Symantec Backup Exec Blueprints

15  Download (0)

Full text

(1)

Symantec Backup Exec

Blueprints

Blueprint

for Private Cloud Services

Backup Exec Technical Services

(2)

Symantec Backup Exec Blueprints 2

Notice

This Backup Exec Blueprint presentation includes example diagrams that contain objects that represent applications and platforms from other companies such as Microsoft and VMware. These diagrams may or may not match or resemble actual implementations found in end user environments. Any likeness or similarity to actual end user environments is completely by coincidence.

The goal of the diagrams included in this blueprint presentation is not to recommend specific ways in which to implement applications and platforms from other companies such as Microsoft and VMware, but rather to illustrate Backup Exec best practices only. For guidelines and best practices on installing and configuring applications and platforms from other companies, please refer to best practice documentation and other resources provided by those companies.

Symantec Backup Exec

Blueprints

(3)

Blueprints

Help Customers Avoid Common Challenges/Pitfalls

• Each

Blueprint

Contains:

‒ Recommended Configuration: Best-practice implementation example ‒ Life Preservers: Best practices and pitfalls to avoid

• Use

Blueprints

to:

‒ Present the Backup Exec best practice implementation example ‒ Highlight key “life preserver” guidelines to avoid problems

Symantec Backup Exec

Blueprints

(4)

4

Introduction

Key terms and principles

(5)

Backup Exec 2012

Private Cloud Services

Key terms and definitions

Term Definition

Backup Exec Private Cloud Services The feature name.

Enterprise Server Option The parent option of the Central Admin Server Option (CASO).

Central administration server The Backup Exec server on which CASO is installed.

Managed Backup Exec server The new name for a managed media server .

Cloud Backup Exec server

The Backup Exec server that is located in the managed service provider’s data center that hosts the deduplication disk storage.

The Backup Exec server can be a central administration server or a managed Backup Exec server, depending on configuration.

Deduplication disk storage The disk storage device that is enabled for data deduplication and is

located on the Backup Exec server.

Backup definition A group of options that you select that define the backup selections, the

backup job methods and options, and any stages.

Offsite copy The backup data that is stored on a managed Backup Exec server, then

(6)

6

Example Diagrams and Life Preservers

Multitenant cloud Backup Exec server configuration of

Private Cloud Services

(7)

Example Diagram:

Private Cloud Services

Multitenant cloud Backup Exec server configuration

DC/DNS Server

Customer 1 LAN Customer 2 LAN

MSP Data Center LAN

Backup Exec - CAS Customer 2 Domain Customer 1 Domain MSP Domain

High-level Best Practices

Backup Exec servers at customer sites in MSP’s domain Use transfer drives to seed the cloud Backup Exec server Backup Exec servers at customer sites on physical hardware Backup Exec servers at customer sites protected by encryption Local backups of customer servers for fast restore capability Leverage deduplication to optimized backup storage

Optimized duplication can improve WAN transfer speeds The Backup Exec 3600 appliance can be used as MBES

1 2 3 4 5 6 7 VPN

DC/DNS Server Virtual Host Backup Exec - MBES BE 3600 - MBES Virtual Host DC/DNS Server

Managed Services Provider NOC Optimized Duplication Stream

Microsoft BitLocker 8 1 2 3 4 5 6 7 8 1 5 6 Tape Out Virtual Machines Virtual Machines Diagram Legend Backup Exec

UI (CAS) Cloud Backup Exec Server

(8)

Symantec Backup Exec Blueprints 8

Life Preservers:

Private Cloud Services

Managed Services Provider NOC

Backup Exec Server at Managed Service Provider’s NOC

Cloud Backup Exec server and Central Administration Server

Enabled with local deduplication disk storage device

Deduplication device shared with Backup Exec servers at customer sites

Select “Private cloud server” option

Cloud Backup Exec Server Deduplication Disk Device

Maximum of 64 TB of deduplicated data (should scale to 10x or better)

