Tiered backup architectures with different logical and geographic locations can help meet the diverse backup and recovery needs of today’s businesses—but this isn’t a new idea. What is “new” to report is that tiered backup architectures are needed now more than ever—provided they are next-generation solutions.
I’ve covered the impacts of ransomware attacks and other cyber threats. All too often, an outcome is a complete shutdown of operations that can last for days and put not only information but also people at risk. There’s a better way.
Backups Won’t Be Enough
Previously, I wrote about how these architectures amplify data protection against insider threats and advanced malware when combined with data bunkers and Pure Storage® SafeMode™ protections. Backing up data remains critical for data protection, but it’s not enough.
For one, backups should be the last line of defense. Many backups just aren’t fast enough, which is why organizations need to take a serious look at next-generation backups. Implementing tiered backups architectures that can help them address every angle, mitigate every risk, and give them every chance to be as resilient as possible.
What is an example of a next-gen backup solution? A Pure Tiered Resiliency Architecture.
Is Your Backup Solution the “Old Way”?
Before I explain why Pure’s solution is next-gen, let’s consider what came before it.
Initially, companies wanted to back up their data in an 8-12 hour, overnight time window. Once they could do that, they started to worry about backup failure. So, they adopted a new approach: the 3-2-1 backup strategy with three copies of data on two different media (disk and tape), keeping one copy off-site, just in case. However, the Colonial Pipeline breach made it quite clear that even with backups, recovery times can be weeks or longer without the right architecture and technology solutions in place.
So, the 3-2-1 approach, with multiple, distributed copies of backups, isn’t ideal if the aim is to recover as swiftly as possible following an event. And most business leaders don’t care as much about redundancy as they do about a speedy return to normal.
The Future of Disaster Recovery Is Here
Pure can help organizations revolutionize antiquated legacy backup environments with advanced resiliency, performance, and simplicity.
The Pure Tiered Resiliency Architecture is a multilayered, recovery architecture that primarily uses SafeMode snapshots to implement the lowest possible recovery times based on an organization’s needs and the recovery time objectives (RTOs). SafeMode is a data protection solution built into Pure FlashArray™ and FlashBlade®—super immutable, out-of-band, multifactor-authenticated snapshots.
“Super immutable” is different from “traditional” immutable snapshots because they can’t be modified once written (thus making them immutable), but they also can’t be deleted! While traditional, immutable snapshots can’t be modified once created, with the right privileges on the storage array (generally, admin-level), they can be deleted.
SafeMode snapshots also come with one additional, huge caveat: No bad actor (person or process)—even with administrative privileges—can fully eradicate data from a Pure Storage array without invoking a special, out-of-band Pure Storage support process. Period. That means you have a guaranteed point of recoverability right there on your primary storage arrays. Get your recovery started immediately and get back up and running in far less time.
Why Implement a Pure Tiered Resiliency Architecture?
For speed and near-instant recovery. A tiered resiliency architecture enables you to recover data very quickly in the event of a cyberattack, disaster, or administrative accident. SafeMode snapshots afford you a near-instant recovery capability, instead of relying on other backup technologies that are slow, complex, and prone to malfunction or experience other technical issues at exactly the worst time.
Even if you’re using Rapid Restore from Pure, restore times will still be significantly longer than recovering from a SafeMode snapshot, which can be done in milliseconds. (Restoring from a snapshot is even faster than using Pure with Commvault, which can recover 270 terabytes (TB) per hour vs. other widely used solutions, which can generally recover between 2TB and 6TB per hour or less.)
The Advantages of a Resiliency Architecture
As you’ve no doubt gathered, speed is the number one benefit of a Pure Tiered Resiliency Architecture. You can create faster recoverability for your critical business technology—recovery that takes seconds or minutes vs. hours or days. But that’s not all. By implementing a resiliency architecture, you’ll also benefit from:
- Reduced management overhead
- Improved environmental and sustainability metrics
- Enhanced ability to easily test and prove the environment is working—and confirm that your recoverability goals are being met
- A lifetime of nondisruptive upgradability, so you never need to migrate data again
How to Build a Pure Storage-based Resiliency Architecture
Now, let’s get into how to build this next-gen backup solution with Pure. We’ll start with a high-level overview of the architecture’s structure. Generally, a tiered resiliency architecture is implemented in several tiers or layers of defense:
Mission-critical infrastructure at this layer includes, but isn’t necessarily limited to, Active Directory, DNS, and time services. Without these services, little or nothing else in the environment will function.
Host your primary data and applications that are critical to your business operations (elements like core databases and application services, along with their defined dependencies). These will be the primary focus of recovery because when they’re unavailable, neither is your organization’s ability to deliver business services to customers.
Tier 1 should house three to seven days of SafeMode snapshots. Depending on your application’s performance requirements, you could use either FlashArray//X™, FlashArray//XL™, or FlashArray//C™ to create this layer.
Tier 2 is essentially a snapshot replica archive for storing offloaded snapshots from Tier 1, which also lives at this layer. The archive should be able to store the snapshots for the longer term—at minimum, three months (90 days) to 6-12 months or longer, if possible.
Note: While Tier 2 is meant for storing data for the long term or meeting data compliance needs, you could, in the event of a major disruption, use this layer to run workloads at slightly lower performance to keep your business running.
This layer can be a fast backup tier for extreme scenarios only. Generally, the backup tier should be used as a long-term retention layer for compliance or to restore data for applications that don’t warrant protecting with snapshots.
Here again, you could use FlashArray//C or FlashBlade//S, with ISVs and enterprise application native solutions integrated to allow backup data to be written directly to the array and protected with immutable snapshots and SafeMode. You could also use FlashBlade//E to replace traditional spinning disk backups.
An optional Tier 4 layer of defense would comprise a one-way-in data bunker used for large-scale disasters. Data bunkers are highly secure and provide an extra layer of durability as optional disaster recovery sites serving behind your primary and secondary backup sites. Host a replicated copy of data and make compute available on demand. Potentially, you could store years of data at the Tier 4 layer.
If you’re using Pure Storage to build your resiliency architecture, you could create Tier 4 on FlashArray//C or FlashBlade//S. You can also build this layer by using public cloud S3 targets or cloud-adjacent bare metal services such as Equinix Metal. You would generally want higher speed storage FlashArray//X or FlashBlade//S for Tier 4, as the intent is to run just as current production would, only in a different location.
Key Steps to Enabling Your Resiliency Architecture with Pure
Once you’ve decided how many layers of defense you need, and which Pure flash storage arrays you want to use to build and support your resiliency architecture, you’ll need to take the following key steps:
- Step 1: Store the data for the workloads you want to protect on your Pure Storage array.
- Step 2: Enable snapshots on those arrays and set up protection groups to support your desired disaster recovery objectives.
- Step 3: Let the snapshots run for a couple of weeks, based on your defined policies. This process will help ensure protection group policies are proven to be configured accurately. It will also give you the opportunity to tune the policies without having to invoke the out-of-band process with Pure Support.
- Step 4: Enable Pure SafeMode to protect snapshots from accidental or purposeful deletion and eradication. (Remember that after you turn on SafeMode, the only way to change protection group settings or disable SafeMode is through a special Pure support process.)
Why You Should Build Your Resiliency Architecture with Pure
You don’t have to use Pure to build a tiered backup architecture. But without it at the foundation of your architecture, and without capabilities like SafeMode, you won’t have a truly next-gen solution for backup and recovery.
A Pure Tiered Resiliency Architecture is the future of disaster recovery. It brings advanced resiliency, performance, and simplicity to help your organization truly revolutionize its legacy, antiquated backup environment.