Frequently Asked Questions About Cloud Backup
Only two pieces of software are installed on the customer’s LAN either on the source machine or on separate machines: TDV Cloud DS-Client that collects data and sends it to the TDV Cloud Data Center, and TDV Cloud DS-User that acts as the user GUI and enables configuration of all backups and restores.
The TDV Cloud DS-Client has one network connection to your network and one connection to The Data Vault’s network/internet (with access to the TDV Cloud DS-System). This flexible approach allows The Data Vault to integrate fully with your current configuration.
The Data Vault will install the TDV Cloud DS-Client unit and the TDV Cloud DS-User Console at your site and provide the necessary training.
If the installation is particularly complex or remote sites are involved, onsite support is available at a daily rate.
Installation of TDV Cloud software can be done through a Remote Desktop Connection. Once installed, TDV Cloud DS-Client can be managed through a remote session or can be managed through a TDV Cloud DS-User GUI installed remotely.
2. Setup of Backup Sets and Schedules
The backup user is responsible for backing up and restoring all the data on your network, it is essential that access permissions are of administrative equivalence. TDV Cloud can only back up data that this user can access. A less privileged user may be restricted, causing data to be missed from the backup.
As part of the installation training, The Data Vault will ensure that all your main servers are sensibly configured to ensure that all the data to be protected is backed up. Additionally, you will be invited to send your nominated backup administrator for a full day of training at one of The Data Vault’s in-house training courses.
The Data Vault will set up users with access to create and maintain backup sets and schedules. Only people with a user ID on the TDV Cloud DS-Client or on the Domain it belongs to will be able to administer its functions.
Multiple user accounts can be created for use on the TDV Cloud DS-Client and access permissions can be set per backup set. These permissions can be any combination of Backup, Restore, Delete or Modify privileges. For Example, a particular user could be given access to backup and restore only their own machine.
Backups can be time-based and configured as often as every minute or as infrequently as once a year. More advanced schedule options include the last working day of the month or even one off backups on a particular date. Backups can also be triggered based on events. Continuous Data Protection (CDP) captures each change to a file regardless of the time interval.
A backup set can include a whole server, share/volume, directory or even a single file. The backup set could even include just the registry.
There are 99 different priority levels that can be assigned, ensuring maximum flexibility when organizing your backup schedules.
Any number of machines can be backed up simultaneously. However, as network bandwidth is a factor, The Data Vault would recommend 8 at once in a LAN environment with a 32-bit DS-Client and 12 at once in a LAN with a 64-bit DS-Client (default values for a DS-Client installation).
Yes, the software is designed to fit specific backup windows. TDV Cloud can be told what time to stop at, for example at 8:00am when employees are starting their workday, or maybe at 5:00am if there is an important batch process to run.
3. Data Processing & TDV Cloud DS-Client
The TDV Cloud DS-Client acts as a gateway only, passing data through after it has been compressed, de-duplicated and encrypted. A database showing information on what has been backed up is held on the TDV Cloud DS-Client, but no actual data files are retained. Alternatively a local storage can be configured on TDV Cloud DS-Client LAN. In this case, backup data is also held locally.
For large data volumes, the initial backup may be done utilizing a portable unit, backing up at LAN speeds to a large array of disks. When the full backup of your data is complete, the disks are transported back to The Data Vault’s Data Center. Future backups, which are purely incremental (incremental forever), will be transmitted via the WAN and synchronized with your initial backup data at the Data Center.
No, but a dedicated user is recommended and it should be set for no password expiration or if password expiration policies must be enforced, use the DS-Client’s Password Rotation feature. In a domain, or NDS environment, a user on each machine isn’t necessary as one central user can be created with access to all the resources that require backing up.
Yes, by default the TDV Cloud DS-Client backs up its own database at 6:00am every morning, although this time can be changed, if desired.
The TDV Cloud DS-Client only requests data as it can process it and will not pull more data across the network than can be processed. The data sits in a queue and as soon as part of the queue frees up, the TDV Cloud DS-Client gets more data for processing.
De-duplication is one of the ways that the TDV Cloud DS-Client reduces the raw data from your network servers across all remote offices to a size that can be transmitted over the WAN. It ensures that the same data is never transmitted offsite more than once, thereby saving the bandwidth to transmit only new, unique data. It achieves this simple elimination by generating a digital signature of each file as it is backed up and comparing it against the known details of all previous files. If the digital signature matches a previously backed up file, it must be a duplicate and only a shortcut need be transmitted up the line. Due to the way this technique is applied, it does not matter if the files are on different servers, at different offices or even have different filenames.
