DR Series Software 4.0.3.1 - Administration Guide

DR Series System — The DR Series system backup and recovery appliances provide both efficient and high-performance disk-based data protection to leverage the advanced deduplication and compression capabilities in the DR Series system software. The DR Series systems provide a key component that performs backup, recovery, and data protection operations.

•

Deduplication — This technology eliminates redundant copies of data and in the process it decreases disk capacity requirements and reduces the bandwidth needed for data transfer. Deduplication can be a major asset for companies that are dealing with increasing data volumes and require a means for optimizing their data protection.

•

Compression — This technology reduces the size of data that is stored, protected, and transmitted. Compression helps companies improve their backup and recovery times while helping reduce infrastructure and network resource constraints.

In general, DR Series systems are disk-based data protection appliances that offer advanced deduplication and compression capabilities to reduce the time and cost associated with backing up and restoring data. Based on deduplication and compression technology, the DR Series systems eliminate the need to maintain multiple copies of the same data. This lets customers keep more data online longer and reduce the need for tape backup dependency.

Using its deduplication and compression technology, DR Series systems can help achieve an expected data reduction ratio of 15:1. Achieving this reduction in data means that you need fewer incremental storage operations to run and it provides you with a smaller backup footprint. By removing redundant data, DR Series systems deliver fast reliable backup and restore functionality, reduce media usage and power and cooling requirements, and improve your overall data protection and retention costs.

You can extend the benefits of data deduplication across the enterprise as well by using the DR Series system deduplication replication function–to provide a complete backup solution for multi-site environments. With 64:1 deduplicated replication (32:1 for DR4000 and DR4100, 8:1 for DR2000v), up to 64 nodes can be replicated simultaneously to separate, individual containers on one node. The DR Series systems use compression with replication to shrink the data that is needed to be moved across the wire to a container.

Replication can be scheduled based on your settings to occur during non-peak periods. The replication schedule you create can be set and prioritized to ingest data over replication data to ensure the most optimal back up windows based on your needs.

Unlike NFS and CIFS containers, OST and RDS container replication is handled by the Data Management Applications (DMAs) media servers.

The DR Series system supports the 64:1 replication of data (32:1 if on the DR4000 or DR 4100 and 8:1 for the DR2000v), whereby up to 64 source DR Series systems can write data to different individual containers on a single, target DR Series system. This supports, for example, the use case where branch or regional offices can each write their own data to a separate, distinct container on a main corporate DR Series system.

NOTE: Be aware that the storage capacity of the target DR Series system is directly affected by the number of source systems writing to its containers and by the amount being written by each of the source systems.

If the source and target systems reside in different Active Directory (AD) domains, then the data that resides on the target DR Series system may not be accessible. When AD is used for authentication for DR Series systems, the AD information is saved with the file. This can serve to restrict user access to the data based on the type of AD permissions that are in place.

NOTE: This same authentication information is replicated to the target DR Series system when you have replication configured. To prevent domain access issues, ensure that both the target and source systems reside in the same Active Directory domain.

For a complete list of supported management application, refer to the DR Series System Interoperability Guide.

Encryption at rest

Data that resides on the DR Series system can be encrypted. When encryption is enabled, the DR Series system uses the Industry standard FIPS 140-2 compliant 256-bit Advanced Encryption Standard (AES) encryption algorithm for encrypting and decrypting user data. The content encryption key is managed by the key manager, which operates in either a Static mode or an Internal mode. In Static mode, a global, fixed key is used to encrypt all data. In internal mode, key lifecycle management is performed in which the keys are periodically rotated. The minimum key rotation period before the content encryption key can be rotated and a new key is generated is 7 days. This rotation period is user-configurable and can be specified in days. A user-defined passphrase is used to generate a pass phrase key, which is used to encrypt the content encryption keys. It is mandatory to define a passphrase to enable encryption. The system supports up to a limit of 1023 different content encryption keys.

NOTE: Due to export regulations, the encryption at rest feature is not available in certain markets, and, therefore, may not be available in your locale.

Streams and connections

This topic describes the differences between data streams and application connections.

