Chapter 9 Protecting Client Data

Similar documents
Chapter 10 Protecting Virtual Environments

Chapter 2 CommVault Data Management Concepts

Chapter 11. SnapProtect Technology

Chapter 3 `How a Storage Policy Works

Chapter 4 Data Movement Process

Executive Summary SOLE SOURCE JUSTIFICATION. Microsoft Integration

Dell Compellent Storage Center with CommVault Simpana 9.0. Best Practices

Chapter 16 Content Based Planning Methodology

Quick Start Guide - Exchange Database idataagent

User Guide - Exchange Database idataagent

Chapter 15 Technical Planning Methodology

CommVault Simpana 9 Virtual Server - Lab Validation

Chapter 1. Storage Concepts. CommVault Concepts & Design Strategies:

Administration GUIDE. Virtual Server idataagent (VMware) Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 225

Features - Microsoft Data Protection Manager

User Guide - Exchange Mailbox Archiver Agent

Administration GUIDE. IntelliSnap Virtual Server idataagent for VMware. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 277

Administration GUIDE. OnePass Agent for Exchange Mailbox. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 177

Chapter 7. GridStor Technology. Adding Data Paths. Data Paths for Global Deduplication. Data Path Properties

Administration Guide - NetApp File Archiver

Quick Start - BlueArc File Archiver

Quick Start - NetApp File Archiver

Administration GUIDE. OnePass Agent for NetApp. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 132

QUICK START GUIDE Active Directory idataagent

Quick Start Guide TABLE OF CONTENTS COMMCELL ARCHITECTURE OVERVIEW COMMCELL SOFTWARE DEPLOYMENT INSTALL THE COMMSERVE SOFTWARE

Chapter 12 Compliance, Records Management & ediscovery

Backup and Recovery Best Practices with Tintri VMstore and Commvault Simpana Software

Enhanced Protection and Manageability of Virtual Servers Scalable Options for VMware Server and ESX Server

DASH COPY GUIDE. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 31

IBM Spectrum Protect Version Introduction to Data Protection Solutions IBM

StorageCraft OneXafe and Veeam 9.5

Simplify Backups. Dell PowerVault DL2000 Family

CommVault Galaxy Data Protection 7.0 for Microsoft Exchange Systems

Administration Guide - Celerra File Archiver

Using Commvault CommCell to Back Up Data in Telefonica Open Cloud. Issue 06. Date 2018/3/16

Quick Start - Virtual Server idataagent (Microsoft/Hyper-V)

Virtual Server Agent v9 with VMware. June 2011

IBM Tivoli Storage Manager Version Introduction to Data Protection Solutions IBM

Quick Start - OnePass Agent for Windows File System

Table of Contents. Page 1 of 82. Install the Exchange idataagents Install the Exchange idataagents - Clustered Environment -Virtual Server

Administration Guide - BlueArc File Archiver

StorageCraft OneBlox and Veeam 9.5 Expert Deployment Guide

Setting Up the Dell DR Series System on Veeam

Upgrades TABLE OF CONTENTS SOFTWARE INSTALLATION DISCS SUPPORT INFORMATION - UPGRADE UPGRADE CONSIDERATIONS BACKWARD COMPATIBILITY COMMNET SERVER

Virtual Server Agent for VMware VMware VADP Virtualization Architecture

VCS-276.exam. Number: VCS-276 Passing Score: 800 Time Limit: 120 min File Version: VCS-276

User Guide. Version R95. English

Backup Solution. User Guide. Issue 01 Date

CA ARCserve Backup. Benefits. Overview. The CA Advantage

Features - Support Information

Product Name DCS v MozyPro v2.0 Summary Multi-platform server-client online (Internet / LAN) backup software with web management console

Setting Up the DR Series System on Veeam

What s new. James De Clercq (RealDolmen) Timothy Dewin (Veeam Software)

Symantec Administration of Symantec Backup Exec Download Full Version :

Editions comparison. Veeam Availability Suite. Veeam Availability Suite includes Veeam ONE

Editions comparison. Veeam Availability Suite. Veeam Availability Suite includes Veeam ONE

