You most likely know that your VMware infrastructure requires ongoing protection. Numerous events can prompt data loss, such as disaster, system failure or a cyber threat. Your main goal is to protect your data under any type of scenario. In this blog, we discuss VMware best practices and how to boost your data security with VMware backup software.
Always follow VMware backup best practices
Use the latest version of your software
You want to get the best out of your software. Thus, use the most recent version of your VMware vSphere. Use the latest version to enjoy new upgrades, features and functionalities. The newest version is also the most secure. It’s less buggy and less vulnerable to cyber threats. You should also use the updated version of your VMware backup software to benefit from the newest features such as new locations for backups, improved recovery options and additional management tools.
Develop a customised data protection plan
Set up your tangible recovery goals
No matter the scenario — natural disaster, a cyber threat or system failure — set up your recovery goals upfront. To do this right, analyze your data and assign it a priority level. Critical data, with a higher priority level, should have minimal recovery times and can’t be lost. Your RTOs and RPOs are two vital metrics to consider while crafting your data protection plan. Your RTOs (Recovery Time Objectives) constitute the amount of time your business can remain inoperable during a disruption. RPOs (Recovery Points Objectives) identify how much data you can lose without harming your business. Analyzing the significance of your data and setting up your RTOs and RPOs right from the start, can help you a lot with selecting the correct backup and recovery strategies.
Ensure proper means to meet your goals
It’s important, you have enough resources to cover your recovery needs. Think about if you have the right equipment, storage availability, CPU capacity, network bandwidth and qualified technical staff. You should assess your resources in terms of your recovery plan. Plan out how you are going to utilize your resources in case of disaster, cyber attack or system failure. Do you have the right IT personnel to meet all of your goals? Acquire additional resources or staff in case it’s necessary. Or change your recovery goals according to your current means.
Maximize the Efficiency of Your VMware Backup
Create smaller backups
Small backups require less space. Thus, by having smaller backups, you can lower your storage requirements. You can achieve smaller backups with certain size reduction techniques:
Deduplication
Your data always contains duplicate blocks. Deduplication technique allows you to save only the original data blocks. In case there is a duplicate data block, it’s not copied and saved to a storage. Instead, the link with the data index is referring to the original block, and only that block gets stored. Thus, only the original blocks of data get saved. This reduces storage space by a great amount! But, if you need to recover your deduplicated data, you can easily do it at any time due to the indexing system.
Run app-aware backups
When you backup your databases, some data may hang in the memory or remain pending. App-aware backups ensure that no data is left behind. You can deliver app-aware backups with Volume Shadow Copy Service (VSS) and VSS writers. Volume Shadow Copy Service (VSS) is a snapshot-based software that allows you to make a copy of your production environment while it’s up and running. The VSS writers are components of VSS that you need to install separately. The VSS writers can deliver the information from the memory and pending data to VSS. The whole process has the following order:
Your backup software asks your VSS to make a snapshot of a backup. Then VSS asks VSS writers to report all pending data. After the consistency of the state is reported, VSS delivers a snapshot. Thus, when the actual backup takes place, it captures the entire data along with all pending transactions.
Verify your backups
When you invest time and money to create a backup, you expect this backup to work. But, sometimes backups become corrupted. In other cases, backups may not contain the full data. It can be disappointing to find out that your backup doesn’t work right when you need it the most. That’s why you always need to verify your backups the moment you produce them. You can verify your backups in several ways by using:
Block verification
Allows you to make a hash of every single data block and then compare these hashes to the original hashes created during a backup. The data in your backup repository should match with original data. This would mean that your backup is good.
Screenshot verification
This type of verification relies on the instant VM boot mechanism. Your backup software creates an empty VM. Then, your backup software mounts new disks from a backup repository to a new VM as iSCSI targets. Next, the VM is powered on, and your backup solution captures a screenshot of the VM’s OS user interface. Afterwards, you receive an email report with screenshots attached.
Boot verification
Boot verification uses the same mechanism as screenshot verification. However, with boot verification, your backup software checks the heartbeat of your VM’s OS to verify that it’s running successfully. When verifying a replica, your backup software checks if your VM’s hypervisor tools are up and running. After the boot verification is complete, you can view the results on the user interface or obtain them via email.
