A Technical Overview of

System Center Data Protection Manager 2007 Protecting SQL, Exchange, and other Windows data

Oren Cohen

Shuki KlainshtainDPM April 30, 2007

קלינשטיין שוקיפרויקטים מנהלמחשבים תים

אורן כהןפרויקטים מנהלמחשבים תים

Data Protection Manager (DPM 2007)

SimplifiedSimplified

Forefront + System CenterIT Security IT Management

Common Management Infrastructure & Platform

ProductiveProductive IntegratedIntegrated

Client SecurityClient Security

Application Server SecurityApplication Server Security

Network Edge SecurityNetwork Edge Security

Secure Remote AccessSecure Remote Access

Change & Configuration Change & Configuration ManagementManagementBackup & RecoveryBackup & RecoveryVirtual Machine ManagementVirtual Machine ManagementSystems MonitoringSystems Monitoring

Agenda

Customer backup pain

Introduction to Data Protection Manager (DPM 2007)

Demo :Configure DPM 2007

How does DPM protect Exchange and SQL

Demo :Protect MS SQL 2005

Beta 2 additions

Closing remarks

Customer Backup PainsBetter nightly backups neededTape is inefficient Lack of application support WAN not feasible for centralized backupsDisk-based backup consumes large amounts of space Remote and branch-office data protection is expensive and cumbersome Customers want one vendor to manage everything

Customer Backup PainsBetter nightly backups neededTape is inefficient Lack of application support (Exchange & SQL 200x, Sharepoint)

WAN not feasible for centralized backupsDisk-based backup consumes large amounts of space Remote and branch-office data protection is expensive and cumbersome Customers want one vendor to manage everything

DPM 2006Centralized Backup of Branch OfficesRapid & Reliable Recovery — from disk instead of tapeEnd user recovery without IT intervention

DPM 2006

ClientsClients

Active Directory®Active Directory®

File ServersFile Servers Third-Party Tape Third-Party Tape DPM 2006 ServersDPM 2006 Servers

SnapshotsSnapshots

DPM 2007Continuous Data Protection for Windows Application and File ServersRapid & Reliable Recovery from disk instead of tapeAdvanced Technology for enterprises of all sizes

DPM 2007

ClientsClients

Active Directory®Active Directory®

File ServersFile Servers

with Tape Librarywith Tape LibraryDPM 2007 ServersDPM 2007 Servers

Online SnapshotsOnline Snapshots

Exchange ServersExchange ServersSQL ServersSQL Servers

SharePoint ServersSharePoint Servers

including clusters

Disk-based Recovery

Offline tapeOffline tape

Tape-based Archive

Virtual ServersVirtual Servers

ה: 1הדגמה מערכת ניהול DPMסביבתבסיסיות 2007 והגדרות

Microsoft systems protection

DPM 2007 Beta 1– Protected Platforms

Windows 2003 File Services

Exchange 2003Exchange 2007

SQL Server 2000SQL Server 2005

DPM 2007

Time between Synchronizations 1 Hour

Number of Shadow Copies 64

DPM 2007 Beta 2– Protected Platforms

Windows 2003 File ServicesLonghorn File Services

Exchange 2003Exchange 2007

SQL Server 2000SQL Server 2005 DPM 2007

SharePoint 2007

Virtual Server 2005 R2 +SP1

XP & Vista

DPM

Time between Synchronizations 15 Min

Number of Shadow Copies 512

Exchange 2003 Cluster

Active Passive

Automatic Failover

Protection continues seamlessly

DPM detects cluster configuration

DPM

MSCS Exchange 2003 Cluster

E2003Passive-node

E2003Active-node

Exchange 2007 – CCR in DPM BETA-2

Cluster Continuous ReplicationRedundant exchange servers and redundant databasesCan be geo-diverseDatabases logs are replicatedNode Preferred backup (Secondary)

Exchange 2007 CCR

Exch2007Active

DPM

Exch2007Passive

Exchange 2007 – LCR

Local Continuous ReplicationOne exchange server with redundant copy of databaseFailover to redundant copy in case of database corruption or drive lossBackup from Active DB drive

Exchange 2007 LCR

Exchange2007

Active Backup

DPM

SQL Server

Mirrored Database SQL

DPM

Database mirrored SQL cluster

SQLSecondary

SQLPrimary

SQL ServerSQL Log Shipping

SQL

DPM

Mirrored DatabaseLog shipping

SQL Server

DPM

MSCS SQL Cluster

SQLPassive-node

SQLActive-node

Mirrored DatabaseLog shippingMSCS SQL Cluster

SharePoint 2007 Restore Options

Restore the Farm !