Delta blocking is a technique that divides all files into blocks. When the file is detected to have changed, the digital signature of each block is compared against the last known digital signature for the same block of the same file (stored in the database on the TDV Cloud DS-Client. Any blocks that are different are pulled out to be re-transmitted. These delta blocks will also be compressed and encrypted before transmission.
If the backup is stopped, for whatever reason, it will retry the operation based on the configuration of the TDV Cloud DS-Client. If all retries fail it will continue onto the next backup in its schedule. It will not revisit the failed backup set until the next time it is set to run, e.g. the following night, at which point it will pick up where it left off. If however the problem has been rectified and the backup window allows, the backup can be restarted manually, immediately. However, if the backup set is configured with local storage cache the backup will continue its operation by backing up the data locally to the configured buffer.
The Data Vault has a dedicated team monitoring the progress of backup events 24×7. If a problem occurs, it will be escalated through the appropriate channels.
No, unless CDP is configured the TDV Cloud DS-Client will only connect to your servers during the specified backup schedule, therefore it will not use valuable connection at other times.
The number of versions is a parameter that the system administrator can set. Unlike a tape backup, where the routine is to rotate tapes in a cycle, TDV Cloud will only back up a new version of a file when it changes, guaranteeing that the customer is not wasting space backing up exactly the same version more than once. The number of versions stored can be configured on an individual backup item basis. By default, each backup item stores 30 versions, if applicable. Each backup set can be configured down to include just one file if desired, giving you the ability to maximize the efficiency of the storage.
TDV Cloud offers Agentless support for a range of network platforms.
- Extensive OS Support: Windows 2008, Windows 7, Vista, NT, 2000, XP, 2003, Mac OS X, XenSource, VMware, Novell Netware, IBM AIX, SUN Solaris, HP-UX, HP-Tru64 UNIX, IBM iSeries, Red Hat Linux, Novell Suse Linux, etc…
- Extensive Database/Application Support: MS SQL Server, MS Exchange Server & Outlook 2000/2003/2007/2010, Oracle, IBM DB2, MySQL, PostgreSQL, IBM Lotus Notes/Domino Server, Novell Groupwise, SAP, MS SharePoint
Yes, TDV Cloud can backup local/NFS/SSH supporting Unix permissions, POSIX file names and soft links. Also, for NTFS volumes TDV Cloud can backup both permissions and Alternate Data Streams. Permissions and Extended Netware Attributes can also be backed up for Netware.
Microsoft developed SQL and Exchange with the backup requirement in mind. Both products can respond to API calls requesting the services to dump their data, while online, to an external destination. In TDV Cloud’s case the product simply asks the specified MS SQL or Exchange server to stream the data to the TDV Cloud DS-Client where it is delta blocked and transmitted offsite. This process is a totally supported Microsoft function and guarantees compatibility with your existing Microsoft systems.
Yes, even though TDV Cloud is an agentless solution, it is still capable of running commands on remote servers. For example, shutting down a database or application running on a server to back it up and restart afterwards, or perhaps interact with some overnight batch processing.
Open files are an issue in most backup environments. If a file is open exclusively on a workstation, it is the server’s responsibility to stop anyone else, including a backup application, accessing that file.
To help counteract these issues TDV Cloud has a range of options which handle open files. These options, combined with use of the Pre and Post commands, enable the backup of almost any file. TDV Cloud also can use Microsoft VSS which handles access to open files. More complex environments such as Oracle or DB2 can usually be configured to dump their data into a normal file which will be delta blocked and backed up as normal unless the specific Backup Set type is not used.
TDV Cloud DS-Client and TDV Cloud DS-System run using the time zone set on the machine clock.
TDV Cloud performs block-level deduplication on files. File system maintenance tasks do not affect files at the level in which TDV Cloud influences them. Disk defragmentation will not negatively affect deduplication in any way.
First you need to install an operating system on new or repaired hardware. Then, The Data Vault will re-install the TDV Cloud DS-Client with the same encryption keys and the same account/TDV Cloud DS-Client numbers and recover TDV Cloud DS-Client DBs from TDV Cloud DS-System. TDV Cloud DS-Client can however be installed as grid, thus offering redundancy in case of failures.
Yes. This is accomplished through reconfiguring the parameters on TDV Cloud DS-System. In this case The Data Vault should be contacted to perform the operation.
No, the TDV Cloud DS-Client is not supported running on Fedora Linux. The Linux versions the TDV Cloud DS-Client is supported on are RedHat and SUSE.
Using the Linux TDV Cloud DS-Client, in the New Backup Set Wizard, select Local File System, NFS, UNIX-SSH. There are no specific backup types for different versions of Unix or Linux.
