Definition: A storage area network (SAN) is a type of local area network (LAN) designed to handle large data transfers.

A SAN typically supports data storage, retrieval and replication on business networks using high-end servers, multiple disk arrays and Fibre Channel interconnection technology. SAN technology is similar but distinct from network attached storage (NAS) technology. While SANs traditionally employ low-level network protocols for transfering disk blocks, a NAS device typically works over TCP/IP and can be integrated fairly easily into home computer networks. The term SAN can sometimes refer to system area networks instead of a storage area network. System area networks are clusters of high performance computers used for distributed processing applications requiring fast local network performance. Storage area networks, on the other, are designed specifically for data management. Also Known As: Storage Area Network, System Area Network One way to categorize the different types of computer network designs is by their scope or scale. For historical reasons, the networking industry refers to nearly every type of design as some kind of area network. Common examples of area network types are:
y y y y y y y y

LAN - Local Area Network WLAN - Wireless Local Area Network WAN - Wide Area Network MAN - Metropolitan Area Network SAN - Storage Area Network, System Area Network, Server Area Network, or sometimes Small Area Network CAN - Campus Area Network, Controller Area Network, or sometimes Cluster Area Network PAN - Personal Area Network DAN - Desk Area Network

LAN and WAN were the original categories of area networks, while the others have gradually emerged over many years of technology evolution. Note that these network types are a separate concept from network topologies such as bus, ring and star. LAN - Local Area Network A LAN connects network devices over a relatively short distance. A networked office building, school, or home usually contains a single LAN,

though sometimes one building will contain a few small LANs (perhaps one per room), and occasionally a LAN will span a group of nearby buildings. In TCP/IP networking, a LAN is often but not always implemented as a single IP subnet. In addition to operating in a limited space, LANs are also typically owned, controlled, and managed by a single person or organization. They also tend to use certain connectivity technologies, primarily Ethernet and Token Ring. WAN - Wide Area Network As the term implies, a WAN spans a large physical distance. The Internet is the largest WAN, spanning the Earth. A WAN is a geographically-dispersed collection of LANs. A network device called a router connects LANs to a WAN. In IP networking, the router maintains both a LAN address and a WAN address. A WAN differs from a LAN in several important ways. Most WANs (like the Internet) are not owned by any one organization but rather exist under collective or distributed ownership and management. WANs tend to use technology like ATM, Frame Relay and X.25 for connectivity over the longer distances. LAN, WAN and Home Networking Residences typically employ one LAN and connect to the Internet WAN via an Internet Service Provider (ISP) using a broadband modem. The ISP provides a WAN IP address to the modem, and all of the computers on the home network use LAN (so-called private) IP addresses. All computers on the home LAN can communicate directly with each other but must go through a central gateway, typically a broadband router, to reach the ISP. Other Types of Area Networks While LAN and WAN are by far the most popular network types mentioned, you may also commonly see references to these others:
y y

Wireless Local Area Network - a LAN based on WiFi wireless network technology Metropolitan Area Network - a network spanning a physical area larger than a LAN but smaller than a WAN, such as a city. A MAN is typically

y y y

owned an operated by a single entity such as a government body or large corporation. Campus Area Network - a network spanning multiple LANs but smaller than a MAN, such as on a university or local business campus. torage Area Network - connects servers to data storage devices through a technology like Fibre Channel. ystem Area Network - links high-performance computers with highspeed connections in a cluster configuration. Also known as Cluster Area Network.

Definition: A VPN utilizes public telecommunications networks to conduct private data communications. Most VPN implementations use the Internet as the public infrastructure and a variety of specialized protocols to support private communications through the Internet. VPN follows a client and server approach. VPN clients authenticate users, encrypt data, and otherwise manage sessions with VPN servers utilizing a technique called tunneling. VPN clients and VPN servers are typically used in these three scenarios: 1. to support remote access to an intranet, 2. to support connections between multiple intranets within the same organization, and 3. to join networks between two organizations, forming an extranet. The main benefit of a VPN is the lower cost needed to support this technology compared to alternatives like traditional leased lines or remote access servers. VPN users typically interact with simple graphical client programs. These applications support creating tunnels, setting configuration parameters, and connecting to and disconnecting from the VPN server. VPN solutions utilize several different network protocols including PPTP, L2TP, IPsec, and SOCKS. VPN servers can also connect directly to other VPN servers. A VPN server-toserver connection extends the intranet or extranet to span multiple networks.

