Taking Care Of Data

Time travel is perhaps the most alluring feature of continuous data protection, or CDP. In stark contrast to traditional nightly data backups to tape, CDP solutions record every change to specified file types, allowing government users to move systems backward in time--two hours or even two minutes--and recover information that was perfectly intact before a nasty virus hit or servers crashed.

Now included as part of many larger storage-protection solutions or offered by specialty vendors through software applications or standalone appliances, CDP is defined as the ability to secure data constantly as it travels between endpoints, thus eliminating the need for users to predefine points of recovery. In so doing, CDP prevents everyday disasters that occur when unsaved work falls prey to system failures that take place between scheduled 24-hour backups.

The notion of continuously protecting data naturally intrigues government agencies, although most are far from abandoning tape or other entrenched methods of data backup. Instead, government CDP adopters are beginning to call on storage, data protection and even networking resellers to devise solutions that wrap CDP into established data-protection methods.

Right now, CDP is used mostly to secure data residing on Microsoft SQL or Exchange servers. However, government users have asked CDP integrators to harness the technology to protect data residing on laptops and even to safeguard data stored in massive transactional databases.

"Now that IT organizations have had time to learn more about what CDP is and its potential benefits, we're beginning to see an increase in product deployments," says David Russell, vice president of storage technologies and strategy at Gartner, in a recent report on CDP.

Russell cites a rise in interest among government IT officials. "We have certainly gotten inquiries from government agencies asking about CDP," he says. "These users want to make sure they have current backups or they're worried about something that's been created or modified but accidentally deleted."

The nuisance around nightly backups is also fueling CDP interest, notes Corey Preville, president and CEO of CorData, a Gaithersburg, Md.-based storage integrator that sells CDP solutions to federal customers.

"There's more pressure to replicate or back up data continuously as updates occur, rather than attempt a batch copy after hours," Preville says. "In many cases, the client can no longer afford to shut down its servers at all, other than in cases of unavoidable maintenance or upgrade procedures."

CorData resells CDP products from FalconStor Software, where executives acknowledge there's a huge opportunity for VARs to educate government customers about CDP.

"VARs need to understand the value of CDP and how it fits into the whole storage infrastructure," says Jack Igoe, director of product marketing at FalconStor Software in Melville, N.Y. FalconStor offers its IPStor software, which can be installed in servers or used as part of internal or external storage devices. Alternately, users can buy the software preinstalled on FalconStor's own CDP appliances.

NEXT: A side dish of CDP.

Indeed, most government agencies will move incrementally toward CDP adoption and are now looking for a combined approach, says Paul Marsala, president of Peer Software, which offers CDP capability through its flagship product, PeerSync.

"Users want to design a framework that combines the best of tape backup, which is reliable, cheap and requires low bandwidth, and CDP, which is more efficient and provides fast data recovery," Marsala says.

Peer relies heavily on solution providers, especially to add services and navigate the involved procedures around government purchasing.

To reach more federal-government customers, CDP vendor TimeSpring Software recently landed its TimeData software on the General Services Administration's (GSA's) schedule by teaming with reseller Integrated Mass Storage Systems. TimeData is designed to protect data residing on Microsoft servers and makes use of a "lightweight piece of code" or agent that resides on Microsoft Exchange and other servers, according to Agnes Lamont, vice president of marketing at TimeSpring, Newport Beach, Calif.

"This agent understands when data or metadata is being changed, as well as when application events occur, such as transaction completions and consistency, and transfers the data to the TimeData Repository over a standard network, Internet or wide-area network," Lamont says. "The repository is where all the data changes are maintained and protected."

The GSA Schedule isn't the only way to reach government customers interested in CDP, she continues. "Some of the drivers have been paperless initiatives, case-management systems and efforts to provide public access to information and share data between agencies," she says.

Fear of losing transactional data also has government buyers eyeing CDP, adds Rick Walsworth, director of marketing at EMC. "Government agencies have large, transactionally intensive databases," he says. "The ability to utilize the replicated data for data-mining operations outside of the product-data environment is also very attractive." EMC is actively working with several government resellers to inject its RecoverPoint CDP--a network-based solution designed expressly for transaction data--into larger data-protection architectures.

NEXT: In case of emergency...

