Most organizations today will have multiple sites configured with critical compute and storage located in more than one site. Making sure business-critical resources in each site are protected as part of an organization’s data protection plan is extremely important. When an organization only deals with one critical site that needs resources protected, the strategy is fairly simple. However, what are some considerations and strategies organizations may look at when protecting multiple sites? Let’s take a look at backup strategies for multiple sites, what these strategies may involve, and how organizations can make sure business critical resources are protected.
Backup Strategies for protecting multiple sites
When thinking about protecting multiple sites, what are “sites”, and how are these defined? Sites can typically refer to network locations. In the networking world, a site is typically a location that has a different layer 3 address or that traffic is routed to. In thinking about a “site” in terms of having business-critical resources that need to be a part of the data protection plan for an organization can include a different physical location that may be part of the same layer 3 network address range and even layer 2 domain. Some organizations may have a direct fiber connection to another physical location that logically appears like an uplink on a switch.
So, a site may refer to a different location from a network standpoint or a different physical location that is part of the same network address space, or it could be both – different layer 3 address and different physical location. This different physical location can be down the street or in a different continent. Typically, this is the most common designation of a site. Most organizations generally assign a different network range per physical location.
After this brief overview of what may constitute a “site”, organizations need to think carefully about their backup strategies for protecting multiple sites in their data protection plans.
Considerations for Multi-site data protection plans
As the number of sites increases and the amount of business-critical data at those sites also increases, so does the complexity of an organization’s data protection plan. Data will exponentially grow due to any backup copies that are being made of the backups at each location as well as replication that may be taking pace between one site and another site.
Backup copies and replication allow organizations today to have more data agility in that recovery is much quicker, less labor intensive, and RPOs often can be more current with warm data living in backup copies and replicated virtual machines than data that exists on tape. Additionally, organizations today may want to take advantage of public cloud resources where it makes sense. Increasingly, this is more common. Instead of building out ultra-expensive DR facilities to target for backups/failover site, organizations can utilize cloud resources for disaster recovery and/or storage for backups or replicated copies.
If considering a private cloud datacenter for DR, It may not be practical to replicate all sites to that single DR facility due to storage, network, or other geographic concerns. Data movement has a cost associated with it, either from a storage I/O, data gravity, or a network latency perspective. To be efficient with data protection, organizations have to make a concerted effort to see what makes the most sense with storing backups from multiple sites as well as replication to a warm standby site.
Diversification of Data
The main objective when thinking about protecting data is making sure you have multiple copies, in multiple locations. We diversify the location of our data and by doing so we spread out our risk. We never want to have all of our data “eggs in one basket” so to speak. Additionally, when thinking about utilizing public cloud resources, organizations will want to diversify the public cloud infrastructure they use as targets for data protection backups or replicas. Spreading out backups, backup copies, etc across multiple public cloud vendors such as AWS, Azure, and Google Cloud will ensure organizations are protected from a cloud standpoint.
In most situations, organizations protecting multiple sites in their data protection plan will find that a mix of strategies is what works. Generally backing everything up to the cloud is not practical or cost effective. Conversely, using only a private cloud DR datacenter as a target for multiple sites may not be practical as well. However, using both a private cloud datacenter for certain business-critical backups and then also leveraging public cloud vendors to store copies of data, backups, and even warm standby VMs usually makes a lot of sense.
Securing Backup Data Across Sites
In today’s world of high security threats, organizations cannot make the mistake of neglecting security in all aspects of their business including backups. Organizations will want to make sure that all backups, backup copies, replicas, etc, are encrypted as they fly across the wire (in flight) as well as when they are sitting on disk (at rest). Backup data is often overlooked when it comes to protecting company data, however, it contains copies of production data! It must be protected as securely and diligently as production workloads.
Most larger organizations today will face the challenge of backing up data across multiple sites. This involves special challenges that include deciding what needs to be backed up, where do the backups from multiple sites target, and how to best utilize public cloud resources. The majority will find that choosing data protection plans that incorporate both private cloud DR resources as well as a good mix of public cloud vendors to accomplish a reasonable degree of data diversification, will protect their data and accomplish their data protection needs in a practical way.