It's safe to say server virtualization has had a large impact on the way disaster recovery (DR) is performed today. The ability to replicate a virtual machine (VM) to a remote site or cloud, and then fail over production to the replica VM in the event of an outage, has changed the way we think about disaster recovery.
DR as a service (DRaaS) providers have embraced this technology to include rapid recovery of applications in the cloud. This is a boon for many organizations because the approach can cost considerably less than traditional data replication to a DR site and offer similarly fast recovery times. This all sounds great, but there are a number of concerns you need to be aware of before opting for DR in the cloud.
While cloud DR offers many benefits, it is still an emerging technology/practice. According to a 2014 report from Forrester Research, 19% of respondents had adopted cloud DR as of the date of publication, with another 22% planning to adopt. Organizations using cloud-based disaster recovery cited three major benefits:
- Better functionality at less cost
- Easier and less expensive testing
- More flexible contracts
The report explained that costs can be kept low because users are generally only consuming cloud storage capacity. Compute resources are only paid for in the event of a disaster or a test. Tests can also be performed non-disruptively, so users can conduct them more frequently. This is a huge benefit because DR testing has traditionally been a pain point for IT. And compared to the restrictive, long-term contracts of traditional outsourced DR models, cloud DR contracts are more flexible and some services don't even have time-based contract restrictions.
There are myriad ways you can accomplish DR in the cloud depending on your specific needs, but the options can be broken into two main groups: business continuity (BC)/DR services and cloud DR hosting. These categories are not cut and dried, but they are a good starting point for thinking about cloud-based disaster recovery.
A number of managed DR service providers offer cloud-based DR. Many take a hybrid cloud approach in which on-site backups are replicated to cloud storage. This allows for fast restores of lost or corrupted data while the off-site copy is used in the event of a server or full data center outage.
Some cloud DR providers are massive organizations that maintain data centers worldwide and offer a wide variety of BC/DR services. Sungard Availability Services and IBM Business Continuity and Resiliency Services (BCRS) are good examples of this type of vendor. Not surprisingly, branching out into cloud DR was a natural step for these companies as a way to expand their portfolio of services. Additional vendors offering different flavors of cloud DR services include Axcient, Barracuda Networks, EVault, Hewlett-Packard, IBM, iland and Rackspace.
Smaller cloud service providers also partner with backup software vendors to provide DR in the cloud. Asigra, for example, sells its backup software exclusively through the channel and offers "instant recovery" with its Virtual Disaster Recovery functionality. This feature allows users to configure the backup of their virtual machines in such a way that, on completion of the backup, the latest copy is made available in your service provider's cloud. Many backup software vendors partner with managed service providers (MSP) and offer the ability to run an application from a backup copy of a VM. Some examples of these products include Commvault Simpana, Symantec NetBackup and Veeam Backup & Replication.
BC/DR services are typically paid on a subscription basis, and users pay a regular fee based on the amount of data stored and the compute resources consumed. Services vary from vendor to vendor and, in many cases, can be tailored to an organization's specific needs. For example, some users may want more robust self-service options while others will rely more heavily on the expertise of the MSP. Weighing your organization's IT strengths and weaknesses is critical when choosing an appropriate cloud DR vendor. In addition, the level of service a cloud provider can offer can vary greatly -- we'll explore that topic later.
Cloud DR hosting
Cloud DR hosting resembles traditional colocation, except an organization is not required to purchase and maintain additional off-site hardware. In other words, users are responsible for managing the replication of production data to the cloud and performing recovery tasks. The service provider's role is limited in comparison to the BC/DR services model detailed above.
Major infrastructure as a service providers like Amazon, Google and Microsoft offer cloud DR hosting. Amazon, for example, offers three different levels of cloud DR hosting:
- Backup and restore. Users back up data (using backup software that supports Amazon as a target) to Amazon S3 storage. In the event of an outage, users can start applications in Elastic Cloud Compute using Amazon Machine Images (AMIs). AMIs can be configured with the operating system and appropriate pieces of the application stack. This is the least expensive option with the longest recovery time.
- Pilot light for rapid recovery. Similar to the above scenario, but the most critical core elements of your system are configured in Amazon Web Services. When the time comes for recovery, you can rapidly provision a full-scale production environment around the critical core.
- Warm standby. In this scenario, a scaled-down version of a fully functional environment is always running in the cloud. The warm standby extends the pilot light elements and preparation. It further decreases the recovery time because some services are always running. DR hosting of this sort will likely appeal only to larger enterprises with in-house employees that can manage these processes remotely. Smaller companies with limited or no in-house BC/DR experience will need to rely on the cloud provider's expertise.
Challenges with DR in the cloud
While disaster recovery in the cloud has the potential to offer many benefits, there are a number of challenges you should be aware of.
One of the most important things to remember, according to Dragon Slayer Consulting's Marc Staimer, is that not all cloud DR service providers are the same. This is especially true with smaller cloud service providers, he said. "The big guys have resources. Companies like IBM and Sungard have experience and capabilities from offering DRaaS for a long time," Staimer said. "Some of these smaller cloud providers might have technology, but people resources are the biggest limitation."
Jon Toigo, of Toigo Partners International, echoed this concern. "You're at the mercy of the service provider," he said. "How agile are they? Your provider must be intimately acquainted with your applications and what it takes to get them up and running. It's not as easy as it sounds. It's not plug and play."
Staimer noted that smaller cloud providers may do well providing DR services to a couple of clients on a day-to-day basis. "But what happens when there's a regional disaster?" he asked. "How many clients can they handle at once if a disaster is widespread?"
In addition to questions about staffing, a cloud service providers' compute resources are frequently oversubscribed. Will your provider have the compute necessary to handle all of its clients' applications at the same time? "People rarely check into these things," Toigo said.
You can avoid these issues by taking the DR hosting route and managing everything yourself. But, as noted above, this requires in-house skills and resources that many companies opting for cloud DR may not have available.
If you choose to sign with a MSP, do your homework. Both Staimer and Toigo recommend that you ask potential cloud DR providers as many questions as possible. "Make sure you can test. Make sure your users can get to the data. Find out how many concurrent customers the provider can support. Talk to references. Talk to multiple vendors," Staimer said. "Also, you need to have SLAs [service-level agreements] in writing."
Toigo offered a final word of caution about pricing. "In many cases, smaller cloud providers are just leasing space from huge cloud providers like Microsoft, Google and Amazon," he said. "Right now, there is a price war driving cloud compute and storage costs down. When it ends, expect prices to go way up."
He went on to say that it is important to understand your exit strategy if costs go way up and you want to opt out of the service. "How do you get your data back?" he said. "Dternity uses tape. Other cloud providers use tape as well. Whether a cloud provider can dump all your data to tape is worth considering."
Obstacles to overcome when implementing DR in the cloud
Disaster recovery best practices in a public cloud environment
Embracing the cloud as part of your DR strategy