ZettaMirror Install Guide

Archive 7.0 for File Systems and NAS

ADMINISTRATION GUIDE EXTERNAL DATA CONNECTOR (NETBACKUP)

Vembu BDR Suite. Free vs Paid Edition. Backup & Disaster Recovery. VEMBU TECHNOLOGIES TRUSTED BY OVER 60,000 BUSINESSES

ADMINISTRATION GUIDE IntelliSnap Nimble Storage

CA ARCserve Backup for Windows

Introduction. How Does it Work with Autodesk Vault? What is Microsoft Data Protection Manager (DPM)? autodesk vault

Managing Data Growth and Storage with Backup Exec 2012

Symantec Backup Exec Blueprints

Availability for the modern datacentre Veeam Availability Suite v9.5

ST Symantec. Symantec Data Center Security: Server Advanced 6.0 Technical Assessment

Administration Guide - Documentum idataagent (DB2)

Protecting Microsoft Exchange

Veritas NetBackup for Microsoft Exchange Server Administrator s Guide

USER GUIDE. CTERA Agent for Windows. June 2016 Version 5.5

Implementation & Maintenance Student Guide

VMware Backup and Replication Enterprise Edition

Features - SRM Windows File System Agent

Symantec Backup Exec 10d for Windows Servers AGENTS & OPTIONS MEDIA SERVER OPTIONS KEY BENEFITS AGENT AND OPTION GROUPS DATASHEET

Backup & Disaster Recovery. Vembu BDR Suite. Free vs Paid Edition. VEMBU TECHNOLOGIES Copyright Vembu Technologies. All Rights Reserved

Vembu BDR Suite Free Edition

Availability for the Always-On Enterprise

SnapProtect Live Browse with Granular Recovery on VMware. May 2017 SL10336 Version 1.1.0

Vembu BDR Suite vs HPE VM Explorer

6/4/2018 Request for Proposal. Upgrade and Consolidation Storage Backup Network Shares Virtual Infrastructure Disaster Recovery

Test-King.VMCE_V8.40Q.A

Setting Up Quest QoreStor with Veeam Backup & Replication. Technical White Paper

VMware Backup and Replication using Vembu VMBackup

TABLE OF CONTENTS OVERVIEW SYSTEM REQUIREMENTS GETTING STARTED - DEPLOYMENT GETTING STARTED - DEPLOYMENT ON A CLUSTER GETTING STARTED CONFIGURATION

Configuration Guide for Veeam Backup & Replication with the HPE Hyper Converged 250 System

Data Management at Cloud Scale CommVault Simpana v10. VMware Partner Exchange Session SPO2308 February 2013


Quick Start Guide. Version R94. English

Administration GUIDE. IntelliSnap EMC VMAX/Symmetrix. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 80

Commvault Simpana 11 Best Practices for Cloud Backup Accelerator

NEXT BIG THING. Edgemo Summit Martin Plesner-Jacobsen Team Lead Nordic

Cloud Compute. Backup Portal User Guide

VMware vsphere Data Protection Evaluation Guide REVISED APRIL 2015

TABLE OF CONTENTS GETTING STARTED ADVANCED OVERVIEW SYSTEM REQUIREMENTS SUPPORTED FEATURES GETTING STARTED - DEPLOYMENT

NTP Software VFM Administration Web Site

NetApp NS0-511 Exam. Volume: 65 Questions

Installing Acronis Backup Advanced Edition

NTP Software VFM. Administration Web Site for EMC Atmos User Manual. Version 6.1

EMC Data Domain for Archiving Are You Kidding?

Transcription:

Chapter 9 Protecting Client Data

152 - Protecting Client Data A client is defined as any production source requiring protection. A server with any Simpana idataagent installed in it is considered a client and will appear in the client tree in the CommCell console. NDMP devices that are being protected will also appear as clients in the GUI though no agents will be installed on the NDMP device. CommVault software provides a wide variety of protection methods for protecting physical and virtual environments. It is important to note that when agents are installed on either a physical or virtual server they will be considered clients and will be configured and managed in the same manner. Virtual environments can also be protected using the Virtual Server Agent (VSA) which will be covered in the next chapter. Client Tree The Client Tree Structure defines a hierarchy for arranging various components of a client. This hierarchy will remain consistent throughout all clients which results in simplified administration of a CommCell environment. Diagram illustrating the client tree structure. All clients will have at least one idataagent. Clients can be associated with a client computer group. Depending on the agent installed instances can be configured. The data set will be based on the type of agent being used (backup, archive, replication). Within the data set subclients can be defined to manage content.