Many vendors have developed VPN hardware and software products. Some of these do not interoperate due to the immaturity of some VPN standards. Also Known As: virtual private network

Question: What Are the Advantages and Benefits of a VPN? A VPN - Virtual Private Network - is one solution to establishing longdistance and/or secured network connections. VPNs are normally implemented (deployed) by businesses or organizations rather than by individuals, but virtual networks can be reached from inside a home network. Compared to other technologies, VPNs offers several advantages, particularly benefits for wireless local area networking. Answer: For an organization looking to provide a secured network infrastructure for its client base, a VPN offers two main advantages over alternative technologies: cost savings, and network scalability. To the clients accessing these networks, VPNs also bring some benefits of ease of use. Cost Savings with a VPN A VPN can save an organization money in several situations:
y y y

eliminating the need for expensive long-distance leased lines reducing long-distance telephone charges offloading support costs

VPNs vs leased lines - Organizations historically needed to rent network capacity such as T1 lines to achieve full, secured connectivity between their office locations. With a VPN, you use public network infrastructure including the Internet to make these connections and tap into that virtual network through much cheaper local leased lines or even just broadband connections to a nearby Internet Service Provider (ISP). Long distance phone charges - A VPN also can replace remote access servers and long-distance dialup network connections commonly used in the past by business travelers needing to access to their company intranet. For example, with an Internet VPN, clients need only connect to the nearest service provider's access point that is usually local. Support costs - With VPNs, the cost of maintaining servers tends to be less than other approaches because organizations can outsource the needed

support from professional third-party service providers. These provides enjoy a much lower cost structure through economy of scale by servicing many business clients. VPN Network Scalability The cost to an organization of building a dedicated private network may be reasonable at first but increases exponentially as the organization grows. A company with two branch offices, for example, can deploy just one dedicated line to connect the two locations, but 4 branch offices require 6 lines to directly connect them to each other, 6 branch offices need 15 lines, and so on. Internet based VPNs avoid this scalability problem by simply tapping into the the public lines and network capability readily available. Particularly for remote and international locations, an Internet VPN offers superior reach and quality of service. Using a VPN To use a VPN, each client must possess the appropriate networking software or hardware support on their local network and computers. When set up properly, VPN solutions are easy to use and sometimes can be made to work automatically as part of network sign on. VPN technology also works well with WiFi local area networking. Some organizations use VPNs to secure wireless connections to their local access points when working inside the office. These solutions provide strong protection without affecting performance excessively. Limitations of a VPN Despite their popularity, VPNs are not perfect and limitations exist as is true for any technology. Organizations should consider issues like the below when deploying and using virtual private networks in their operations: 1. VPNs require detailed understanding of network security issues and careful installation / configuration to ensure sufficient protection on a public network like the Internet. 2. The reliability and performance of an Internet-based VPN is not under an organization's direct control. Instead, the solution relies on an ISP and their

quality of service. 3. Historically, VPN products and solutions from different vendors have not always been compatible due to issues with VPN technology standards. Attempting to mix and match equipment may cause technical problems, and using equipment from one provider may not give as great a cost savings.

Virtual private network technology is based on the idea of tunneling. VPN tunneling involves establishing and maintaining a logical network connection (that may contain intermediate hops). On this connection, packets constructed in a specific VPN protocol format are encapsulated within some other base or carrier protocol, then transmitted between VPN client and server, and finally de-encapsulated on the receiving side. For Internet-based VPNs, packets in one of several VPN protocols are encapsulated within Internet Protocol (IP) packets. VPN protocols also support authentication and encryption to keep the tunnels secure. Types of VPN Tunneling VPN supports two types of tunneling - voluntary and compulsory. Both types of tunneling are commonly used. In voluntary tunneling, the VPN client manages connection setup. The client first makes a connection to the carrier network provider (an ISP in the case of Internet VPNs). Then, the VPN client application creates the tunnel to a VPN server over this live connection. In compulsory tunneling, the carrier network provider manages VPN connection setup. When the client first makes an ordinary connection to the carrier, the carrier in turn immediately brokers a VPN connection between that client and a VPN server. From the client point of view, VPN connections are set up in just one step compared to the two-step procedure required for voluntary tunnels. Compulsory VPN tunneling authenticates clients and associates them with specific VPN servers using logic built into the broker device. This network device is sometimes called the VPN Front End Processor (FEP), Network Access Server (NAS) or Point of Presence Server (POS). Compulsory tunneling hides the details of VPN server connectivity from the VPN clients and effectively transfers management control over the tunnels from clients

