Vaulting Over Backups: The Pros, Cons
September 11, 2007 Robert Gast
The notion of vaulting is really rather enticing. For a nominal monthly subscription fee, you can transmit critical business data securely over the Web to a backup site that is carefully maintained on your behalf. But what about the security and speed of the Web? Is it robust enough for enterprise-level backup? Furthermore, do vaulting solutions offer support for the increasing number of IT departments that use other platforms in addition to System i boxes?
Compared to traditional backup methods that involve tape, vaulting solutions support recovery point objectives that are relatively short. Vaulting solutions fall into a class of backup technologies that are referred to as Continuous Data Protection (CDP) and near-CDP products. In a report compiled by IDC titled “Data Protection –VTL, D-to-D, CDP and the Impact on Tape,” prognosticators say the market for such solutions will grow to $50 billion in software and hardware through 2010, largely as a result of pent-up demand.
Tossing Out Your Tapes and Drives
One can find answers to many of life’s puzzles by talking to people who have already done what you’re thinking of doing. Corrpro Companies, for example, implemented a vaulting solution last year. Corrpro, headquartered in Medina, Ohio, is in the business is of providing corrosion control engineering services, systems, and equipment to energy companies and others that have a significant investment in pipelines and similar capital assets.
Mike Lemon, IT manager for the company says, even though his 150 users rely heavily on their iSeries model 810 for back-office tasks, he doesn’t have a pressing need for immediate recovery. According to Lemon, “We can stand to be down for a little while.”
Lemon installed VAULT400 from United Computer Group (UCG) in December 2006. VAULT400 is a managed service for secure online backup and recovery that is based on technology developed by EVault. “We were actually looking for an LTO tape solution to replace our Magstar tape drive when UCG brought their vaulting storage solution to our attention,” explains Lemon. UCG is a an IBM reseller based near Cleveland, Ohio.
Lemon says the System i agent for VAULT400 uses AES 128 to encrypt data. AES is also known as Rejndael (rain doll). The National Security Agency (NSA) says AES 128 is secure enough to use with classified information. Following the encryption process, VAULT400 compresses approximately 34GB of data every evening. Then, it transmits the compressed files–about 48MB–to UCG’s backup site in Columbus, Ohio, over a standard Internet connection. “When we had the tape backup system,” Lemon says, “it took about four hours to run a backup. With VAULT400 it takes about an hour, so we’ve recovered about three hours of processing time.”
Lemon concedes that he probably spent a little more money than he intended, but, he’s now reaping monetary benefits because he doesn’t have to buy tapes and doesn’t need anyone to baby-sit the backup process. Furthermore, he doesn’t have to hire a company to pick them up and store them offsite. “It’s really hands off,” Lemon says. “And, I don’t have to worry about media errors, write protects, or jammed up job queues.”
Vaulting’s Myriad Uses
UCG announced VAULT400 in the fall of 2006, about the time that Jeff Lutz, the newly appointed VP of information systems at Crane Plumbing, started replacing some of the company’s outdated hardware. Crane is one of the best-known brand names in the plumbing fixture business and employs about 2,000 people.
Aside from replacing the antiquated hardware housed at Crane’s IT center in Mansfield, Ohio, Lutz wanted to improve Crane’s backup procedures. “Operators would put in a new tape every night and that was it. Sometimes they were labeled correctly, sometimes not. They didn’t have good consistency–they also didn’t do any month-end or year-end tapes. I’m accustomed to a much more structured backup routine. It’s important for both recovery and auditing purposes,” Lutz says.
Lutz looked at a few options to back up Crane’s new System i model 520, including tape and vaulting. He reckoned that if Crane continued to use tape, the cost of new media by itself would have represented upward of $10,000 in expense. And that was just the beginning. “If you’ve got a single tape loader you have to have someone around to take a tape out and load another one. As an alternative we could have bought an expensive tape loader which gets even more pricey if you add a barcode reader and software to make searches easier. Then, you need people to take the tapes offsite.”
Lutz admits that he had reservations when Crane’s technology partner, UCG, presented the vaulting concept to him. He was concerned that the throughput of the Internet was not adequate to support uploads and downloads that were fast enough. Because UCG and Crane had a long history together, Lutz went ahead with vaulting in November 2006. “By December, we were really abusing it,” he jokes.
It took only about an hour to get VAULT400 configured and a day to seed the vault with over 100GB of production data. But now, rather than nightly backups taking upwards of four hours, they’re completed in less than an hour.
Vaulting for the sake of backup and recovery has become a relatively unnoticed background process for Crane. In the foreground, VAULT400 is being used extensively in a project to expand the number of decimal places in some of the fields of an ERP solution from VAI (Vormittag Associates). Application developers copy data from VAULT400’s offsite data storage facility to a dedicated test machine that is presently on lease.
From this experience, Lutz and his operators have gained valuable exposure and seen first hand how VAULT400 will perform in the event of a crisis. “If we ever have a system-wide crash, I’m comfortable that we’ll be able to recover from it quickly. Of that I have no doubt.”
Thom Davidson, principal partner at Rippe & Kingston, says he looked at scores of vaulting solutions. Rippe & Kingston is a technology solutions firm that authors and supports a software package for law firms called Legal Management System. It is also a professional services firm and an IBM reseller. Davidson uses VAULT400 for his own business, and last month he inked an agreement with UCG to sell the product to his clients.
“You name them and I’ve looked at them,” Davidson says, referring to vaulting solution offerings. “System i shops don’t just run RPG-based applications anymore so we wanted to make sure that the vaulting solution we picked ran on i5/OS, AIX, Windows, Lotus Notes, Sun, and a number of other OSes and databases. VAULT400 addresses all of these.”
In the event that you don’t already have enough on your mind, newspapers are full of bad news regarding personal identity theft. There have been so many instances were backup tapes containing social security and medical information have been stolen from cars that you wonder what operations managers are thinking when they ask operators to take tapes home with them at night. According to Davidson, “You can have multiple layers of security in place and a data center that’s protected with high IT locking and alarms, but if an operator drives home at night with unencrypted backup tapes in his car, then you still have big problems.”
So, let’s say you ditch the old-school way of doing things and opt for vaulting. Should you be troubled by the fact that someone you barely know is now responsible for your backups? When asked if he worries about having a vendor manage his entire backup operation, Davidson says, “Worry? No–it actually relieves my concerns. Now we have audit trails, validation reports, and everything is encrypted. Even UCG can’t see our data.”
Finally, in the event you lose your system and need to recover quickly, VAULT400 clients can have a quick-ship box delivered to a location of their choosing. UCG loads all of your data before the box ships so once it’s connected to your network, all you need to do is replicate your application environment and you’re ready to go.
Robert Gast is a regular contributor to Four Hundred Stuff. Gast had reported on IBM technologies and others for 20 years. He can be reached at firstname.lastname@example.org.