Disaster recovery is another area ripe for CDP, according to reseller Sanz Federal's Bill Hartman, vice president of Technology and Architecture.

"With the data loss due to events such as Hurricane Katrina, the interest in continuous data protection is at an all-time high," Hartman says. Sanz Federal builds in CDP capabilities by pulling from vendors CipherOptics, EMC and Symantec, he adds.

National security threats and the scars of 9/11 have also fueled interest in CDP, says Alan Horwitz, director of federal sales at CommVault Systems, Oceanport, N.J.

"There's a greater need to provide continuous availability to make sure the mission of each federal agency and department is secure," he says. CommVault offers its Continuous Data Replicator product, but leans heavily on resellers to add integration and other services to government clients.

Among government customers, there's also the more utilitarian desire to move away from tape, FalconStor's Igoe says. "The government has been tied to the traditional ways of recovering data, and that's tape. That method isn't going to continue to work as the cost, management and inefficiencies are only increasing," he says.

Realistically, batch backup-to-tape will retain a role in government agencies' sweeping processes around data protection, which is probably a prudent course, observes Gartner's Russell. "Tape gets a bad rap. It's not really that tape is problematic," he says. "It's just that there are typically a number of manual human processes that must take place to avoid errors."

Other backup media such as CD-ROM and USB drives share the same problem, says Steve Goodman, vice president of business continuity at SonicWall. "People have to burn CDs or USBs, and proactively remember to do so. If an organization is using tape, someone needs to rotate the tape--this is often forgotten--or data's recorded over by something else. Then the tapes must be manually stored. They're also easily lost or stolen."

Goodman makes clear that at SonicWall, CDP is better thought of as a capability, rather than a product. "It's a feature that we as a company firmly believe should be part of an organization's reliable backup system," he says. SonicWall offers an appliance-based solution, SonicWall CDP, which slips into clients or servers on a network. "The amount of time required to deploy SonicWall CDP is minimal because no integration is required and because there are only a few steps the VAR needs to take in order to back up an organization's data using SonicWall CDP," Goodman says.

In a study performed earlier this year, IDC found that the CDP market has been affected by the entrance of large vendors, which has boosted CDP awareness among end users.

"End users should do their homework, estimating the ROI of integrating the CDP technology into their data centers," adds Natalya Yezhkova, research manager at IDC Storage Systems. "The following questions are important to consider: What are the requirements for storage systems? How much disk capacity is consumed by CDP products? What changes in the storage infrastructure are needed to leverage the benefits of CDP technology most effectively?"

While most agree that CDP won't displace tried-and-true data-protection and backup methods, government customers must forever bear in mind a nightmare scenario, continues SonicWall's Goodman. "If a computer system crashes at 4 p.m., but the backup isn't due to start until 5, you've lost your entire day's worth of work." Solution providers are wise to remind government customers constantly of this reality, he says.

NEXT: CDP ingedients

Continuous Data Protection is actually a blend of existing methods for backing up data, according to David Russell, Gartner Research vice president of storage technologies and strategy. Some existing concepts and processes often rolled into a CDP solution include:

Replication: Storage of the same data on multiple file systems or devices, including hardware and software

Snapshot: Disk-imaging software that lets a user back up and restore data on a hard disk

Catalog: Application disk files displayed as a directory of a system's storage space

Journaling: A method of updating files by writing data to a serial log on a disk before the actual disk is updated to ensure that data can be restored if systems crash with unsaved data

Record of Change: Use of a temporary record that holds altered information before changes appear on a corresponding master record

Two Backup Choices: 'True' VS. 'Near' CDP

For some government customers, a leap from 24-hour backup to continuous data protection may be more than is necessary. Somewhere in the middle lies Near CDP.

Experts split CDP offerings into two distinct groups--True CDP solutions and Near CDP options. True CDP solutions capture each and every change to existing data and transfer the updated version immediately to a protection server disk. "With true CDP, you can go back to any point in time, and every write is provided," according to David Russell, vice president of storage technologies and strategy at Gartner.

Meanwhile, Near CDP captures data changes only at specific points in time. "With Near CDP, you get the protection of data that you would normally get in traditional 24-hour backups, but you get them in a smaller number of hours."

Russell says that neither CDP style is better than the other. Rather, it's up to users to decide, based on data types and basic requirements, which approach works best in a given data-protection situation.