to the ISP. In return, service providers must take on the additional burden of installing and maintaining FEP devices. VPN Tunneling Protocols Several computer network protocols have been implemented specifically for use with VPN tunnels. The three most popular VPN tunneling protocols listed below continue to compete with each other for acceptance in the industry. These protocols are generally incompatible with each other. Point-to-Point Tunneling Protocol (PPTP) Several corporations worked together to create the PPTP specification. People generally associate PPTP with Microsoft because nearly all flavors of Windows include built-in client support for this protocol. The initial releases of PPTP for Windows by Microsoft contained security features that some experts claimed were too weak for serious use. Microsoft continues to improve its PPTP support, though. More - About PPTP Layer Two Tunneling Protocol (L2TP) The original competitor to PPTP for VPN tunneling was L2F, a protocol implemented primarily in Cisco products. In an attempt to improve on L2F, the best features of it and PPTP were combined to create a new standard called L2TP. Like PPTP, L2TP exists at the data link layer (Layer Two) in the OSI model -- thus the origin of its name. Internet Protocol Security (IPsec) IPsec is actually a collection of multiple related protocols. It can be used as a complete VPN protocol solution or simply as the encryption scheme within L2TP or PPTP. IPsec exists at the network layer (Layer Three) of the OSI model. The Virtual Private Network - VPN - has attracted the attention of many organizations looking to both expand their networking capabilities and reduce their costs. The VPN can be found in workplaces and homes, where they allow employees to safely log into company networks. Telecommuters and those

who travel often find a VPN a more convenient way to stay connected to the corporate intranet. No matter your current involvement with VPNs, this is a good technology to know something about. This VPN tutorial involves many interesting aspects of network protocol design, Internet security, network service outsourcing, and technology standards. What Exactly Is A VPN? A VPN supplies network connectivity over a possibly long physical distance. In this respect, a VPN is a form of Wide Area Network (WAN). The key feature of a VPN, however, is its ability to use public networks like the Internet rather than rely on private leased lines. VPN technologies implement restricted-access networks that utilize the same cabling and routers as a public network, and they do so without sacrificing features or basic security. A VPN supports at least three different modes of use:
y y y

Remote access client connections LAN-to-LAN internetworking Controlled access within an intranet

Read more - About VPN Applications VPN Pros and Cons Like many commercialized network technologies, a significant amount of sales and marketing hype surrounds VPN. In reality, VPNs provide just a few specific potential advantages over more traditional forms of wide-area networking. These advantages can be significant, but they do not come for free. The potential problems with the VPN outnumber the advantages and are generally more difficult to understand. The disadvantages do not necessarily outweigh the advantages, however. From security and performance concerns, to coping with a wide range of sometimes incompatible vendor products, the decision of whether or not to use a VPN cannot be made without significant planning and preparation. Read more - Advantages and Disadvantages of VPNs

Technology Behind VPNs Several network protocols have become popular as a result of VPN developments:
y y y y

PPTP L2TP IPsec SOCKS

These protocols emphasize authentication and encryption in VPNs. Authentication allows VPN clients and servers to correctly establish the identity of people on the network. Encryption allows potentially sensitive data to be hidden from the general public. Many vendors have developed VPN hardware and/or software products. Unfortunately, immature VPN standards mean that some of these products remain incompatible with each other. Read more - VPN Technologies The Future of VPN Virtual private networks have grown in popularity as businesses to save money on remote network access for employees. Many corporations have also adopted VPNs as a security solution for private Wi-Fi wireless networks. Expect a continued gradual expansion in use of VPN technology to continue in the coming years.

1. Open the Windows Control Panel. 2. Open the Network Connections item in Control Panel. A list of existing dial-up and LAN connections will appear. 3. Choose the 'Create a new connection' item from the left-hand side of the window. The Windows XP New Connection Wizard will appear on the screen. 4. First click Next to begin the wizard, then choose the 'Connect to the network at my workplace' item from the list and click Next.