Config DB

Content DB

Site & Site Collection

Microsoft Confidential

Exchange 2003Exchange 2007

SQL Server 2005

Virtual Server 2005 R2 sp1

VSSVR

Guest OS instances

Linux02

NT4-CustomApp

Win2003-SQL2005

Virtual Servers

Virtual ServersOnline backups

no downtimeVSS consistent inside

Windows 2003 sp1New VM Additions

VSS consistent outsideVHD VSS writer

Virtual Server 2005 R2 sp1

VSSVR

Guest OS instances

Linux02

NT4-CustomApp

Win2003-SQL2005

Virtual ServersOnline backups

no downtimeVSS consistent inside

Windows 2003 sp1New VM Additions

VSS consistent outsideVHD VSS writer

Offline backupsPause virtual machine

Save state of CPU (vsv)VSS shadow copy of VHD(s)

Un-pauseBlock level synchronization of VHD changed blocks

Virtual Server 2005 R2 sp1

VSSVR

Guest OS instances

Win2003-SQL2005

Linux02

NT4-CustomApp

Agent deployment optionsPush Agent – DPM 2006, 2007 beta 1 and beyond

Pre-installed OSSMS 2003

System Center Configuration Manager 2007

Group PolicyWSUS v3

Media EncryptionEncryption defined per Protection Group

User defined keyImported into Certificate Server

AES/DES 256bit

Hardware support via CAPI (Crypto API)Software support

DPM 2007הגדרת: 2הדגמה SQL 2005בסביבת

Make Sure to Auto-Start the Production Servers’ SQL Server VSS Writer

v2

נתונים: 3הדגמה בסיס שחזורSQL 2005

DPM 2007 – Beta2 additions

Continuous Application Protection

Exchange ServerSG, database, mailbox & public folder recovery

SQL Database protection & recovery

SharePoint -- Beta2 feature

System State & Bare Metal Recovery -- Beta2 feature

v2

Microsoft ApplicationMicrosoft Applicationand File Serversand File Servers with Tape Librarywith Tape Library

DPM ServersDPM Servers

Disk to Disk to Tape (D2D2T) in addition to D2D & D2T

Local agent install, SMS/WSUS integration

Command Line Interface and PowerShell commandlets

Support for protecting servers across trusted domains

File/folder exclusions, encrypted files…

Media Encryption

Protection Groups

Other Key Enhancements

Microsoft ApplicationMicrosoft Applicationand File Serversand File Servers with Tape Librarywith Tape Library

DPM ServersDPM Servers

Online SnapshotsOnline Snapshots

Disk-based Recovery

Offline tapeOffline tape

Tape-based Archive

v2

Off-site backups & Disaster Recovery With DPM

All data protected at every Sync - 15minAll data protected at every Sync - 15min

Important DataSync / 4 hours File RPO = daily (63d)App RP = 512 weekswith 15m RP’s

Important DataSync / 4 hours File RPO = daily (63d)App RP = 512 weekswith 15m RP’s

dpm2dpm4dr

OFFSITE TAPE BACKUP

Ability to Backup behind Firewall’s Ability to Backup behind Firewall’s

Top Reasons To Plan for DPM 2007 1. No more failed recoveries

2. Near zero data loss for Exchange, SQL, and SharePoint

3. Seamless Disk-to-Disk-to-Tape for backups

4. Recoveries within minutes instead of hours

5. Unified policy allows protection of multiple data types to any media – in one schedule and with common tuning options

6. Eliminate the backup window of your production servers

7. Shrink potential data loss down to 15 minutes

8. Application recovery direct from backup UI – no pre-staging

9. Enable end-users to perform their own recoveries

DPM 2007 planDPM 2007 BETA 1 – September 27, 2006

ExchangeSQLIntegrated Disk & Tape functionality

DPM 2007 BETA 2 – May 2007SharePointVirtual ServerWindows Vista & XP desktopsDPM 2 DPM 4 DR – Disaster RecoverySystem StateSCCM (sms 2007) / SMS / WSUS deployment of clientCommand-line & Windows PowerShell controlBare metal Restore

RTM & General Availability – 2007 H2

© 2006 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

DPM 2007 http://www.microsoft.com/DPM

ובתאבון תודה