How to Manage Critical Data Stored in Microsoft Exchange Server 2010

W
H
I
T
E
P A
P
E
R
How to Manage Critical Data
Stored in Microsoft Exchange
Server 2010
By Hitachi Data Systems
April 2012
2
Table of Contents
Executive Summary and Introduction
3
Mission-critical Microsoft Exchange Server
4
Data Protection beyond Microsoft Exchange Server Capabilities
4
Enterprise Data Protection beyond Database Availability Groups
5
Diverse Data Protection Requirements
5
Hitachi Data Systems Protection Strategy
6
Adopt Service Level Protection
6
Reduce the Volume of Data Copied around for Protection
8
Enable Application Intelligence
9
Data Protection Solutions for Microsoft Exchange Server
10
Hitachi Data Protection Suite 10
Hitachi Content Platform 10
Hitachi In-System Heterogeneous Replication Bundle and Hitachi In-System
Replication Bundle
11
Hitachi Application Protector 11
Hitachi VSS Hardware Provider
11
Virtual Tape Library Solutions from Hitachi Data Systems, with FalconStor
11
Summary
11
Appendix A — Resources
13
3
Executive Summary and Introduction
As organizations of all sizes rely on email more than ever before to conduct daily business operations, Microsoft Exchange Server has become a mission-critical system. The release of Microsoft
Exchange Server 2010 added significant data protection capabilities for enhanced resiliency,
addressing many of today's high-availability and recovery demands. However, some enterprise
organizations may have unique protection requirements that go beyond Microsoft Exchange Server
2010 capabilities. These may include streamlined administration and ease of use, protection for
both active and passive email data, and complete support for virtualized email environments.
To help you protect, manage, archive and recover mission-critical data stored in Microsoft Exchange
Server email repositories, the Hitachi Data Systems (HDS) protection strategy focuses on 3 key data
protection tenets: adopting service level protection, reducing the volume of data copied around for
protection, and enabling application intelligence. With this approach, you can decide which recovery
tier and services to implement beyond the native capabilities of Microsoft Exchange Server 2010.
This white paper discusses how Hitachi Data Systems data protection solutions for Microsoft
Exchange Server 2010 can help you get the most from your Microsoft Exchange Server system
investments while ensuring the robust data protection your organization needs.
4
Mission-critical Microsoft Exchange Server
Regardless of your organization's size, if it has come to rely on email more than ever before to
conduct daily business operations, then Microsoft Exchange Server has become one of its missioncritical systems. Email must be available continuously or for extended periods of time with minimal
interruption. In the event of a failure, email databases must be restored in as short an amount of
time as possible. The more critical the email, the more quickly it needs to be restored.
Built to deliver the security and reliability most businesses require, Microsoft Exchange Server 2010
includes a new, unified approach for high availability and disaster recovery. The Microsoft Exchange
Server Database Availability Groups (DAG) capability makes it easier to implement site resilience
and provides automatic failover at the database level without the complexity of traditional clustering.
Using DAG, your organization can protect against logical data corruption and recover from deleted
mailboxes.
DAG enables your administrators to group sets of mailbox servers that use continuous replication to update database copies, communicate to manage failures affecting individual databases,
and provide automatic recovery from a variety of failures on the disk, server and data center levels.
With DAG, a database-level disruption such as a disk failure no longer affects all users on a server.
Because DAG eliminates the strong tie between databases and servers, administrators can more
easily move between database copies in the event of corruption or disaster. This change, coupled
with faster failover times (as little as 30 seconds) can dramatically improve your organization's overall
uptime.
However, email databases in enterprise organizations can be extensive and may run on virtualized
servers, requiring longer periods of time to back up and restore. Although DAG is an excellent disaster recovery mechanism that protects against entire mailbox deletion, some enterprise organizations
may require greater flexibility and more granular backup and restore functions for their enterprise
email systems. This document provides details on how you can achieve better backup and restore
granularity for Microsoft Exchange Server 2010 environments.
Data Protection beyond Microsoft Exchange
Server Capabilities
Enterprise organizations face unique data protection challenges that can go beyond what Microsoft
Exchange Server 2010 provides by itself. With large numbers of users distributed across multiple
global locations, today's organizations create more email data than ever before. The typical corporate user sends and receives about 110 messages daily and the number of worldwide email
accounts is projected to increase to over 3.8 billion by 2014.1 This explosive growth and sprawl
of data, combined with the ever-shrinking backup window, can make it impossible for enterprise
organizations to meet recovery time objectives (RTO), recovery point objectives (RPO), or even the
backup window.