Develop a Holistic Approach Toward Data Protection
Think of the best recovery approach
You can recover your data by performing a full recovery, granular recovery or a P2V recovery. If you get hit by a disaster or fall victim to a cyber threat, your entire system may go down. Thus, if you need to recover all of your data, you should run a full recovery. On the other hand, if you lost or accidentally deleted a specific file, object or folder, you can easily recover it by running granular recovery. Lastly, in case your physical machine is down you can initiate a P2V recovery. You can also use P2V for software development, testing and P2V migrations.
Automate whenever possible
It’s not a secret — automation saves plenty of time! Every time you automate, you are giving more room for other activities. You can focus on other tasks instead of putting in extra effort and time to perform things manually. You VMware backup software should allow you to automate:
Your VMware Vsphere backup schedule
Create a backup schedule for your backups. Run them daily or on a weekly basis. Rotate your recovery points according to the GFS scheme or create your own customized schedule. You can set up your backups to run automatically at any time of day, night or weekend.
Your backup policies
Set up policies based on the VM’s name, size or tag to:
- Add a VM to a backup job
- Remove a VM from backup job
Separate data protection tasks
You can combine and run certain tasks automatically. You can chain a VMware backup with a backup copy. That way, you can create a backup and send a backup copy to storage automatically, with no need to perform each of those steps separately.
Scale your data protection methods
Your VMware backup software should meet your current needs. If your business grows or becomes smaller, your backup software should be accommodated accordingly. If your business expands, you may need to adjust your service plan to cover your production. Alternatively, if your business becomes smaller, switch to a different service plan to avoid extra costs. To keep your recovery goals realistic, check if your current strategies and resources meet your RTOs and RPOs.
Your VM backup Solution Should Have it All
Forever Incremental Backups
Full backups take up lots of space. The forever incremental method allows you to perform a full backup just once. All the following backups are going to be incremental. Forever incremental backups skyrocket your backup speed while saving plenty of storage space. The only downside is a long recovery process — you would have to recover the first backup and then all the increments.
Image-based and agentless backups
An image-based backup involves taking a snapshot of the entire VM along with its configuration files, folders, disks and data. With image-based backup you can restore your system instantly in case of any disruption. Good news is that an image-based VMware backup solution doesn’t require an installation of an agent or any additional software. Thus, it’s lightweight and won’t take up lots of memory space.
Changed Block Tracking technology
Changed Block Tracking technology (CBT) allows you to copy only that data that has changed since your previous backup. You use the CBT technology to run your incremental and forever incremental backups. Incremental backups speed up your backup process, reduce the load on your production environment and save you plenty of storage space.
Minimal Storage Space and Network Load
When choosing a VMware backup software look out for the features that can reduce storage space and network load. Those features include:
- Exclusion of swap files and partitions from a backup
- Automatic truncation of transaction logs
- Backup to Multiple locations
The more backup locations you have the brighter are your recovery prospects. The 3-2-1 approach suggests having at least 3 backup copies. You can store two copies on different storage media, and one copy offsite. Your VMware backup software should allow you to back up to NAS devices, to the cloud or tape.
LAN-free Data Transfer and Direct SAN
To reduce your network workload, use a Direct SAN mode. With Direct San you can transfer your data from SAN storage devices by means of Fiber Channel or iSCSI. This results in fast backup speed and excellent backup performance. Alternatively, you can use a HotAdd feature to read your data directly from data storages. You can bypass the host’s NCP/IP and read your data via the storage I/O. To do this your VMware software makes a snapshot of the source VM and then mounts it as a virtual disk to the VM running your VMware backup software.
Data Encryption
Some of your data holds private information. Thus, it should remain secure during backups and all types of transactions. Your VMware backup software should have encryption backup policies in place to keep your data safe at all times. The most common type of encryption relies on the AES-256 encryption algorithm.
User-Friendly Interface
Choose a VMware backup software with a convenient user interface. That way, you can schedule and handle your backups with ease. A simple to navigate dashboard can show you the times and estimated duration of your backup jobs and available slots for new backups.
Multi Tenancy
You can manage whole groups with a single product deployment. This service allows multiple admins to handle your backup and recovery tasks. Multi Tenancy is a great choice for such businesses as SaaS, BaaS and DraaS. If interested, you can learn more about VMware virtual machine backup, read here.