Streams refer to the number of files written at the same time to a DR Series system. The DR Series system tracks the number of files being written and assembles the data into 4–MB chunks before processing that section of the data. If the stream count is exceeded, the data is processed out of order and overall deduplication savings can be affected. For details on maximum stream count, see the DR Series System Interoperability Guide.

Connections are created by applications; and, within a single connection, there can be multiple streams depending on the application and the number backup jobs running in parallel over that single connection. Replication can use up to 16 streams over a single port using one connection.

For example, suppose you are running backups using Backup Exec and using DR4100 and the CIFS protocol. If you have:

•

One Backup Exec server connected to the DR4100 over CIFS and one backup running, you have one connection and one stream.

•

One Backup Exec server connected to the DR4100 over CIFS with 10 concurrent backups running, you have one connection and ten streams. This means that Backup Exec is writing ten different files to the DR4100.

Replication

Replication seeding

Reverse replication

Reverse replication: alternate method

Rapid Air Gap

Replication is the process by which key data is saved from storage locations, with the goal of maintaining consistency between redundant resources in data storage environments. Data replication improves the level of fault-tolerance, which improves the reliability of maintaining saved data and permits accessibility to the same stored data.

The DR Series system uses an active form of replication that lets you configure a primary-backup scheme. During replication, the system processes data storage requests from a specified source to a specified replica target, which acts as a replica of the original source data. This replica can then be cascaded optionally to a third location called a Cascaded replica for an additional copy.

NOTE: The DR Series system software includes version checking that limits replication only between other DR Series systems that run the same system software release version. If versions are incompatible, the administrator is notified by an event.

Replicas/Cascaded replicas are read-only and are updated with new or unique data during scheduled or manual replications. The DR Series system can be considered to act as a form of a storage replication process in which the backup and deduplication data is replicated in real-time or via a scheduled window in a network environment. In a replication relationship between two or three DR Series systems, this means that a relationship exists between a number of systems. One system acts as the source and the other as a replica, with an optional third cascaded replica if you have chosen to keep two instances of replicated data in your backup workflow.

Replication is done at the container level and is one directional from source to replica to optional cascaded replica; however, since replication is done at the container level you can set up various containers to meet your specific replication requirements for your specific workflow. This form of replication is supported for the CIFS, NFS, Rapid CIFS, and Rapid NFS protocols and is fully handled by the DR Series system.

NOTE: Refer to the DR Series Interoperability Guide for information about the maximum number of files replicated per container at a time per DR Series system.

For VTL type containers, replication is done at the cartridge level, and the system replicates the media/tape cartridges from a source DR Series system to a target DR Series system. The media is replicated to the target with the same markers. This condition restores successfully for a multi-domain environment; however, if the source and target are in the same domain, the media must be re-serialized on the target side once replication completes to successfully restore. This requires you to activate the VTL container, and change the bar codes of the tapes on the target DMA.

Unlike VTL, NFS, CIFS, Rapid NFS or Rapid CIFS containers, RDA with OST, RDA with NetVault Backup, and RDA with vRanger container replication is handled by the media servers of the respective Data Management Applications (DMAs).

The DR Series system supports the 64:1 replication of data (32:1 if on DR4X00 and 8:1 on DR2000v), whereby up to 64 source DR Series systems can write data to different individual containers on a single, target DR Series system. This supports the use case where branch or regional offices can each write their own data to a separate, distinct container on a main corporate DR Series system.

NOTE: The storage capacity of the target DR Series system is directly affected by the number of source systems writing to its containers, and by the amount being written by each of the source systems.

If the source and target systems (replica or cascaded replica) are in different Active Directory (AD) domains, then the data that resides on the target system may not be accessible. When AD is used to perform authentication for DR Series systems, the AD information is saved with the file. This can act to restrict user access to the data based on the type of AD permissions that are in place.

Please select your product:

To serve you better, please complete the Purpose of your Chat:

Recommended Solutions for Your Problem

DR Series Software 4.0.3.1 - Administration Guide

Data deduplication and compression

Encryption at rest

Streams and connections

Replication