Protecting Client Data - 153 Components of the client tree Client Computer group Client computer groups allow the grouping of multiple clients within the group. Clients can be members of multiple groups. Client computer groups are useful for the following: Standardizing reports and alerts. By configuring reports and alerts to client groups whenever a client is added or removed from the group it will be reflected in the report or alert next time it runs. Grouping machines by function or location. In large CommCell environments it is easier to navigate clients by grouping them together by function or location. User Group Security. User group security can be defined at the client group level. Any user group associated with the client group will have granted capabilities for all clients within the group. Pushing firewall configurations. Firewall configurations can be set in the properties of the client computer group as well as associated with selected client groups. All clients within the group will have firewall configurations pushed from the client group. Bandwidth throttling. Throttling can be configured in the properties of the client group. The throttling is configured for the group and settings will take effect for each client within the group. Throttling can be configured for various days of the week and time periods within each day. Schedule Policies. Schedule policies can be created and assigned to client groups. It s important to note that when scheduling client groups with schedule policies it is not recommended to configure the schedule policy to backup all agents at the same time. Set different schedules for different agents and stagger the schedules. Client Any server configured with an idataagent within the CommCell environment will show up as a client. idataagent For each file system and application that CommVault supports and idataagent is used to protect the required data. Each idataagent is specifically designed to interact with the file or application using APIs or scripts to properly protect and manage the data. Depending on the idataagent used different options will be available. Note: In this book the terms idataagent and Agent are used interchangeably. Instance For some agents multiple instances of the application can be run on a client. For database applications that support multiple instances, each instance can be separately defined. For the Virtual Server Agent each instance can be configured to interface with VMware, Hyper-V, or Xen server.

154 - Protecting Client Data Data Set The term Data Set refers to backup, archive or replication sets. Depending on what agent is being configured the corresponding data set will appear in the client tree. By default each agent or instance will have a default data set. This set represents ALL data the agent or instance is responsible to protect. For some agents, additional data sets can be created. Each additional data set created will also represent all the data the agent is responsible for. This means using multiple data sets can result in multiple backups of the agent data. This configuration is not recommended under normal circumstances. There are special use cases where creating additional data sets may be desired. Subclient The subclient is where the actual content managed within the data set is defined. For most backup data sets (backup sets) a default subclient will appear. For backup data sets the default subclient will be enabled with autodetection capabilities. This means it will protect all data within the backup set unless the data is filtered out or explicitly defined in a separate custom subclient. Custom subclients can also be defined explicitly defining content that will be exclusive to the custom subclient. Once data is defined in the custom subclient it will automatically be excluded from the default subclient. This means data is mutually exclusive to the subclient where it s defined. Contents within a data set can only be protected once. Client Properties Client Side Deduplication This tab allows you to enable Client Side Deduplication for the Client. If the storage policy is configured to use Client Side Deduplication, the policy setting will take precedence. If the policy is not configured for Client Side Deduplication then checking the Perform client side Deduplication can be enabled for the Client. An optional Client Side Disk Cache can be used to hold a local cache of block signatures. Each subclient will maintain its own cache and the cache will only contain signatures of blocks the subclient has protected. This option is only recommended when backing up data over slow WAN links. Variable Content Alignment can be enabled for large data files, such as database dump files to improve deduplication ratios. Ratios may improve marginally and additional overhead will be required to align the blocks for proper signature generation. If you are not achieving the dedupe ratios you expect this may be an option to experiment with. For typical file data, since Simpana deduplication will automatically align blocks with the start of each file, this option is not required. Encryption Inline encryption can be used to encrypt data during primary protection operations. The encryption can take place on the Client or on the Media Agent. Encryption is enabled at the Client level and then applied at the Subclient level. This provides the flexibility of defining data which requires encryption in separate Subclients from data that does not require encryption.

