Chp 7 Recovery Strategies
full backup
all data is backed up. During the full backup process, the archive bit for each file is cleared. A full backup takes the longest time and the most space to complete. However, if an organization only uses full backups, then only the latest full backup needs to be restored. Any backup that uses a differential or incremental backup will first start with a full backup as its baseline. A full backup is the most appropriate for offsite archiving.
Remote journaling
Copies the journal or transaction log offsite on a regular schedule. This method occurs in batches.
Redundant Array of Independent Disks (RAID)
A hard-drive technology in which data is written across multiple disks in such a way that a disk can fail and the data can be quickly made available from the remaining disks in the array without restoring from a backup tape or other backup media.
incremental backup
An incremental backup backs up all files that have been changed since the last full or incremental backup. During the incremental backup process, the archive bit for each file is cleared. An incremental backup usually takes the least amount of time and space to complete. In an organization that uses a full/incremental scheme, the full backup and each subsequent incremental backup must be restored. The incremental backups must be restored in order. If your organization completes a full backup on Sunday and an incremental backup daily Monday through Saturday, up to seven backups could be needed to restore the data
Electronic vaulting
Copies files as modifications occur. This method occurs in real time.
Backup Types Comparison
Backup type full backup Data backed up all data Backup time slowest Restore time fast Storage space high Backup type incremnetal backup Data backed up only new/modified files/folders Backup time fast Restore time moderat Storage space lowest Backup type differentail backup Data backed up all data since last full backup Backup time moderate Restore time fast Storage space moderate
Replication (electronic backup)
Copies data from one storage location to another. Synchronous replication uses constant data updates to ensure that the locations are close to the same, whereas asynchronous replication delays updates to a predefined schedule.
Copy backups
Copy and daily backups are two special backup types that are not considered part of any regularly scheduled backup scheme because they do not require any other backup type for restoration. Copy backups are similar to normal backups but do not reset the file's archive bit.
Tape vaulting
Creates backups over a direct communication line on a backup system at an offsite facility.
daily backups
Daily backups use a file's timestamp to determine whether it needs archiving. Daily backups are popular in mission-critical environments where multiple daily backups are required because files are updated constant
Storage area network (SAN)
High-capacity storage devices that are connected by a high-speed private network using storage-specific switches.
Load balancing
Refers to a hardware product that provides load-balancing services. Application delivery controllers (ADCs) support the same algorithms but also use complex number-crunching processes, such as per-server CPU and memory utilization, fastest response times, and so on, to adjust the balance of the load. Load-balancing solutions are also referred to as farms or pools.
Clustering
Refers to a software product that provides load-balancing services. With clustering, one instance of an application server acts as a master controller and distributes requests to multiple instances using round-robin, weighted round-robin, or least-connections algorithms.
Optical jukebox
Stores data on optical disks and uses robotics to load and unload the optical disks as needed. This method is ideal when 24/7 availability is required.
Hierarchical storage management (HSM)
Stores frequently accessed data on faster media and less frequently accessed data on slower media.
Failsoft
The capability of a system to terminate non-critical processes when a failure occurs.
Failover
The capacity of a system to switch over to a backup system if a failure in the primary system occurs.
Concept of archive bits
When a file is created or updated, the archive bit for the file is enabled. If the archive bit is cleared, the file will not be archived during the next backup. If the archive bit is enabled, the file will be archived during the next backup.
differential backup
all files that have been changed since the last full backup will be backed up. During the differential backup process, the archive bit for each file is not cleared. A differential backup might vary from taking a short time and a small amount of space to growing in both the backup time and amount of space it needs over time. Each differential backup will back up all the files in the previous differential backup if a full backup has not occurred since that time. In an organization that uses a full/differential scheme, the full backup and only the most recent differential backup must be restored, meaning only two backups are needed.
Transaction log backups
are only used in environments where capturing all transactions that have occurred since the last backup is important. Transaction log backups help organizations to recover to a particular point in time and are most commonly used in database environments
hot site
is a leased facility that contains all the resources needed for full operation. The only resource that must be restored at a hot site is the organization's data, often only partially. It should only take a few hours to bring a hot site to full operation. Although a hot site provides the quickest recovery, it is the most expensive to maintain. requires the same security controls as the primary facility and full redundancy, including hardware, software, and communication wiring.
warm site
is a leased facility that contains electrical and communications wiring, full utilities, and networking equipment. In most cases, the only devices that are not included her are the computers. Is in the middle when it comes to recovery time A warm site is somewhere between the restoration time and cost of a hot site and cold site. It is the most widely implemented alternate leased location. Although testing a warm site is easier than testing a cold site, a warm site requires much more effort for testing than a hot site.
cold site
is a leased facility that contains only electrical and communications wiring, air conditioning, plumbing, and raised flooring. No communications equipment, networking hardware, or computers are installed here until it is necessary to bring the site to full operation. Takes the longest recovery the least expensive to maintain. It is also the most difficult to test
mutual-aid agreement (MAA)
is a prearranged agreement between two organizations in which each organization agrees to provide assistance to the other in the event of a disaster.
tertiary site
is a secondary backup site that provides an alternate in case the hot site, warm site, or cold site is unavailable. Many large companies implement tertiary sites to protect against catastrophes that affect large geographic areas.
redundant (mirrored site)
is a site that is identically configured as the primary site. A redundant or mirrored site is not a leased site but is usually owned by the same organization as the primary site. The organization is responsible for maintaining the redundant site. Multiple processing sites can also be configured to serve as operationally redundant sites. Although redundant sites are expensive to maintain, many organizations today see them as a necessary expense to ensure that uninterrupted service can be provided.
Quality of service (QoS)
is a technology that manages network resources to ensure a predefined level of service. It assigns traffic priorities to the different types of traffic or protocol on a network. QoS deploys when a bottleneck occurs and decides which traffic is more important than the rest. Exactly what traffic is more important than what other traffic is based on rules the administrator supplies. Importance can be based on IP address, MAC address, and even service name
reciprocal agreement
is an agreement between two organizations that have similar technological needs and infrastructures. In the agreement, both organizations agree to act as an alternate location for the other if either of the organization's primary facilities are rendered unusable. Unfortunately in most cases, these agreements cannot be legally enforced. A disadvantage of this site is that it might not be capable of handling the required workload and operations of the other organization
first in, first out (FIFO) scheme
the newest backup is saved to the oldest media. Although this is the simplest rotation scheme, it does not protect against data errors. If an error in data exists, the organization might not have a version of the data that does not contain the error.
In developing the recovery strategy
the recovery plan committee takes the RTO, WRT, and RPO value and determines the recovery strategies that should be used to ensure that the organization meets these BIA goals.
grandfather/father/son (GFS) scheme
three sets of backups are defined. Most often these three definitions are daily, weekly, and monthly. The daily backups are the sons, the weekly backups are the fathers, and the monthly backups are the grandfathers. Each week, one son advances to the father set. Each month, one father advances to the grandfather set.
