuous replication, clustered applications using shared storage can now survive a complete loss of the shared storage hardware. CA ARCserve Replication can also now act as a replication provider to enable Windows Server 2008 stretched clustering. This highavailability solution enables cluster nodes to be connected through local or wide area networks, and provides automatic disaster recovery. Offline synchronization enables you to copy the data to be replicated to an external device and then from the device to the Replica server. This is an effective method for transferring huge data volumes with low network bandwidth, such as by physically transferring tapes or disks to the Replica server. This can be particularly useful for initial replication to off-site Replica servers such as cloud-based servers. You cannot use offline synchronization with Full System scenarios, scenarios with scheduled replication or scenarios in which the Production server is a UNIX or Linux host.
Recovery using CA ARCserve Replication Many organizations perform costly disaster recovery tests, which typically require disruptions to the production environment, but many others do not perform any testing due to time and resource constraints. Recovery testing is one of the most critical
14
components of any disaster recovery solution. The CA ARCserve Replication Assured Recovery feature enables you to perform a full test of the recoverability of your data on a Replica server. It also provides automatic disaster recovery tests for data and application recoverability; manual testing can be used when the need arises. Assured Recovery testing does not interfere with normal operations, does not require resynchronization and does not impact on high-availability or disaster recovery operations: Non-disruptive testing. When an Assured Recovery test is performed, replication to the Replica server is spooled to a disk while the replica data and applications are checked (Figure 5). Assured Recovery enables you to perform a transparent, nondisruptive test of a replicated data snapshot and to start applications to test data integrity. You can conduct this test without affecting replication or disrupting your production environment and, on completion of the test, replication continues without the need to resynchronize data. Snapshots. After the Assured Recovery test completes, you can use the Volume Shadow Copy Service to generate a snapshot of your data and application to provide additional protection for your critical data and enable a restore point. Alternatively, you can choose to enable automatic snapshot creation whenever replication is suspended. Also, when CA ARCserve Replication r16 is used with CA ARCserve Backup, VSS snapshots are automatically created after each backup. VSS snapshots enable you to create a point-in-time image copy of data on a volume, so you can restore individual files or entire volumes quickly in the event of system failure or data corruption. By combining CA ARCserve Replication with the VSS snapshot backups, you can provide rapid recovery to a known point in time by using a verified and checked copy of your data and application. The CA ARCserve Replication Manager provides a logical view of snapshots through drive letters or mount points, so you can access files and folders from snapshots, saving you time and enabling fast recovery of your data and applications.
To fully protect data, CA ARCserve Replication r16 does more than simple replication, because by just replicating data continuously, you will also automatically replicate corrupt data to another machine. CA ARCserve Replication, therefore, keeps track of all changes to your data; this record of changes can be used to create rewind points that can then be used for point-intime recovery from data corruption. You enable rewind by using the Data Rewind configurable option when creating CA ARCserve Replication scenarios. The CA ARCserve Replication rewind technology uses journals to store any file I/O operational information that results in modifications being made to a file. Using the rewind journal, it is possible to undo I/O operations and rewind the file to a previous point in time. It also provides the ability to recover data rapidly from a Replica server. Therefore, to recover a file that a user has accidentally deleted, you can use the CA ARCserve Replication recovery tools to recover lost data from the Replica server to the master server. Rewind points can be automatically and manually generated to rewind to a defined point in time. When rewinding data, you have a number of choices based on your desired recovery plan: Replace all the data on the Replica server with the data on the Production server. Rewind the Replica server to a point in time and replace all data on the Production server.
15
Rewind the Replica server to a point in time and leave the data on the Production server intact.
Note that snapshots can also be used as an alternative to data rewind in order to quickly recover lost or damaged data. Snapshots also provide an advantage over data rewind, in that all versions of a backup point are maintained even after a recovery. By contrast, after data rewind, all data changes that were captured after the rewind point are lost, potentially losing a lot of data in order to recover just one file or checkpoint.