Protecting Client Data - 155 Once encryption is enabled on the Client the algorithm and key length that will be used can be set. The option to use a Media Password, which will store keys on media, or not to use the password which will require CommCell Console access to recover data can be set. An additional level of protection called Pass-Phrase can also be configured. Where the Media Password is set at the CommCell or storage policy level, the Pass-Phrase is set at the Client level. Each Client server can have a unique Pass-Phrase for data recovery. An optional restore access setting With a Pass-Phrase can be set which will require administrators recovering data through the CommCell Console to enter the Pass-Phrase for recovery. Note: In the event that the Media Password is not known, contact CommVault support which can assist in recovering the password. If the Pass-Phrase is not known data CANNOT be recovered through any means using Simpana software or tools. Network Throttling Much of this book focuses on increasing the speed in which data is moved. The Network Throttling will allow you to throttle back the network bandwidth CommVault will consume. These settings can be defined for Clients or Client Computer Groups and different throttling rules can be set for different days of the week and different times of day. idataagents idataagents provide the intelligence to interface with the file system or application being protected. CommVault uses capabilities inherent in the file system or application to protect data. This means that the capabilities or limitations in CommVault s ability to protect the data are based on the systems capabilities. Through APIs or scripting, which can be automatically generated by the Simpana software, the idataagent will communicate with the file system or application. This allows the data to be in the proper state to be protected prior to running data protection operations. Enabling VSS prior to a Windows file system backup or quiescing a database prior to backup are examples of using the idataagent to properly protect required data. File System idataagents Simpana software provides file system idataagent protection for most operating systems. Depending on the operating system, specific capabilities can be used to protect data. Check with CommVault s online documentation for operating specific configuration options.

156 - Protecting Client Data The following diagram shows a file system idataagent with a data set, a default subclient and a custom subclient. Application idataagents Database idataagent The Simpana product suite supports all major database applications. Features are specific to the database application and use available API or scripting mechanisms native to the application. Mailbox idataagent For Microsoft Exchange and Lotus Notes Domino granular backup and recovery idataagents can be used to protect objects within the database. This provides a simplified and quick recovery method for objects that does not require a database restore. Document idataagents For SharePoint environments document repositories can be protected for granular level recovery operations.

Archive idataagent Protecting Client Data - 157 Archive idataagents work by moving infrequently accessed data to one or more tiers in the CommVault protected environment. This reduces production storage requirements and makes backup and recovery operations faster. Archive idataagent support: File system Exchange messages Domino mailbox Network attached storage (NAS) SharePoint documents Compliance Archive idataagent In Microsoft Exchange environments journal mailboxes can be used to intercept and preserve all messages going through the Exchange server. The journal mailboxes can be protected by CommVault and preserved for compliance and ediscovery purposes. Image Level idataagents The Image level idataagent conduct backup jobs by copying data blocks from the source volume as opposed to copying objects. This provides a faster operation by sequentially copying all data blocks and then indexing objects that have been protected. The Image Level idataagent is useful for protecting large volumes of data with a high number of objects such as a volume containing millions of small files. NAS NDMP idataagents NDMP idataagent can be used to protect data on a NAS filer. A NAS idataagent is installed on a Media Agent proxy server to backup CIFS or NFS shares from the NAS filer to the proxy. This provides granular backup and recovery using full, incremental, differential and synthetic full operations. Desktop Laptop Backup The Desktop Laptop Option (DLO) is used to protect end user workstations by incorporating source side deduplication with backup jobs to protect change data blocks. This method provides a low impact to the end user and production network. Backup data can be restored by the administrator or by the end user through the use of the end user search web interface. SnapProtect Technology SnapProtect technology provides the ability to integrate with hardware based snapshot technologies or the Simpana Continuous Data Replicator to snap and backup source volumes. The SnapProtect feature is explained in detail in the SnapProtect chapter.