5. On the Network Connection page of the wizard, choose the 'Virtual Private Network connection' option and click Next. 6. Enter a name for the new VPN connection in the 'Company Name' field and click Next. The name chosen need not match the name of an actual business. 7. Choose an option on the 'Public Network' screen and click Next. The default option, 'Automatically dial this initial connection' can be used if the VPN connection will always be initiated when the computer is not already connected to the Internet. Otherwise, choose the 'Do not dial the initial connection' option. This option requires that the public Internet connection be established first, before this new VPN connection will be initiated. 8. Enter the name or IP address of the VPN remote access server to connect to, and click Next. Company network administrators will provide this information. 9. Choose an option on the "Connection Availability" screen and click Next. The default option, 'My Use Only,' ensures that Windows will make this new connection available only to the currently logged on user. Otherwise, choose the 'Anyone's use' option. 10. Click Finish to complete the wizard. The new VPN connection information has been saved. Tips: 1. While no practical limits exist on what may be entered in the 'Company Name' field, choose a connection name that will be easy to recognize later. 2. Take special care to key the VPN server name/IP address data correctly. The Windows XP wizard does not automatically validate this server information. What You Need:
y y

Computer running Microsoft Windows XP Host name and/or IP address of a VPN remote access server

Definition: Routers are physical devices that join multiple wired or wireless networks together. Technically, a wired or wireless router is a Layer 3 gateway, meaning that the wired/wireless router connects networks (as gateways do), and that the router operates at the network layer of the OSI model. Home networkers often use an Internet Protocol (IP) wired or wireless router, IP being the most common OSI network layer protocol. An IP router such as a DSL or cable modem broadband router joins the home's local area network (LAN) to the wide-area network (WAN) of the Internet. By maintaining configuration information in a piece of storage called the routing table, wired or wireless routers also have the ability to filter traffic, either incoming or outgoing, based on the IP addresses of senders and receivers. Some routers allow the home networker to update the routing table from a Web browser interface. Broadband routers combine the functions of a router with those of a network switch and a firewall in a single unit. See also>broadband routers

What is a snapshot Snapshot is a common industry term denoting the ability to record the state of a storage device at any given moment and preserve that snapshot as a guide for restoring the storage device in the event that it fails. A snapshot primarily creates a point-in-time copy of the data. Typically, snapshot copy is done instantly and made available for use by other applications such as data protection, data analysis and reporting, and data replication applications. The original copy of the data continues to be available to the applications without interruption, while the snapshot copy is used to perform other functions on the data. Snapshots provide an excellent means of data protection. The trend towards using snapshot technology comes from the benefits that snapshots deliver in addressing many of the issues that businesses face. Snapshots enable better application availability, faster recovery, easier back up management of large volumes of data, reduces exposure to data loss, virtual elimination of backup windows, and lowers total cost of ownership (TCO).

Back to top How snapshots are implemented There are different implementation approaches adopted by vendors to create snapshots, each with its own benefits and drawbacks. Therefore, it is important to understand snapshot implementations in order to be able to build effective data protection solutions and identify which functions are most critical for your organization to help select the snapshot vendor accordingly. This section describes commonly used methodologies for creating the snapshot. Copy-on-write A snapshot of a storage volume is created using the pre-designated space for the snapshot. When the snapshot is first created, only the meta-data about where original data is stored is copied. No physical copy of the data is done at the time the snapshot is created. Therefore, the creation of the snapshot is almost instantaneous. The snapshot copy then tracks the changing blocks on the original volume as writes to the original volume are performed. The original data that is

being written to is copied into the designated storage pool that is set aside for the snapshot before original data is overwritten, hence the name "copy-on-write". Before a write is allowed to a block, copy-on-write moves the original data block to the snapshot storage. This keeps the snapshot data consistent with the exact time the snapshot was taken. Read requests to the snapshot volume of the unchanged data blocks are redirected to the original volume, while read requests to data blocks that have been changed are directed to the "copied" blocks in the snapshot. Snapshot contains the meta-data that describes the data blocks that have changed since the snapshot was first created. Note that original data blocks are copied only once into the snapshot storage when the first write request is received. The following diagram illustrates a snapshot operation that creates a logical copy of the data using copy-on-write method.