The Radicati Group: “Email Statistics Report, 2010”. http://www.radicati.com/wp/wp-content/uploads/2010/04/EmailStatistics-Report-2010-2014-Executive-Summary2.pdf
1
5
Enterprise Data Protection beyond Database Availability Groups
To address enterprise data protection objectives, organizations often require solutions beyond the
DAG technology in Microsoft Exchange Server 2010. These solutions include streamlined administration and ease of use, protection for both active and passive email data, and complete support for
virtualized email environments.
Protecting email data using DAG alone can be a manual process. IT administrators often must do
the math to determine which backup jobs need to run at what frequency and from which source to
which target. Because of these ease-of-use challenges with DAG, administrators typically need to
have a high level of storage expertise or fluency with data protection best practices. Furthermore,
data is protected in a way that is different from the context in which users would access it, adding to
the complexity of DAG backup and restore functionality.
With DAG alone, organizations may also face difficulty protecting both active and passive email
data. If a server hosting the data that is being backed up is a member of a DAG and hosts both active and passive database copies, the operation will fail. In addition, DAG copies on different nodes
within the cluster cannot be protected by different protection servers.
Because Microsoft Exchange Server 2010 does not support running a DAG copy of Microsoft
Exchange on a Hyper-V cluster, the DAG member cannot be virtualized. Without this important
capability, organizations are unable to leverage virtualization to achieve reductions in the number of
physical servers or increases in utilization of each server. This can result in higher costs for server
floor space, power and cooling. Organizations also miss the backup and recovery advantages that
virtualization can provide; virtual machines are easier to back up online in their entirety and more
portable to restore to dissimilar hardware.
Diverse Data Protection Requirements
With continuous growth and sprawl of data, each enterprise organization also faces increasingly
diverse data protection requirements. For example, as more organizations seek to run their email
systems on virtualized servers to reduce infrastructure capital costs, floor space and power consumption, they can face higher complexity associated with protecting virtualized environments. This
is primarily due to a lack of available physical resources in the servers. Traditional data protection
solutions deploy resource-intensive backup agents in the physical server, which copy and move
data from production storage to a back-end disk or tape target. Although this approach can work
well in a limited storage capacity and on servers with excess processing cycles available, virtual environments reduce the number of available resources. This makes excess CPU cycles and network
bandwidth scarce, or even unavailable. Organizations may also wish to use deduplication techniques in order to move data to backup targets within a shorter window, but the limited CPU cycles
in a virtualized environment often prohibit deduplication processes.
Managing increasing volumes of enterprise email data also requires granular backup and restore
capabilities, particularly in industries with specific archiving needs for meeting compliance or legal
mandates. Executives may need email recovered faster than standard employees. Healthcare organizations, financial services firms or public sector agencies may need to recover data from a single
date or on a specific topic quickly, rather than retrieving entire mailboxes. An enterprise organization
may need both local and remote recovery protection, particularly in disaster scenarios. Providing this
granular level of backup, recovery and archive capability without significant IT effort or disruption to
end users can be extremely challenging.
6
Each organization needs to decide how critical email systems are to its business, and what corresponding recovery tier and services are appropriate beyond the native DAG capability in Microsoft
Exchange Server 2010. Archiving and compliance requirements for certain industries may demand
granular restore capabilities rather than an entire database restore. Operational recovery requirements may necessitate restoring a specific service, instead of restoring a whole location. Other
organizations may have unique disaster recovery requirements for restoring a whole location in the
event of a natural disaster, or malware or virus protection requirements for restoring a corrupted
service in the event of an infection.
Hitachi Data Systems Protection Strategy
HDS understands the critical role Microsoft systems play in organizations today, as well as the
diverse data protection requirements each enterprise has. Hitachi Data Systems data protection
solutions for Microsoft Exchange Server 2010 are designed to address the specific business issues
unique to government and enterprise-class email systems. To help you protect, manage, archive
and recover mission-critical data stored in Microsoft Exchange Server email repositories, the HDS
approach focuses on 3 key data protection tenets: adopting service level protection, reducing the
volume of data copied around for protection and enabling application intelligence (see Figure 1).
Figure 1. Hitachi Data Systems focuses 3 key data protection tenets.
Adopt Service Level Protection
By creating data protection service levels (or protection tiers) to meet protection objectives, you
can optimize protection while lowering overall costs (see Figure 2). Depending on the criticality and
7
unique protection requirements for each tier of data, a different technology can be implemented for
each service level. For example, you might use snapshot technology to meet protection objectives
for operational recovery from corruption, hardware crashes or deletion. For disaster recovery from
catastrophic site disasters, you might utilize replication technology to meet protection objectives.
With enhanced ease-of-use and automation techniques in HDS data protection solutions for Microsoft Exchange Server 2010, your IT administrators can focus on service level agreements instead of
individual backup jobs.
Figure 2. Use data protection tiers to leverage appropriate technologies for each service
level to meet protection objectives.
