Microsoft Exchange - protecting it, managing it and keeping it running

This is due to many factors. Email in general - and Microsoft Exchange in particular - has become a victim of its own success. As email has taken off and become the preferred communication tool in business, organisations have found more and more innovative ways to use it.

Email is used as an engine for mass marketing, targeting large groups of recipients. Most day-to-day inter-office and external communication is done by email. We are all overrun with ever increasing amounts of spam.

We distribute files using email. We store our business and personal contacts within our email systems. We send out quotations and proposals. We distribute memos and other documents. We distribute jpegs and mpegs. And we even build entire online communities through email. Often multiple copies of the same file attachments exist within the Exchange data store.

What's more, Governments, regulatory bodies and industry forums are recognising the extent to which organisations are using email through every facet of their businesses. This results in a growing number of rules and regulations requiring organisations to store email and keep it for increasingly long periods of time.

Email has become a drug. The more we use it the more we need it. As our dependency grows, the greater the risk of our withdrawal symptoms. So how can we avoid cold turkey for our business?

Technology components
From a technology point of view there are a number of considerations when it comes to keeping Exchange available and preventing data loss.

Data Protection - it is critical that this is the starting point. If all else fails there needs to be an alternative copy of the data to fall back to, in order to support reconstruction of an Exchange environment. This is the most basic safety net.

Recovery - there are two areas to consider from a recovery point of view: how to recover the server, the operating system and the application; how to recover the data. Each of these has a different answer.

High availability and downtime avoidance - for critical applications 'high availability' (HA) is a prerequisite. Ensuring protection against hardware failure or application failure - without incurring significant downtime - should be a key consideration for Exchange environments.

Data Protection
There are a number of factors to consider when defining a suitable data protection strategy.

The size of the Exchange data store is going to impact every facet of an Exchange data protection strategy. Typically these are very large data stores due to the sheer volume of emails that most businesses generate and the number of attachments that are sent and received every day. These attachments usually represent the majority of Exchange data.

The backup window is another important factor. Because of the data volumes associated with Exchange it normally takes an incredibly long time to back it up. Few organisations still have the luxury of being able to shut down an application and back it up 'offline' over night. Even if that is the case, there is often too much data to backup within that night-time window so this still presents a challenge.

A further challenge is that Exchange is a complex application and once in a stable state of operation, administrators are reluctant to shut it down in case it causes some kind of problem.

This leaves a number of problems.

• How can Exchange be backed up online with minimal impact on the users?


• How can the data be protected more selectively?


• How can greater efficiency be applied to the backups?


• How can backups be run frequently enough to minimise data loss?

Recovery
One common mistake organisations make is in overlooking the reason why they run backups. Data is backed up because at some point in time it will need to be recovered - so recovery is arguably more important than backup itself.

When looking at the recovery of a server in an Exchange environment there is considerable complexity, and a high level of skill is required to successfully build a replacement or repaired server and bring the server and the data back online.

Going through this process is time consuming if done manually. It requires a skilled person to go through the whole process, step-by-step. There is a significant amount of configuration across operating system, application and storage, with patches and updates to apply and a number of reboots along the way.

Finding a faster and more efficient way to do this without it being a massive drain on resources would be invaluable.

Even if it's not the loss of an entire server, there are issues around the recovery of the Exchange data. These issues typically have to be weighed up against backup options. For example, if a complete backup of the entire Exchange server is the most recent backup, then there could be limitations to how granular the recovery can be. This needs to be considered when defining backup strategy.

Other issues around recovery relate to how current the data that can be recovered is, and how long the application can stay offline. Data currency is dictated by when the last backup was run. Different technologies will impact the frequency with which you can backup, the currency of the data you recover and the amount of time required to recover the data.

High Availability and Downtime Avoidance
As stated earlier, most organisations view Exchange as business critical and, as such, it needs to be kept available around the clock. This means avoiding downtime in the first place and ensuring that there is duplication of the environment on standby to take over whenever something goes wrong.

Downtime can be both planned and unplanned, but either way, when it happens the consequences are the same. It could mean lost customer opportunities, lack of vital business information and general loss of productivity, with staff being paid to sit idle.

Failures can happen at the storage, the server or the application level. Wherever they occur the consequences are the same. However, it is possible to avoid downtime and, if a failure does occur at any of these levels, downtime can be kept to the absolute minimum.

Effective Data Protection
At the heart of the Exchange data protection strategy should be the right backup technology. VERITAS' Backup Exec for Windows servers will allow the Exchange server to be backed up in a fast and efficient manner.

The key component of this is the high performance Backup Exec Exchange agent. This enables the application to be backed up while online, meaning that the users can continue to send and receive email while a backup is running. Even if a backup is being run over night i.e. not in peak business hours, it doesn't matter if it spills over into the working day.