High availability
For critical applications, data, backup and restore, BMR and other DR technologies cannot meet demanding recovery time objectives. Businesses such as financial services, healthcare, web or online sales and emergency services such as police and fire departments cannot afford system outages. In addition, any businesses that incur a high transaction volume for sales or services would also be at great risk if their systems were unavailable for any period of time. However, even applications such as email and billing can be critical to the business. Therefore, systems must be in place to ensure as uninterrupted access as possible to the application or to specific data. High-availability technologies must provide a diverse set of capabilities to meet the demands of the organization: Automation to minimize downtime and make IT more productive. Tools for simple, recurring recovery testing, for peace of mind and compliance. A single solution to cover both physical and virtual servers. Windows, Linux and UNIX support for heterogeneous environments. WAN optimization for remote deployment. Security for transmitting data to remote locations and the cloud. Failback after the Production server is repaired or replaced.
High availability must be considered as part of your wider BC and DR strategies. For example, on-site high availability helps meet BC objectives, but ensuring DR requires off-site or cloud-based high availability.
16
CA ARCserve High Availability r16 is designed to provide continuous Windows, Linux and UNIX system, application and data availability. It does this through real-time system and application monitoring, automatic and push-button failover and pushbutton failback, for supported Windows applications and services running on both physical and virtual servers: Microsoft File Servers SharePoint Server Citrix XenServer Exchange Server Microsoft Dynamics CRM Server Linux and UNIX servers Oracle databases VMware ESX and VMware vSphere SQL Server Microsoft Hyper-V IIS Other Windows-based applications can be protected with high availability by using the Custom Application Protection Wizard or by simple scripting. CA ARCserve High Availability supports failover and failback to another local server, or to remote and cloud-hosted servers. For more information about using CA ARCserve High Availability with the cloud, see the following whitepaper: Leveraging the Cloud for System and Data Backup, Recovery, Availability and Archiving with CA ARCserve r16 Products. CA ARCserve High Availability can also protect supported Linux and UNIX environments, and is designed to provide mission-critical protection. For more information about using CA ARCserve High Availability with server virtualization, see the following whitepaper: Protecting Virtual Servers with CA ARCserve r16 Products. Note: This section focuses on the HA features in CA ARCserve High Availability. However, CA ARCserve High Availability also provides the same CDP features as previously described in the CA ARCserve Replication section of this paper. CA ARCserve High Availability architecture The components used in CA ARCserve High Availability are the same as for CA ARCserve Replication, but with several additional features that are designed to support High Availability scenarios (Figure 6).
Figure 6. CA ARCserve High Availability architecture
RHA engine
17
CA ARCserve High Availability uses the same engine as CA ARCserve Replication. It is the additional scenarios that CA ARCserve High Availability provides that enable high-availability services in addition to replication and CDP. Control Service The Control Service used in CA ARCserve High Availability is the same as the one that is used in CA ARCserve Replication. However, in high-availability environments, you can protect the Control Service to ensure that CA ARCserve High Availability itself can continue to be managed if there is a problem with the server that is running the Production copy of the service. Scenarios CA ARCserve High Availability supports the same scenarios as CA ARCserve Replication. However, the Replicate to Cloud and Assessment Mode options used in CA ARCserve Replication are not available for High Availability scenarios. CA ARCserve High Availability does support cloud-based HA, though, through the new r16 Full System scenario. This scenario supports virtualization platforms such as Hyper-V, VMware ESX and ESXi, VMware vCenter and Citrix XenServer, as well as Amazon Elastic Compute Cloud (Amazon EC2) cloud-based virtual servers. You can also configure High Availability scenarios by using VPN-based connections to Replica servers hosted in private cloud infrastructures. CA ARCserve High Availability operations Failover and failback describes the CA ARCserve High Availability process in which active and passive roles change between Production and Replica servers. Failover is used if there is a problem with the Production server, and can be automatic or manual (push-button). Failback is used after the Production server has been repaired or replaced, in order to get the original Production server resynchronized with the current Production server (the original Replica server before