At the core of the on-premises data protection vault discussion is the recovery point objective (RPO) problem. RPO measures the amount of data considered acceptable to lose for a given workload.
In the case of a point-of-sale database, for example, the answer to this is probably "zero." At any time, someone could be making a transaction. If that point-of-sale database were rolled back to a version even one second old, a sale could be missed, which would not only mean the organization's financials were off, but inventory records could be affected. It could even affect someone's tips, bonuses, or whether or not they met their sales quota.
Losing even a fraction of a second of data from some workloads can be a serious problem.
Consequently, these real-time workloads usually use application-native clustering to ensure their data is replicated to multiple sites. They often have their own data protection solutions and requirements that no third-party solution is ever going to fully cover. That's just life in IT.
For these workloads—which are also almost always the workloads that require the lowest RTOs—disaster recovery typically involves failing over to another cluster member. It wouldn’t require restoring these workloads from backup except under the most exceptional of circumstances.
Once we receive workloads with real-time requirements, the discussion changes. Rolling a workload back to a previous version does happen, almost always because the production copy of the workload got hit by ransomware. Here, workloads exist in two groups: application-consistent workloads, and crash-consistent workloads.
With application-consistent workloads, if the production copy of the workload is ever terminated less than gracefully (due to abrupt power loss, for example), bad things happen. These might be databases, mail servers, or similar workloads.
Application-consistent workloads are the sort that should be operating in application-native clusters, but where rolling back to a previous version is considered acceptable because there are other ways to recover the lost data. In the case of a mail server, this could be because the spam filter keeps a buffer of the past few days of mail messages and can "replay" the sent messages if required.
Similarly, certain financial databases might be fine to roll back because they only receive their orders from something that can be replayed. Perhaps an application (typically an e-store package) writes an individual XML file for every order, and these orders are read by a parser, which both injects the information into the database and moves the parsed file into a “done” folder. Replaying the transactions in this case is as simple as selecting the missed transactions in the “done” folder and moving them back into the input folder.
Crash-consistent workloads are the kind where it doesn't matter if the workload has a high RPO. Workloads like render engines, where patches and the configuration are the only things that might change over the course of years, can be restored from backups with minimal effort or grief.
Modern, cloud-first data protection solutions, like SolarWinds Backup, are designed so that they don’t have to pull the whole backup image of a workload down to roll that workload back to a previous version. If your workload became compromised by ransomware, for example, you could roll the workload back to a previous version and only have to pull down the changed blocks. This is designed to compete with one of the greatest advantages of an on-premises data protection vault: the near-zero RTO it can provide.
Modern backup solutions can also perform a “continuous restore.” Essentially, they pre-warn a disaster recovery location in anticipation of a planned failover. This removes the RTO constraints from planned outages. And in the case of unplanned outages, as previously discussed, having an on-premises data protection vault won't matter because both that vault and production compute capacity will be equally affected.
On-premises data protection vaults cost money to buy or build. They cost time and money to manage and maintain. And, ultimately, most workloads don't typically need them.
For those workloads where the lowest possible RTO matters, and application-native clustering isn't the answer, by all means—use an on-premises data vault. Similarly, if internet connectivity is unreliable where you are, having the on-premises vault to back up to during outages may matter. Everything else, however, may be okay simply backing up directly to the cloud.
It's important to differentiate those data protection vendors marketing their solution as "cloud first" from those who are marketing it as "cloud only." Cloud only can be bad, for all the reasons mentioned above. Some workloads need on-premises data protection vaults, and a reliable data protection solution should offer them as an option.
SolarWinds Backup is designed with the default as cloud backup without involving an on-premises data protection vault; but workloads should still be evaluated on an individual basis. Those workloads that truly need to use an on-premises vault should have that option.
This is a big change in the industry approach to data protection. For most organizations, it can dramatically lower the costs associated with on-premises data protection vaults. Fewer workloads backing up to them means they can be smaller and even less complicated.
There is no one data protection approach that will fit all workloads. However, you should be able to make informed choices based on your specific needs.
As part of your decision making, bear in mind that SolarWinds Backup offers tiered pricing based on the number of instances protected, and that pricing includes cloud storage. If you’re interested in giving it a try, you can do so here.
Carrie Reber is senior product marketing manager for SolarWinds MSP.
© 2018 SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd. All rights reserved.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.