Yes. There is a feature available in the MS Exchange Database Backup Sets that allows backup of the MS Exchange DB clusters using passive node. This option can be found in the New Backup Set Wizard and is simply a checkbox.
The Public IP. The TDV Cloud DS-Client establishes a TCP connection to the TDV Cloud DS-System IP Address provided or DNS name.
No. Windows TDV Cloud DS-Client supports Microsoft SQL Server database instances and Linux TDV Cloud DS-Clientsupports PostgreSQL as the back end database.
The content of notification emails cannot be modified. The subject of notification emails can be changed.
Yes, TDV Cloud does integrate with third party open file managers like St. Bernard OFM.
During installation the TDV Cloud DS-User is installed on as many or as few workstations as required and will require a valid logon, ensuring no unauthorized access. The TDV Cloud DS-User GUI acts as your interface with TDV Cloud and enables the configuration of all backups and restores. The DS-Client Monitoring module can also be used to monitor the activities on the DS-Client.
The Web Portal module provides a web point of entry for monitoring client backups. It stores client account and configuration information as well as Web Portal logs. The Data Vault can set up the web portal so each customer is associated with a unique TDV Cloud DS-System IP address or DNS. Web Portal shows the last backup time and the completion (successful, with errors, premature) for each backup set through its reports. If a backup set completes with errors, the number of errors are shown. A variety of reports can be generated to statistically review backup (the number and duration of their connections, number of activities, number of files, protected size etc.) and restore (number of activities, number of files, over a specified period) activities. The Web Portal can also be used to search and download archive data from BLM Archivers.
5. Compression, Encryption and Security
TDV Cloud DS-Client performs compression and encryption before sending data to The Data Vault’s Data Center. This ensures security because:
- Data can be restored only by the TDV Cloud DS-Client that backed it up, or by another TDV Cloud DS-Client that was installed using the same encryption types and keys as the TDV Cloud DS-Client that backed up the data.
- Someone monitoring data being transmitted between TDV Cloud DS-Client and The Data Vault’s Data Center would intercept only encrypted data blocks. This ensures that access to confidential file content is not possible.
- Data stored is also encrypted in the The Data Vault’s Data Center. Meaning that only the customer can have access to the backed up data once it has been recovered. The customer is the only person who knows his/her unique encryption keys.
TDV Cloud’s encryption is FIPS 140-2 certified. FIPS certification is given through the Cryptographic Module Validation Program (CMVP) that was established by NIST (National Institute of Standards and Technology) and the Communications Security Establishment (CSE) of the Government of Canada. Products validated as conforming to FIPS 140-2 are accepted by the Federal agencies of both countries (Canada and U.S) for the protection of sensitive information.
Compression can be likened to letting the air out of a balloon. Although the air has gone, the structure still exists and it can be re-inflated easily. The advantage is that it takes less room. Files, especially databases, are often full of empty space, which can be removed to make the file smaller for transit, whilst making it very easy to recreate. A conservative compression to expect with TDV Cloud is 3:1 for the initial backup.
Compression reduces the amount of data transmitted to the The Data Vault’s Data Center, making backups faster, as well as reducing storage space. Compression is particularly useful for slow communication links and/or very large files.
Zip files and other compressed files are already efficiently compressed. TDV Cloud cannot improve on the compression, but the file will only be transmitted once. If the file should change, then delta blocking will be used to ensure only the changed portions of the file are re-transmitted. By default TDV Cloud will not perform compression on files that are already compressed.
6. Transmission Off-Site
The TDV Cloud service utilizes a WAN to transmit data offsite. All backup data is compressed, de-duplicated and encrypted prior to transmission. TDV Cloud encryption is FIPS 140-2 certified. Additionally, all communication between TDV Cloud software is encrypted with a random encryption key. This is infinitely more secure than many current backup policies. How does yours stack up?
As part of the TDV Cloud solution, software will automatically attempt to reconnect three times at five minute intervals and will continue the backup process at the block level when the communication line is re-established.
Only new and unique data will get backed up after the initial backup. Duplicate or unchanged files will not be transmitted.
The data is backed up in real time, so when the administration console indicates that the backup is complete – it is also an indication that the backup data is offsite.
TDV Cloud DS-Client can be configured to send notifications if a backup set completes successfully, completes with errors or does not complete. Notifications can be sent via SNMP traps or email notifications. TDV Cloud do have a bandwidth throttle which can be scheduled for certain times of the day. However, there is not an alert available to notify if bandwidth usage exceeds some threshold. Use the bandwidth throttle functionality to cap to that threshold.