Figure 1. Copy-on-write illustration

Copy-on-write snapshot might initially impact performance on the original volume while it exists, because write requests to the original volume must wait while original data is being "copied out" to the snapshot. The read requests to snapshot are satisfied from the original volumes if data being read hasnt changed. However, this method is highly space efficient, because the storage required to create a snapshot is minimal to hold only the data that is changing. Additionally, the snapshot requires original copy of the data to be valid. IBM FlashCopy (NOCOPY), AIX JFS2 snapshot, IBM TotalStorage SAN File System snapshot, IBM General Parallel FIle System snapshot, Linux Logical Volume Manager, and IBM Tivoli Storage Manager Logical Volume Snapshot Agent (LVSA) are all based on copy-on-write. Redirect-on-write This method is quite similar to copy-on-write, without the double write penalty, and it offers offers storage space and performance efficient snapshots. New writes to the original volume are redirected to another location set aside for snapshot. The advantage of redirecting the write is that only one write takes place, whereas with copy-on-write, two writes occur (one to copy original data onto the storage space, the other to copy changed data). However, with redirect-on-write, the original copy contains the point-in-time data, that is, snapshot, and the changed data reside on the snapshot storage. When a snapshot is deleted, the data from the snapshot storage must be reconciled back into the original volume. Furthermore, as multiple snapshots are created, access to the original data, tracking of the data in snapshots and original volume, and reconciliation upon snapshot deletion is further complicated . The snapshot relies on the original copy of the data and the original data set can quickly become fragmented. IBM N series and the NetApp Filer snapshot implementation is based on redirecton-write. Split mirror Split mirror creates a physical clone of the storage entity, such as the file-system, volume, or LUN for which snapshot is being created, onto another entity of the same kind and the exact same size. The entire contents of the original volume are copied onto a separate volume. Clone copies are highly available, since they are

exact duplicates of the original volume that resides on a separate storage space. However, due to the data copy, such snapshots cannot be created instantaneously. Alternatively, a clone can also be made available instantaneously by "splitting" a pre-existing mirror of the volume into two, with the side effect that original volume has one fewer synchronized mirror. This snapshot method requires as much storage space as the original data for each snapshot. This method has the performance overhead of writing synchronously to the mirror copy. EMC Symmterix and AIX Logical Volume Manager support split mirror. Additionally, any raid system supporting multiple mirrors can be used to create a clone by splitting a mirror. Log structure file architecture This solution uses log files to track the writes to the original volume. When data need to be restored or rolled back, transactions from the log files are run in reverse. Each write request to the original volume is logged much like a relational database. Copy-on-write with background copy (IBM FlashCopy) Some vendors offer an implementation where a full copy of the snapshot data is created using copy-on-write and a background process that copies data from original location to snapshot storage space. This approach combines the benefits of copy-on-write and split mirror methods as done by IBM FlashCopy and EMC TimeFinder/Clone. It uses copy-on-write to create an instant snapshot and then optionally starts a background copy process to perform block-level copy of the data from the original volume (source volume) to the snapshot storage (target volume) in order to create an additional mirror of the original volume. When a FlashCopy operation is initiated, a FlashCopy relationship is created between the source volume and target volume. This type of snapshot is called a COPY type of FlashCopy operation. IBM incremental FlashCopy Incremental FlashCopy tracks changes made to the source and target volumes when the FlashCopy relationships are established. This allows the capability to refresh a LUN or volume to the source or target's point in time content using only the changed data. The refresh can occur in either direction, and it offers improved flexibility and faster FlashCopy completion times.

This incremental FlashCopy option can be used to efficiently create frequent and faster backups and restore without the penalty of having to copy entire content of the volume . Continuous data protection Continuous data protection (CDP), also called continuous backup, refers to backups of data when a change is made to that data by automatically capturing the changes to a separate storage location. CDP effectively creates an electronic journal of complete storage snapshots. CDP is different from other snapshot implementation method described in this section because it creates one snapshot for every instant in time that data modification occurs as opposed to one point-in-time copy of the data created by other methods. CDP-based solutions can provide fine restore granularities of objects, such as files, from any point in time to crash consistent images of application data, for example database filer and mailboxes.

Back to top Snapshot and storage stack A storage stack is comprised of many hardware and software components that render physical storage media to the applications that run on a host operating system. The diagram below shows commonly used storage stack layers. Aside from different snapshot implementation methods, snapshot solutions can be implemented in many layers in the storage stack. Broadly, snapshots can be created in software based layers or in hardware based layers. This is also categorized as controller-based (storage device or hardware driven) snapshot or host-based (filesystem or volume managers) snapshots. Controller-based snapshots are managed by storage subsystem hardware vendors and are integrated into disk arrays. These snapshots are done at LUN level (block level) and are independent of the operating system and file systems.