158 - Protecting Client Data Subclients Subclients are used to define the actual content for protection. Depending on the idataagent, various subclient options will be available. It is important to note that server content defined at the subclient level is directed to storage through a storage policy not the server itself. This means that different data from the same server can be directed to different storage and have different retention and copies created to manage the data. This is quite different than many legacy backup products that direct server data in its entirety to storage providing no granular management of the data. The Default Subclient By default most idataagents will have a Default Subclient. During the initial installation of the agent software an option to associate agent data with a storage policy is provided. This determines the storage policy that will manage the Default Subclient data. All subclients must be associated with a storage policy to protect the data. The default subclient acts as a catch all for all data managed within a data set. This means the default subclient will automatically detect and protect all data the agent is responsible to protect. When custom subclients are defined any data managed by the custom subclient will automatically be excluded from the default subclient. This is the concept of mutual exclusiveness of contents within a data set. Data is mutually exclusive to the subclient in which it is defined and data cannot be defined in multiple subclients within the data set. The concept of Simpana software is to Copy Once and Reuse Extensively (CORE). In other words protect the data to the storage policy and use secondary copies to create additional copies of data. There are situations where protecting data from the source location multiple times may be required. To accomplish this you can create additional data sets. Modifying Contents of the Default Subclient The content of the default subclient is represented by a slash (backslash for windows based agents and forward slash for Linux/Unix based clients). It is strongly NOT recommended to modify the contents of the default subclient. Modifying this content will disable the auto detect functionality of the default subclient. If this is done any future content required for protection must be explicitly added to the subclient contents. Default Subclients without AutoDetect Some idataagents will either not define a default subclient or will not use auto-detection within the default subclient. This is because protection strategies for certain agents should NOT include all data. For these agents all data must be explicitly added. Some of these agents can have auto-detection enabled and specific rules for autodetection can be defined. For more information refer to CommVault online documentation.

Protecting Client Data - 159 Creating Custom Subclients Custom subclients can be defined to manage specific data. There are many reasons for using custom subclients and they are based on the following primary reasons: Improve protection performance Special retention requirements Specific data handling To create a custom subclient select the data set, right click and then All Tasks, New Subclient. For MS-SQL select the backup set, right click, New Subclient and then select a subclient for database or file/file group. Improving Performance Using multiple subclients can improve performance by multi-streaming protection operations. Each subclient will contain its own stream or set of streams for moving data to protected storage. Some idataagents may not support multi-streaming of subclient data. For these agents using multiple subclients would be the method to multi-stream operations. Another performance improvement method is to use multiple subclients in a stagger schedule pattern to distribute the protection load over a period of time. Full and incremental backups can be staggered throughout the week or even month. For example: Create seven subclients each for a different day of the week. Schedule a full for a subclient and then incremental backups. For the next subclient schedule the full for the next day and then incremental jobs. Repeat this for all seven subclients. Strategies for improving protection performance will be discussed throughout this book. Special Retention Requirements It is quite common in modern data centers to have different retention requirements for data on the same server. The server may require a two week retention for disaster recovery purposes, home folder data may need to be kept for 90 days, and a finance share may be required to be kept for seven years. Special Data Handling Subclients provide specific configuration options which can be used to ensure data is properly protected. If content requires specific methods for proper protection it is recommended to define the data in its own subclient and set configuration options appropriately. The following list several examples: Open File handling Using VSS or Simpana QSnap open files can be properly protected during normal protection jobs. For Windows 2003 or later VSS is recommended. For non-windows clients QSnap can be used to protect open files. It is important to note that when open file handlers initialize they create a Copy-on-Write cache. During the protection job the cache will be used to record changed blocks. If there are too many block updates or not enough cache space the operation can fail. It is strongly recommended to use open file handling only for volumes that require it. It is NOT recommended to use open files handling on system drives or drives containing application databases.