the failover). You can configure failover between the Production and Replica servers to occur automatically when the CA ARCserve High Availability Control Service detects that the Production server is unavailable. Alternatively, you can configure failover to occur manually through the CA ARCserve High Availability Manager. You can configure automatic failover by using predefined monitoring checks, which include ping checks, database checks or user-defined checks. User-defined checks enable you to tailor CA ARCserve High Availability failover to meet specific application requirements. Push-button failovers, with automated network and end-user redirection, are also a good solution for hot migrations that can be performed live during the working day with minimal disruption to users; at the end of the migration, the new server is immediately ready to go live. For high availability, you can also create distributed groups. This unique failover technology is particularly useful in application environments where the integrity of a service depends on multiple physical or virtual servers. For example, in a SharePoint server farm, the CA ARCserve High Availability many-to-one group can be used to protect SharePoint Web front-end (WFE) servers to ensure that at least one WFE is always available. You can also use server groups with CA ARCserve High Availability to apply common scenario properties to a whole group, so that all the scenarios in the group start and stop together. You can also use group failover so that all servers in a server farm are failed over together automatically if any fail, thus ensuring data consistency across distributed applications. CA ARCserve High Availability includes several new HA-specific features: Amazon EC2 support. You can use an Amazon EC2 cloud instance as a high-availability target for Full System protection without having to manually provision the Replica server on Amazon EC2. Failover to the cloud supports Full System protection of multiple Windows Server 2003 and 2008 R2 servers to an online replication target in the Amazon EC2 cloud, application and server monitoring, continuous replication in a forward direction and offline recovery from the cloud. Amazon EC2 provides online, hosted virtual machines, and is part of Amazon Web Services (AWS); for more information, see the following whitepaper: Leveraging the Cloud for System and Data Backup, Recovery, Availability and Archiving with CA ARCserve r16 Products. Additional protection for Windows Server failover clustering. Using continuous replication, clustered applications using shared storage can now survive a complete loss of the shared storage hardware. By eliminating shared storage as a single point of failure, CA ARCserve High Availability provides an additional layer of off-site protection to deployments of Windows Server failover clustering. CA ARCserve High Availability can also now act as a replication provider to enable Windows Server failover clustering to a remote site for automatic disaster recovery. It also eliminates the clustered applications shared storage as a potential single point of failure because all data is replicated to another on-site or off-site storage device. Secure communications. CA ARCserve High Availability provides full, end-to-end 128-bit SSL encryption between on-premise and off-premise servers without the need to use third-party VPNs.
CA ARCserve High Availability provides the same Assured Recovery feature described above in the CA ARCserve Replication section of this paper. The Assured Recovery feature is designed for application and database servers, and supports both Replication and High Availability scenarios (it is not available for Control Service scenarios). However, it is best suited for High Availability scenarios because the Replica server in a High Availability scenario hosts the application or database servers, on which the test is performed, not just the data. Note: Although Assured Recovery testing is not designed for file servers and IIS servers, you can still use the Assured Recovery option with these servers for special tasks. Such tasks could include automatically suspending replication on a regular basis during several hours each day, week or month, and running scripts in this interval, or taking VSS snapshots on the Replica server. Testing of the data with File Server and IIS Server scenarios requires additional custom scripts.
Using CA ARCserve Backup, CA ARCserve D2D and CA ARCserve High Availability together
You can use CA ARCserve High Availability combined with CA ARCserve Backup or CA ARCserve D2D to get high availability and total continued data protection, and to help overcome backup window constraints. Using CA ARCserve High Availability and CA ARCserve Backup together also enables you to restore data without an impact on your business operations. CA ARCserve Backup restores data to CA ARCserve Replica servers without affecting live Production servers at all. The Replica server and live (Production) server are then resynchronized to complete the restoration process. Restoring to a Replica server also enables you to test your ability to restore data to your live environment.