Host-based snapshots are implemented between the device driver and file-system levels. Snapshot can be performed by file systems, volume managers, or third party software. Host based snapshots have no dependency on the underlying storage hardware but depend on the file-system and volume manager software. Also these snapshots operate on the logical view of the data as opposed to the physical layout of the data which is used by the controller-based snapshot.

Figure 2. Storage stack and snapshot

Below are some vendors and products with snapshot solutions at different storage stack layer.
y

y y

Storage subsystems: IBM TotalStorage Disk Systems, EMC Symmetrix, NetApp NAS Virtualizations: IBM Total Storage SAN Volume Controller Volume Managers : Veritas Volume Manager, Linux LVM, IBM Tivoli Storage Manager LVSA, Microsoft Windows 2003 VSS System provider

File systems: AIX JFS2, IBM TotalStorage SAN File System, IBM General Parallel File System, IBM N series, NetApp filers, and Veritas File System

Key observations regarding storage stack: The storage stack layer in which snapshot is implemented has implications on the data protection solutions. Following are key observations that must be noted.
y

Physical storage (provided by storage subsystems) and volume managers, which facilitate use of physical storage, are two essential components in any meaningful storage implementation. These layers are always present. Use of file system is optional, as some applications may choose to use the logical volume directly, for example database applications, which cannot be managed by snapshot technologies at the file system layer The application layer in the stack may not necessarily provide a snapshot solution, but rather back-up mechanisms tied to the next storage stack layer it interfaces with, that is, file systems or volume managers. This includes quiescing the I/O to allow for a consistent data view. Each layer ensures data consistency at its level, hence the buffers in the layers above it need to be flushed out before creating a snapshot. File systems and volume manager-based snapshots are typically easy to use and provide better recovery granularity than the hardware-based snapshots. Hardware-based snapshots provide protection against hardware failures and better performance. Many implementations offer data consistency groups to ensure consistency across more than one storage unit, such as LUN.

Back to top Snapshot implementations at a glance The table below provides a quick look at the various aspects of each of the snapshot implementations described above.

Table 1. Snapshot Implementations Overview at a Glance

Copy-onwrite Log IBM with Redirect structure incremen Continuous CopySplit backgrou -onfile tal data on-write mirror nd copy write architect FlashCop protection (IBM ure y FlashCop y) Yes: the Yes: the unchang No: the unchang Snapshot ed data mirror ed data requires is contains is original accesse full copy accessed copy of d from of the from the data the data original original copy copy

Yes: the Only Only until No-Most unchange until backgrou implementati d data is backgrou nd copy ons include a accessed nd copy is replica of the from the is complete original copy original complete copy

Yes: in most Yes:in cases most space cases No: required space requires Yes: spaces only for required same Spacechanged only for amount of required efficient data for the changed space as changed exceptio data. original data ns such Check data as IBM with the FlashCop vendor y exist. Check

No: requires same amount of space as original data

No: requires same amount of space as original data

Yes: space required depends on the amount and frequency of changes to data when multiple point-in-time copies need to be kept.

with the vendor High: High: software software I/O and based based snapshot Low: after CPU snapsho mirror is performa None: High: t None: Low: Low : hardwar split High: nce Implementati overhead hardwar performe performe prior to overhead e-based on specific: incurred e-based d by the d by the the split snapshot on the Check with in logging snapsho storage storage to keep system s the vendor the ts hardwarehardware the mirror (perform with writes (Impact synchroni original ed by on the zed copy of the storage the data storage hardwar hardwar e) e) High: first Write None: None: High: overhead write to writes write data on the are overhead writes original block directed is incurred must be copy of results in to new before the logged the data addition blocks split al write Protectio n against logical data errors Yes: changes can be rolled back or synched Yes: Yes: data changes from the can be mirror rolled must be back or copied. synched Typically Yes: the changes can be rolled back High: High: first High: Each first write to write results write to data in a data block correspondin block results in g write to the results in additiona storage additiona l write space l write Yes: Yes: another another FlashCop FlashCop y can be y can be created created in the in the Yes: changes can be synched back into the original copy

back intoback the into the original original copy copy

slower since changes are not tracked.

reverse reverse direction direction. Typically faster, since only the changed blocks are copied Full Full protectio protectio Implementati n after n after on-specific: backgrou backgrou Check with nd copy nd copy the vendor is is complete complete

Protectio n against None: physical valid media original failures of copy the must original exist data

None: valid original copy must exist

None: Yes: the valid split original mirror is a copy full clone must exist