160 - Protecting Client Data Application data quiescing For applications that CommVault does not have idataagents for, the data can be backed up with a File System idataagent. To ensure application consistent backups of data, the application needs to quiesce the data. This can be accomplished by using Pre/Post process scripts that can be inserted into the subclient. Generate scripts to quiesce and unquiesce the application for pre scan and post backup operations Data filtering Filters can be set in the Global Filter applet in Control Panel and assigned to all subclients. In specific cases additional filters may need to be added or exclusions may need to be added. In this case define a separate subclient and configure the filters appropriately. Note: For a complete list of subclient settings and use cases refer to the chapter Creating & Configuring Subclients. Defining Subclient Content Depending on the file system or application different methods will be used to define content for protection. The following lists explains the basic methods for defining content for different agents: File System Data can be defined using drives, folders, files, UNC paths or file wildcards. o o o File Type Wildcards can be used to define specific file types such as *:\*\*.DOC which will protect any files with the DOC extension in any drive and any folder. Folder Wildcards can be used to define content based on the first character of a folder. For example you can use [A-M]* as content to a subclient to protect all folders starting with the letters A through M. This is useful for backing up very large folder structures when multiple subclients and stagger scheduling may be needed to meet operation windows. UNC paths can be added for protection in the add path text box in the Content tab. When the path is added an impersonate user dialog box will appear. Add a user account with proper permissions to protect the network path. File system data that will not be protected in subclients o A and B drives (unless explicitly mapped by a subclient). o Optical drives. o Mapped network drives. System State For Windows systems system state data can be defined as content. By default it will be included as part of the Default Subclient. If needed a separate subclient can be defined for system state data. This will allow the system state to be protected and retained separately from other content. Database data Databases can be defined as content at the database level. This allows different databases to be backed up and retained in separate subclient containers. Different application database such as MS-SQL and Oracle will have additional content options. Check with CommVault online documentation for more information on application specific capabilities.

Protecting Client Data - 161 Mailboxes Mailboxes can be protected using the mailbox backup, mailbox archive, or the compliance archive agents. Mailbox data can be defined as content in a number of ways. The method used to assist in defining subclient content is defined in the data set for the agent. o o o Storage Group Affinity This will allow mailboxes to be grouped and defined in separate subclients based on which Exchange storage group they belong to. Active Directory Group This will allow mailboxes to be grouped and defined in separate subclients based on Active Directory group membership. This can be useful when defining mailbox backup policies for specific user groups such as Managers or Executives. Content based on regular expressions This will allow mailboxes to be assigned to subclients based on the name of the mailbox. This can be used in conjunction with the folder wildcard concept discussed in the file system content bullet point. In this case you could use [A- M]* as content to a subclient to protect all mailboxes starting with the letters A through M. A mailbox level subclient cannot be multi-streamed. Dividing mailboxes into different subclients using wildcards can be used to multi-stream backups by executing simultaneous subclient backup jobs. VSA backups Defining subclient contents when using the Virtual Server Agent is done by associating VMs with a subclient. Discovery options are configured in backup set of the VSA instance. Depending on the discovery option selected different options will appear in the subclient contents and Auto Discovery tabs. The VSA agent is discussed in more detail in the Protecting Virtual Environments chapter. Turbo Agent (One Pass Agent) A new feature in Simpana v9 SP4 is the ability to perform backup and archive jobs in a single operation. An archive job using a standard file system archive agent is actually a backup operation that will protect all files that meet archive requirements. After the files are backed up a stubbing operation will run converting the files into stubs. The concept of using the Turbo Agent is since a backup and archive work the same way, if you run both operations concurrently the overall protection process will complete faster. To enable a file system backup for backup and archive, in the File System idataagent select the Enable for Archiving option. This will add a Rules tab for all subclients defined within the agent. Use this tab to define archiving rules for the subclient data. When a data protection job runs all data defined in the subclient will be backed up. At the conclusion of the backup, any objects that meet the defined archiving rules will then be stubbed. Currently the Turbo Agent is only supported when backing up to disk. This will also require synthetic or DASH Full backups to be run. This is required to properly prune files from the job based on the appropriate retention rules. See the Retention chapter for more information on Turbo Agent retention.

162 - Protecting Client Data Subclient Policies Subclient policies can be used as a template tool to create custom subclients and assign them multiple backup sets at the same time. Considerations for using subclient policies: Subclient policies can only be used with file system idataagents. No custom subclients can exist within the backup set prior to associating with a subclient policy. Subclient policies can be associated with the default or custom backup sets. Wildcards can be used to define the path to the content. Example: documents folder is on C:\ or D:\ drive for different backup sets. Content for subclient policy can be defined as *:\documents.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback