This post is sponsored by Veeam, You can find a complimentary copy of their Conversational Ransomware Defense and Survival here.
The ability to easily restore critical data and applications always comes down to the level of priority organizations give to their backup and recovery architectures. The low-hanging fruit from a datacenter perspective is protecting virtual machines. After all, that’s where most of the important data and information now reside so it makes sense to cast the widest net. At the same time, experts warn that it’s a mistake to overlook the importance of giving equal consideration to physical servers and endpoints.
Traditional data centers commonly host applications running on Linux and Windows virtual machines with hypervisors from VMware or with Microsoft’s Hyper-V. More than a decade after VMs became the preferred infrastructure for pooling and managing workloads and for creating multitenant cloud instances, they are yet to put physical servers out to pasture as many had predicted. Physical servers are alive and well.
Given their prevalence, it’s all too easy to prioritize the protection of virtual server infrastructure. But the ability to recover a physical server, which often run critical applications and data, is just as important. Even IT pros and managers who are acutely aware of the horde of physical servers spread throughout their organizations unwittingly relegate them with secondary status. Perhaps that’s because they are legacy systems slated for migration to a SaaS offering or carry less priority or risk because they’re on a single system.
Reasons for maintaining physical servers vary. Perhaps the application is unable to run in a VM or the software vendor has prohibitive licensing terms that make running it on a physical server the only practical option. Cost, performance manageability and even organizational politics can play a role in why physical servers aren’t going away.
In cloud or hosting scenarios, many customers opting for dedicated tenants will spend extra for running their instances on physical servers for many of the same reasons. Performance and security are other factors.
Many organizations either don’t protect those physical servers along with their Windows or mobile endpoints, adequately; organizations that do backup correctly have separate approaches or tools.
If you have an enterprise backup solution architected to protect VMs, the good news is it is now possible to add those physical servers and endpoints to the same data protection platform. That gives organizations the opportunity to have a common approach in protecting physical servers, endpoints, and VMs.
Some things to consider when looking at adding physical servers and endpoints to your organization’s VM data protection architecture:
- Central management: This is especially important for large organizations that want to protect hundreds or even thousands of endpoints and physical servers. Build your different device types, such as fixed desktops and mobile devices, into Active Directory around organizational units (OUs), where you can profile your backup options.
- User interactions: In the context of backup, it’s better not to provision user interaction but rather push out the backup installation via policy.
- Permissions: Enable administrators with central permissions for OUs for backup and restore functions.
- Incremental backups: In the VM world, change block tracking (CBT) is akin to creating snapshots where only data that is changed is backed up to maximize performance. But some backup solutions also provide snapshot capabilities or CBT drivers for physical servers as well.
- Storage target management: Take advantage of central management to determine where backups are stored, whether it’s on a SAN, NAS, USB drive or the cloud.
- Storage efficiencies: CBT and data-deduplication are one approach to backing up data efficiently, but other options include compression or using Microsoft’s Resilient File System (ReFS) in Windows 2012 and above, which lets files share common logical clusters. ReFS offers block cloning, which creates copies of metadata instead of reading from and writing to the file data.
- Multiple backup targets: Having a centralized backup target provides a single place to recover, which is fine if it’s from a lost server or file. But if your primary data is hit with malware or ransomware, it’s best to have at least three targets, in different locations and, if possible, at least one offline, to provide a layered defense.
While these are just a handful of tips, it’s important to evaluate your physical servers and endpoints and make sure they are just as resilient as the VMs. A centrally managed architecture can make it easier to recover physical servers and VMs collectively, which could prove important when a failure impacts both. It will also empower your helpdesk administrators to handle routine recovery issues as well.
Make sure you’re your backup and recovery solution can protect VMs, physical servers and endpoints as a failure in any one of these buckets can have a significant impact on your ability to recover quickly.