7. Offsite Storage at The Data Vault
TDV Cloud is a disk to disk solution where data is held on disk for rapid access times and is additionally replicated to an alternate location.
Yes. Authentication is performed between the relevant TDV Cloud DS-Client and system unit each time they connect to re-verify the authenticity of the TDV Cloud DS-Client. Additionally, the backup data is held encrypted. Only the customers’ unique encryption keys will decrypt the data.
8. Restoring Data
The data is available for restore immediately after it has been backed up and is confirmed to be held offsite.
Yes, you can restore an individual file and also specify which version you want to restore.
The Message Level Restore (MLR) module allows users to selectively backup and restore individual mailboxes and email messages for one user or for an entire email server, depending on needs. Using selective filtering, users can save time and resources by restoring only selected mailboxes or emails, instead of having to restore the entire Exchange, Domino or GroupWise servers.
Yes, TDV Cloud will display all the files that were backed up on any given day. Providing the backed up files have not been deleted by an administrator or overwritten by more recent versions, then it is possible to restore up to any given date.
Yes, the restore data can be redirected as desired. You are able to browse the network and provide connection credentials for the redirected restore location, just as you do for creating the backup set.
9. Disaster Recovery
Yes, you can select easily which files/directories/servers you wish to restore. There is no need to restore non-essential data until a later time if desired.
The Data Vault can interact closely with your disaster recovery and business continuity plan, providing a portable unit of disks, holding your data and a new TDV Cloud DS-Client to any required site. This site may even be the site of your disaster recovery company. This combination of portable unit and new TDV Cloud DS-Client can enable LAN speed restores to reconstruct servers and workstations.
Yes, Disaster Recovery drills can be performed periodically if requested.
10. Local Storage
TDV Cloud DS-Client can be configured to store up to the last 30 days of backup locally to the DS-Client LAN in compressed format. This storage option is in addition to keep the data on the TDV Cloud DS-System and provides option for fast local restores of large data sets in case of disasters and recoverability of data in the event that the TDV Cloud DS-System is unavailable.
11. Data Protection
Absolutely. TDV Cloud software can backup laptops with our DS-Mobile Client application that has a small footprint, CPU and bandwidth throttle and secure, efficient transmission of data or with the TDV Cloud DS-Client.
A NetApp appliance is backed up the same way as any other NAS device. You do so by backing up the data through exported shares (i.e. CIFS shares for Windows, NFS shares for Linux).
LAN Discovery is a tool used to discover data within a network that can be protected with a DS-Client in that location. LAN Discovery allows the The Data Vault to generate reports about data volume, location, duplicate data, access trends and storage space.
Statistical-mode backup is a method that performs a “dry run” on a backup set. This process performs 100 of the functionality of a regular backup with the exception of sending data to the TDV Cloud DS-System. Actual deduplication and compression statistics are generated along with information regarding the amount of net-new data created and backup set completion time. With all of the information contained in reports after running a statistical backup, The Data Vault can give a customer a real-world costing and performance estimate.
TDV Cloud uses the Linux TDV Cloud DS-Client to perform backup and recovery of virtual machines at the VM-level. The TDV Cloud DS-Client interfaces agentlessly with ESX server or Virtual Center to perform backup without the need for any other 3rd party products. Recovery can be performed to any ESX server.
Yes. TDV Cloud DS-Client can run on Windows, Red Hat or SUSE native or virtual machines.
TDV Cloud de-duplicates at the block level. Since all the guest OS files appear as one large VMDK file from the host side, individual files backed up from the guest side will not be de-duplicated within the VMDK file. However, if the same file was stored in multiple different directories on the guest side, these would appear as repeating blocks within the VMDK file and these blocks would be de-duplicated.
If you want to backup the VM from the host side (i.e. backup the VMDK and associated files), you must use the Linux TDV Cloud DS-Client. However, a Windows TDV Cloud DS-Client can backup and restore Windows Virtual Machines through the guest Windows operating system. A Windows TDV Cloud DS-Client can also be used to backup and restore via VMWare Consolidated Backup and File System Backup Sets.
VMDK refers to extension of the files that implement virtual machines. Thus, the VMDK is normally a single file (depending on configuration a VMDK can also be split into chunks) and looks for duplicate VMDK files. It is doubtful that any two VMDK files will be identical. Therefore, VMDK will not dedupe against files backed up from the guest. The incremental VMDK backups will only backup the blocks that change within the VMDK file.
Yes. However, VM-level backups of ESX hosts are recommended for DR purposes and whole machine recoverability. File-level backup sets may be necessary to meet the most granular restoration requirements. Often a hybrid approach of both VM-level and file-level specific backups makes sense.