Get in touch with us



2733 Lancaster Rd, Suite 220
Ottawa, Ontario,
K1B 0A9

Office hours

Workdays at
9:00am – 6:00pm
Call us
+1 866 657 7620
+1 613 526 4945

Let’s get connected

Get in Touch


Part II: Welcome to advanced policy-driven data protection

In Part I of this blog, we explored how the complexity and growth of data centers have made manual control of data centers basically impossible, resulting in the introduction of control and management mechanisms.

In Part I, we closed discussing better and more effective monitoring and capacity planning, bringing us to automation and policy-based management. The need for complete and absolute consistency of a large environment can only be solved via the so called “desired-state” configuration. Instead of applying configurations manually to guarantee that each virtual machine and application is configured as desired, a preferred solution is to have an automation platform that can (automatically) check each workload against a desired configuration, and in case of a drift, go and correct it. Thanks to this, administrators can rest assured that each parameter will be configured as they want. 

From a data protection perspective, this also helps avoid what I like to call “policy-based anarchy.” With just policies and self-service, an environment is not completely manageable, and complete freedom can lead to anarchy. 

Let me explain this concept: Policies are a great solution to guarantee consistency, and thanks to self-service, an administrator can let users and customers decide which policy is better for their workloads. Being the application owners, they probably know better than anyone which policy is best. 

Let’s use a quick example: A data protection plan may offer different RTO values to users, like 24 hours (one backup per day), but also 12 hours or 4 hours for more critical workloads. These policies, however, have a cost associated with them: The more retention points needed, the more space on a backup device to be consumed. Also, running data protection activities during working hours (like it’s needed when selecting the 4-hour policy) would lead to additional load and pressure on the production environment that now has to consume resources at the same time to run the workloads and to feed the data protection solution with data to be saved. 

If users have complete freedom to decide which policy to apply to their workloads, the result may be a depletion of the available resources, both in terms of the data protection solution not able to complete the tasks needed to protect workloads frequently, but also the production environments may suffer. For example, the production storage at some point may not have enough storage power to serve the running workloads and all the read activities happening during the backups. 

For these reasons, policies should be carefully planned by administrators and offered as a catalog where users can choose from. Additionally, some sort of “showback” if not “chargeback,” should be implemented to make users aware of the consequences in terms of IT resources consumption, and ultimately drive them to better decisions. Users could also create a sort of internal service provider where the IT department can ask for an additional budget to be provided by other lines of business if they require additional performances from the data protection solution in use. 

In addition, the chosen data protection solution should be able to offer at the same time a policy-based framework and technologies to better integrate with the production environment and guarantee service level agreements while operating. Long gone are the days where the “backup administrators” cared just about their operations in a siloed environment. In a modern data center, where all the components are integrated with each other, every decision made at the data protection level has a consequence on other different components. 

Veeam® Backup & ReplicationTM v8, part of Veeam Availability SuiteTM, is perfectly suited for such environments thanks to its advanced capabilities. 

First of all, the scale-out capabilities. Using the same installation and simply adding more processing units (called “proxies”), Veeam can scale to protect large environments without suffering a degradation of its performances, and without requiring a painful forklift upgrade to move to a bigger version of the solution. 

Customers can pick the best-suited hardware to execute Veeam components, such as proxies or repositories. For example, a mix of fast storage arrays backed by SSD and HDD can offer a landing area for recent backups that can be stored and restored at the maximum speed. Additional areas using deduplicated appliances or tapes can lower the price per GB of a secondary location where data needs to have a longer retention at a better price. 

However, as previously stated, the data protection solution must not be a silo. On the contrary, it has to integrate with the production environment. That’s where some of the Veeam technologies come into play. 

The support for major vendor’s storage snapshots allow backups to complete with a much lower impact on the production storage and virtualized environment. Backups can now be executed during production hours without impacting production workloads. 

Backup I/O Control (patented) can monitor storage latency in real-time, and be able to throttle backup speeds so that storage latency will never raise above the defined limits. Modern data centers are moving toward an Always-On BusinessTM, where less maintenance/backup windows will be available. Being able to run backups in the middle of production hours without damaging the needed performance of a workload is a value that customer cannot ignore. 

Finally, policy-driven data protection, the topic of these blogs. Thanks to the support for vSphere tags, administrators can define activities that will protect workloads based on the “desired state” that their users will define for their workloads. Instead of manually selecting virtual machines to be added to given backup jobs, with all the risks of missing or violating a requested policy, administrators can preemptively define backup policies, and let the software apply these policies to virtual machine. Administrators can rest assured that no workload will be forgotten or protected by the wrong policy.