Tape Considerations

Customer backups can be stored to tape attached to cloud Backup Exec

server

One job definition can include all backup stages:

(1) Local backup at customer site

(2) Duplication of backup from customer site to cloud Backup Exec server at MSP NOC (3) Duplication of backup at cloud Backup Exec server to tape

(9)

Life Preservers:

Private Cloud Services

Customer sites

Backup Exec Servers at Customer Sites

Managed Backup Exec servers (controlled by CAS at MSP NOC)

Enabled for deduplication

Member of MSP’s domain, not customer’s domain

No local logon access for customers (required for multitenant security)

Customer backups stored to local Backup Exec server, then copied to cloud

Backup Exec server (optimized duplication)

Can be custom Backup Exec server or BE 3600 Appliance

Security Requirements

Custom Backup Exec servers should be on standalone hardware (not VMs)

Should be enabled with disk encryption

Member of MSP’s domain, not customer’s domain

(10)

Symantec Backup Exec Blueprints 10

Life Preservers:

Private Cloud Services

Replicating backups to cloud Backup Exec server

Optimized Duplication

Only unique blocks transmitted to cloud Backup Exec server

Blocks already contained at cloud Backup Exec server are skipped

Can greatly improve WAN transfer efficiency

Backup Exec Built-in Security Features

Communication between Backup Exec servers/components secured

TSL/SSL encryption technology

Other Security Recommendations

Enable SSL on all VMware hosts being protected by Backup Exec

Secure communications between MSP NOC and customer sites using VPN

(11)

Life Preservers:

Private Cloud Services

Multitenancy support

Multitenancy in Private Cloud Services

Customer data not physically separate from other customers

Data co-exists in cloud Backup Exec server’s deduplication disk device

Managed Services Provider is full owner/controller of backup operations

Clients cannot control, see, or restore their data or other client’s data

Fully dependent upon Managed Services Provider for backup/restore

Managed Services Provider is trusted advisor; has “keys to the kingdom”

Domain Requirements

Client Backup Exec servers part of Managed Services Provider’s domain

Clients not given local logon access (multitenant security)

Seeding the Cloud Backup Exec Server

Process for adding data to cloud Backup Exec server’s deduplication device

(12)

Symantec Backup Exec Blueprints 12

Life Preservers:

Private Cloud Services

Performance

Network Recommendations

Less than one percent packet loss

Round-trip latency of 250ms or better

Loss of Network Connection

Results in stopping of scheduled backup operations

Backups resume when network connection is restored

If necessary, Backup Exec servers at client sites can be reverted to

standalone

Details in planning and deployment guide

(13)

Life Preservers:

Private Cloud Services

Catalog modes

Centralized Catalogs

Catalog data stored at cloud Backup Exec server (CAS)

Easy catalog backup/protection

High demands on network connectivity between sites

Requires persistent network connection

Distributed Catalogs

Most catalog data maintained at Backup Exec servers at client sites

Usually recommended for distributed configurations

Persistent network connection between sites not required

Replicated Catalogs

Combination of centralized and distributed

Catalogs maintained at CAS as well as Backup Exec servers at client sites

(14)

Symantec Backup Exec Blueprints 14

Life Preservers:

Private Cloud Services

Other considerations

Two Private Cloud Services Configurations

Multitenant cloud Backup Exec server (dealt with in this blueprint)

Single-tenant cloud Backup Exec servers

Single-tenant Configuration

Each customer has own cloud Backup Exec server at MSP NOC

Backup Exec server at customer site in customer’s domain

Customer has logon access to local Backup Exec server

Some customers may require this due to regulations in their vertical

Mix-and-Match

MSPs may use either or both Private Cloud Services configurations

Other Related Backup Exec Blueprints

Blueprint: Optimized Duplication

(15)

Thank You!

Figure

Updating...

References

Related subjects :