Within service levels, HDS provides a range of tools to help you reach your required recovery time
objectives (RTO) and recovery point objectives (RPO) (see Figure 3). For example, because data can
be recovered almost instantaneously from snapshots, the tools minimize RTO. Similarly, replication
can make instantaneous (sync) or near-instantaneous (async) copies of data, thereby reducing RPO.
Newer continuous data protection (CDP) solutions can combine both technologies and provide
the ability to recover from any point in time, including periodic application-consistent points. This
8
is especially valuable for high transaction rate financial institutions and other critical areas. These
point-in-time copies can be created as frequently as every 15 minutes and mounted as standalone
Microsoft Exchange Server databases for greater recovery flexibility.
Figure 3. Using disk as the backup target (B2D) in a tape emulation mode (virtual tape
library or VTL) is least disruptive, while snapshots and replication can minimize RPO and
lower RTO.
Reduce the Volume of Data Copied around for Protection
Moving inactive data to a content storage platform can reduce the amount of data that needs to
be protected (see Figure 4). With less data, less time is required for protection and recovery. This
minimizes the protection or backup window required and the protection or backup infrastructure
needed. By choosing a content platform that has built-in data protection, the archive target becomes more secure.
With HDS data protection solutions for Microsoft Exchange Server 2010, you gain the flexibility
to protect both active and passive email data. For example, Hitachi Data Protection Suite (HDPS)
is aware of both active and passive copies and will perform a successful backup of both copies.
Multiple DAG copies on different nodes within the cluster can be protected by different HDPS servers. More importantly, this protection approach also allows simplified protection of large Microsoft
Exchange Server configurations by multiple HDPS servers.
9
Figure 4. Moving inactive data to a content storage platform minimizes the amount of data
requiring protection, reducing the protection or backup window.
Enable Application Intelligence
By enabling intelligent, application-aware protection, you can more efficiently protect only what has
changed and recover only the essential data needed. Using application integration for applicationspecific protection, you gain more administrative control over when and how applications are
protected.
Because application integration enables replication of only the absolutely necessary information, this
approach reduces the protection window and related infrastructure, while making it easier to meet
RPOs as copies are made at higher frequency. You can restore only the essential pieces of information you need, even to the granular level of individual mail messages, while also making copies
at a higher level (using snapshots of the entire Microsoft Exchange Server database). Application
integration also allows your administrators to capture changes as they occur, enabling recovery from
any point in time, with application consistency that minimizes the protection window. By automating
recovery of applications, this approach further minimizes RTOs, going beyond the protection offered
by replication, conventional backup or clustering products alone.
With support for running mailboxes on virtualized servers, you can leverage virtualization to reduce
the number of physical servers and increase utilization of each server, lowering costs for server floor
space, power and cooling. You also gain the backup and recovery advantages that virtualization can
provide: virtual machines are easier to back up online in their entirety and more portable to restore to
dissimilar hardware.
10
Data Protection Solutions for Microsoft
Exchange Server
The HDS approach incorporates a consistent data protection strategy across a portfolio of data
protection solutions for Microsoft Exchange Server. The range of solutions includes archiving,
backup and restore, and replication capabilities to help you protect, manage, archive and recover
mission-critical data stored in Microsoft Exchange Server email repositories. HDS data protection
solutions for Microsoft Exchange Server 2010 not only support full DAG implementation for typical
deployments, but also go beyond Microsoft Exchange Server to address the unique requirements of
enterprise organizations.
Hitachi Data Protection Suite
Providing high-performance data protection, data management and universal data availability for
complex heterogeneous storage networks, Hitachi Data Protection Suite offers enterprise-class
backup and restore for Microsoft Exchange Server. HDPS delivers reliable data recovery and lowcost retention, and integrates global, embedded deduplication to reduce backup by up to 90% and
archive Microsoft Exchange Server data stored on disk and tape. You can archive email and reduce
mailbox growth, and administer compliance options designed to meet e-discovery and government
oversight requirements. Your administrators gain control with a unified, easy-to-use graphic user
interface for centrally managing servers, networks and storage and for shared handling of backup
and archive email.
Tight integration with Hitachi Content Platform (HCP) provides intelligent policy-based data movement that enables seamless tiering to the cloud as part of your tiered architecture. This provides
a robust backup system with the option to connect Hitachi In-System Heterogeneous Replication
bundle, Hitachi In-System Replication bundle or Virtual Tape Library Solutions by Hitachi Data
Systems with FalconStor.
Hitachi Content Platform
Hitachi Content Platform is a hardware product that provides a robust and highly scalable solution
for Microsoft Exchange Server archiving requirements, either as a direct target for Microsoft
Exchange Server journaling or in concert with Hitachi Data Protection Suite. As a virtualized distributed object store, HCP offers advanced storage and data management capabilities that can
help you address challenges posed by the ever-growing volume of unstructured data. HCP can be
divided into a number of virtual content platforms, each of which can be uniquely configured for a
particular workload. This allows your administrators to manage a single infrastructure that supports
a wide range of data types, applications, and users with the specific level of service each needs,
eliminating storage silos.