The Exchange agent delivers additional functionality aimed at helping address the constraints of the backup window. As well as the ability to run full backups it also allows incremental backups, capturing only changed data. This can be done right down to an individual mailbox level and means that backups can be done more frequently, increasing the currency of the recoverable data.

This greater granularity also brings benefits at the restore level. It means that only data that needs to be restored has to be restored. For example, if only a specific individual mailbox needs to be restored, then that can be done.

The other area where time is saved is the area of email attachments. Typically, the vast majority of Exchange data consists of email attachments. If 500 people in a company are sent the same email with the same attachment then the email and the attachment get backed up 500 times. This is not very efficient.

The Backup Exec Exchange agent allows single instance storage of attachments so while the email is backed up multiple times, the attachment is only backed up once. This has the double benefit of improving backup performance and saving on tape costs.

Backup can be further enhanced by utilising the backup to disk capabilities within Backup Exec. Disk based backups tend to be significantly faster than tape based backups and the falling cost of disk has made them incredibly attractive to many organisations.

Finally, Backup Exec's Desktop and Laptop option automatically protects PST's that reside on end users' machines for the final piece of the data protection solution.

Rapid Recovery and High Availability
When looking at recovery of critical applications there are two factors to bear in mind: Recover Point Objective (RPO) and Recovery Time Objective (RTO).

RPO is the point in time to which an application and its data needs to be recovered i.e. how current the data that needs to be recovered is. For example, if the most up to date copy of the data is a backup that was done two days ago then that is the best RPO that can be expected.

RTO is the amount of time that elapses from an outage taking place to restoring the system, recovering the application, restoring the data and bringing the application back on line.

Tape based backup and recovery typically has a longer RPO and RTO, which is fine for some applications, but not for the more critical applications such as Exchange.

Backup Exec's Intelligent Disaster Recovery option significantly enhances server recovery by capturing the configuration data from the operating system, server and applications and allowing the creation of bootable media for an automated restore process.

While this is great for recovering an entire server, it doesn't offer the appropriate level of RPO and RTO that is desired from an Exchange environment.

Improved RPO and RTO can be achieved using the mirroring capabilities found in VERITAS' Storage Foundation for Windows Servers, along with the FlashSnap option.

Storage Foundation allows a number of different physical disk storage devices - different types from different hardware vendors if necessary - to be centrally managed and presented to Exchange as logical rather than physical volumes.

These logical volumes no longer have to reside on one specific disk storage unit. This means greater scalability of Direct Attached Storage (DAS) and, in a Storage Area Network (SAN) environment, a central pool of storage can allocated capacity across different servers.

Storage Foundation also allows the creation of multiple mirrors across different physical devices. Added to that, these mirrors can be broken off to create point-in-time 'on disk' copies of data using the FlashSnap option.

For a failed Exchange environment, instead of having to restore from a tape based backup, the Exchange server can simply resynchronise the changes from one of these 'on disk' images and reapply any subsequent transactions to bring the server back incredibly fast.

Planned downtime for tasks such as adding storage is eliminated with Storage Foundation as storage can be added while the application is still running. Unplanned downtime through things such as physical disk failure can be avoided due to Storage Foundation's ability to create mirrors outside of any one disk device, be that JBOD (Just a Bunch of Disks) or a RAID type array.

Again, this mirroring of data outside of a physical device means that if an organisation has two locations connected by fibre then, distance allowing, data can be mirrored between sites, giving an up to date 'on disk' image of the Exchange data at another location to protect against an entire site outage.

This can be extended further still, where there is no fibre connectivity between sites. The Volume Replicator option to Storage Foundation allows data to be replicated to another location in another part of the country - or the world - across a standard IP network.

Avoiding Application or Server Failure
High availability of an Exchange server can be achieved using the Storage Foundation for Windows HA version. This includes VERITAS' award winning clustering technology, which can scale up to 32 nodes in a single cluster.

The cluster agent for Exchange will allow Exchange to be failed over to any server in the cluster in the event of a server or application failure. This, combined with increased availability at the storage level, provides an incredibly robust solution at a local level that virtually eliminates downtime.

For site protection, a single cluster that spans physical sites can be created in conjunction with remote mirroring over fibre, or synchronous replication with the Volume Replication option to Storage Foundation.

The ultimate level of disaster recovery or site protection is to have multiple clusters at multiple sites. Replicating the data between the clusters at the sites, combined with the Global Cluster Option to Storage Foundation, allows an entire site to be failed over to another location. This can also be used with an existing hardware based replication solution.

The flexibility of these various clustering architectures virtually eliminates Exchange downtime.

The starting point
When looking at an Exchange environment an organisation should start off by putting in place an effective data protection strategy.

Recovery needs to be considered from an RPO and RTO perspective in order to assess the appropriate technology.

The capabilities of Storage Foundation for Windows and the additional capabilities offered by the HA version combined offer greater utilisation of Exchange storage, centralise management, improved efficiency and can virtually eliminate downtime.