+31 (0)43 30 88 400 | office@comex.eu
The four pillars of secondary storage.
What should you consider when choosing a secondary storage system?
It’s like in real life: the sexy primary storage systems get 80% of the attention (and of the budget) and the boring secondary storage gets 80% of the work (data volume). While primary storage is replaced every three years on average due to rapid technological change, storage for backup and archive needs to last much longer. No one likes to move Tera- or even Petabytes of data every 3 years. The choice of one (or more?) secondary storage system should be deliberate. This involves the following four criteria.
1. Data security
Makes sense in itself: if you deploy a storage system for backup and archiving, it shouldn’t need additional backup itself. We can divide the topic of security into three levels:
Access-level security prevents data loss or data manipulation by attackers or user error. Depending on the application, choose regular or even automatic snapshots and protect by hardware WORM. Increasingly observed attacks, such as ransomware, as well as deliberate or abusive attempts to delete data, are thus effectively prevented.
Hardware-level security protects against data loss due to data carrier failure. You achieve this by applying copy or redundancy so that a defined number of the data carriers used can fail without data loss. The most well-known method is RAID, which, however, is not secure enough without additional measures. RAIDz, as part of ZFS, and especially in the triple parity variant, already offers significantly more security because it usually prevents stealthy errors and thus failure of a rebuild. Erasure coding, the designated successor to RAID, we consider particularly secure. Erasure coding requires significantly less system resources during a rebuild and is very flexible to configure, for example, with quadruple redundancy.
System-level security protects against data loss due to total failure. If a system is no longer usable or accessible due to fire, water damage or theft, the best technology won’t help. Only by replicating to a second location can you handle these calamities. Usually you mirror the entire system identically for this, but some systems also allow replication to a second data-level location. The advantage of data-level replication is obvious: you can use both systems at their location as production systems and replicate to the other location.
2. Flexibility
Typically, the investment cycle in the IT sector is 3 years. Secondary storage, however, has to do its work for much longer. Therefore, it is essential that this storage system provide maximum flexibility to be armed for the future.
Scalability is the first aspect that comes to mind here. The need for storage capacity is growing rapidly, and virtually no one can predict how much data will be stored in 3, 5 or 10 years. If you have to size a storage system to cover all possibilities at the time of purchase, a high investment is usually required. Therefore, systems that can scale elastically with need are more appropriate. Here it is important to ensure scalability even if the type of data carriers originally used is no longer available.
Flexibility also includes that the configuration of the system is not too fixed. What file systems, software applications and applications do they support? Can you add SSDs as the price point approaches hard drives? Can you flexibly allocate storage portions to different applications, and can they also grow or shrink independently?
Don’t forget the connectivity of the chosen system, either. Depending on the desired application, it may be necessary or desirable for the physical connection to grow with increasing needs. Where 1 GBit Ethernet is common today, tomorrow requires 10, 40 or 100 GBit. If you permanently connect the storage to the server components, an upgrade usually means replacing the entire system.
3. Offline capabilities
All data is permanently online, in the cloud and available anywhere, anytime. However, this comes with a number of drawbacks and risks that can become problematic for secondary storage systems. Permanently accessible data storage also permanently exposes data to hackers and ransomware. Massively distributed storage structures (cloud) lead to uncertainties regarding the handling of sensitive data and are often not compliant with legal rules and regulations such as the AVG. Therefore, offline-capable storage media are again experiencing increasing attention recently. The buzzword here is “air gap.” What you do not connect but separate by a physical gap – an air gap – cannot be infected because no access is possible. Of course, it is desirable that you do not have to make additional offline copies that you then store securely in a vault. Dealing with this kind of offline media is so cumbersome that you hope, you never need this media. Native offline-capable nonlinear media do give you the ability to make data available again quickly and without complicated copying.
4. Little complexity
The final criterion is the reduction of storage complexity. Reducing complexity is one of the big themes of the next few years in the IT sector, almost no institution or company can have specialists for every component in-house. Clearly: primary storage has special attention and must be individually tailored to performance needs. For long-term storage, however, less is more. The more systems involved, the more contacts, configurations, user interfaces and service contracts there are. Because secondary storage systems are made for long-term retention, the length of service contracts and the possibility of renewal at constant terms also play a role.
Conclusion
Security and scalability are obvious requirements for a storage system for backup and archive, however, considerable differences can already be seen here. Additionally, the new (old) requirements come to offline capabilities because “always online” often fails to meet security requirements and is increasingly exposed to attacks. Overarching this is the desire for “fire & forget”: secondary storage must do its job uncomplicated and long-lasting reliably: keep data safe.
Subscribe for tips and info