Disaster recovery
It is important to properly plan and prepare for reliable disaster recovery so that systems are in place if a catastrophic event occurs. There are several key challenges for any DR plan: Meeting RPOs. Ensuring that your recovery point objectives can be reliably met, such as no more than 15 minutes worth of email data being lost in the event of system failure. Meeting RTOs. Ensuring that systems can be recovered and brought back online within the time period specified in your RTO, such as e-commerce systems being back online within one hour of a major server problem. Using non-identical hardware. If systems need to be recovered to new hardware, ensuring that reliable recovery does not require identical hardware to be installed before recovery can take place; particularly for older systems, it may not be easy to obtain replacement hardware that exactly matches a failed server within your RTO time frame. Using off-site backups. Ensuring that rapid recovery is possible from off-site backups stored on WAN and cloud locations, and without requiring slow and expensive physical shipments of recovery data.
Performing BMR requires the target computer to be booted either from the CA ARCserve D2D boot kit on a USB flash drive (used with the Windows installation media DVD), or from the ISO file on the CA ARCserve D2D CD. CA ARCserve Backup includes support for the Windows Preinstallation Environment (WinPE) to recover Windows Server 2003, Windows Server 2008 and Windows 7 systems from a disaster by using a WinPE recovery CD. With WinPE support, you can fix environment issues as part of the DR process, such as loading additional network interface card (NIC), SCSI or FC drivers, configuring IP addresses, configuring iSCSI connections and investigating disaster recovery issues.
19
To help be prepared for BMR, the CA ARCserve Backup Global Dashboard includes several reports that are specific to disaster recovery. The Node Disaster Recovery Status Report, for example, shows the nodes that have been prepared for DR and those that have not. Nodes that contain DR-protected information can be recovered using the CA ARCserve Backup Disaster Recovery Option. You can restore data from nodes that do not contain DR-protected information, but you cannot use the DR option. The Node Disaster Recovery Status Report is, therefore, helpful in analyzing and determining which nodes are adequately protected for disaster recovery, and which ones could be potential problem areas. The Recovery Point Objective Report displays the available recovery points, and where this data is stored, whether it is on CA ARCserve Replication or CA ARCserve High Availability replicated data, disk or tape. Data that has been replicated and backed up using CA ARCserve Replication or CA ARCserve High Availability scenarios can usually be recovered within minutes. Disk backups, including file system device (FSD), virtual tape library (VTL) and deduplication devices, can usually be recovered within hours. Tape backups can be either on site or off site, and can usually be recovered within a day or so, depending on tape location.
20
For more information about off-site data storage and the cloud, see the following whitepaper: Leveraging the Cloud for System and Data Backup, Recovery, Availability and Archiving with CA ARCserve r16 Products.
Summary
The tools and technologies in the CA ARCserve Family of Products help improve system, application and data protection, recovery and availability. By providing a complete solution, the CA ARCserve Family of Products helps meet todays demanding requirements for data protection, recovery and availability across the environment: physical and virtual servers; Windows, Linux and UNIX platforms; and common applications including Exchange, SQL Server, Oracle, Informix and SAP. By providing a suite of complementary and integrated system and data protection tools, the CA ARCserve Family of Products enables you to select from a range of recovery options and choose the most appropriate option for your environment. For example, you can perform granular restores of Exchange mailboxes, SharePoint folders or SQL Server tables. Using CA ARCserve Replication or CA ARCserve High Availability, you can restore directly from replicated data, or from copies of replicated data on CA ARCserve Backup. You can recover to a point-in-time snapshot, using CDP-based Data Rewind through CA ARCserve Replication or CA ARCserve High Availability, or mount VSS snapshots created through CA ARCserve Replication and High Availability Assured Recovery testing. For critical applications, you can use automatic failover for recoveries by using CA ARCserve High Availability r16 to fail over critical applications. For more information on the CA ARCserve Family of Products, please visit arcserve.com.
21
Copyright 2011 CA. All rights reserved. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. All other trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or non-infringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damage.
22