Hitachi Content Platform is ideal for preserving data over long periods of time. Whether for legal,
compliance, business or IT practices, Hitachi Content Platform technologies — including data integrity checking, RAID-6, replication, encryption, WORM, audit logging and more — ensure that data
remains accessible and in its original form for years.
11
Hitachi In-System Heterogeneous Replication Bundle and
Hitachi In-System Replication Bundle
Point-in-time copy using Hitachi In-System Heterogeneous Replication bundle (for enterprise systems) or Hitachi In-System Replication bundle (for modular systems) allows you to retrieve data from
a specific point in time before data corruption happened. It can also be used to run tests or utilities
to proactively determine if a problem may be likely to occur. The bundles provide the option of Hitachi ShadowImage® Heterogeneous Replication or ShadowImage Replication software clones, which
are full-copy clones, or simple snapshots for space-efficient storage.
Hitachi Application Protector
Hitachi Application Protector (HAPRO) was designed from the ground up to use pointer-based
snapshot technology that leverages Microsoft Volume Shadow Copy Service (VSS). It provides
backup, recovery and data protection services that are application consistent. Hitachi Application
Protector understands how and where the primary data stores and supporting files (such as log
files) are stored on the system. Application consistency ensures that all application-related data
changes are being tracked and backed up at the requested point-in-time so that recovery is guaranteed. By using pointer-based snapshot technology, backup images are quickly and easily created,
while efficiently using storage space to maintain changes to the data stores and files for easy and
fast recovery.
Hitachi VSS Hardware Provider
Hitachi VSS Hardware Provider takes near-instant volume snapshots that allow the backup
server to access data over the SAN and minimize the impact over the application network. Server
optimization also improves performance for data transfers, reducing backup windows.
Virtual Tape Library Solutions from Hitachi Data Systems, with
FalconStor
FalconStor is a Hitachi Data Systems partner that provides disk-based data protection, including
virtual tape storage with built-in deduplication capability. The Virtual Tape Library Solution delivers
proven, comprehensive data protection that facilitates the continuous availability of business-critical
data.
Summary
Because Microsoft Exchange Server systems are mission-critical to your business, HDS data
protection solutions for Microsoft Exchange Server 2010 help you protect, manage, archive and
recover mission-critical data stored in Microsoft Exchange Server email repositories. To address
the specific business issues unique to government and enterprise-class email systems, the HDS
approach focuses on 3 key data protection tenets: adopting service level protection, reducing the
volume of data copied around for protection and enabling application intelligence.
With HDS data protection solutions for Microsoft Exchange Server 2010, you can decide which
recovery tier and services to implement beyond the native capabilities of Microsoft Exchange Server
12
2010. HDS solutions help you reduce the amount of Microsoft Exchange Server backup data and
available backup window requirements by archiving to Hitachi Content Platform, meet RPO and RTO
service level agreements with various back-up-to-disk solutions for Microsoft Exchange Server, and
improve critical-application integration and intelligence.
To learn more about HDS data protection solutions for Microsoft Exchange Server 2010, contact your
local Hitachi Data Systems account representative or visit www.HDS.com.
13
Appendix A — Resources
See how HDS data protection solutions for Microsoft Exchange Server 2010 and other Hitachi
solutions can help protect your email infrastructure:
■■Hitachi
Data Protection Suite: http://www.hds.com/products/storage-software/data-protection-
suite.html
■■Hitachi
Converged Platform for Microsoft Exchange Server: http://www.hds.com/products/con-
verged/converged-platform-ms-exchange.html?WT.ac=us_mg_pro_conpme
Corporate Headquarters
750 Central Expressway
Santa Clara, California 95050-2627 USA
www.HDS.com
Regional Contact Information
Americas: +1 408 970 1000 or info@hds.com
Europe, Middle East and Africa: +44 (0) 1753 618000 or info.emea@hds.com Asia Pacific: +852 3189 7900 or hds.marketing.apac@hds.com
Hitachi is a registered trademark of Hitachi, Ltd., in the United States and other countries. Hitachi Data Systems is a registered trademark and service mark of Hitachi, Ltd., in the United
States and other countries.
All other trademarks, service marks and company names in this document or website are properties of their respective owners.
Notice: This document is for informational purposes only, and does not set forth any warranty, expressed or implied, concerning any equipment or service offered or to be offered by
Hitachi Data Systems Corporation.
© Hitachi Data Systems Corporation 2012. All Rights Reserved. WP-433-A DG April 2012