The evolution of cyberattacks poses new and unique challenges for organizations of all sizes. Gartner predicts that by 2025 more than 75% of IT organizations will face an attack by malicious actors. These attacks are increasing in frequency as well as efficacy, to the point that many industry experts suggest traditional backup methods are no longer effective.
Traditional backup methods in this sense often refer to the time-honored 3-2-1 backup rule. The 3-2-1 strategy simply states that you should always have 3 copies of your data (your production data and 2 backup copies) on 2 different media (i.e., disk, tape or cloud) with 1 copy stored off-site for disaster recovery. The 3-2-1 backup rule is depicted in the diagram below:
The 3-2-1 backup strategy evolved from the days of tape-based backups where there was only one media copy, and it was taken off-site. While an advancement, it was inherently limited by the technology of the time. The media was commonly tape and depending on the organization, the off-site strategy ranged from hiring a service such as Iron Mountain to storing tapes in the trunk of the IT manager’s car. As cloud-based backup technologies evolved, organizations started to leverage cloud for business continuity and extended retention.
Cloud technologies give organizations more flexibility in planning a geo-redundant backup strategy. Geo-redundancy is the practice of distributing mission-critical components across multiple geographic locations. In the backup use case, geo-redundancy ensures that a copy of your backups is safely located in a separate geographic region. This copy acts as a safety net in the event an outage impacts your primary site and the surrounding region.
With threats like ransomware increasingly targeting backup data, having a copy that is either off-network or immutable will ensure the malware cannot access that data. A 4-2-2 strategy (4 copies, 2 formats, 2 stored off-site) where you have the option to replicate backup copies to cloud and/or disk media, enables your organization to balance recovery needs, retention requirements and cost. An example of the 4-2-2 strategy is depicted below:
In the next section, we’ll discuss Unitrends deployment options and how you can architect a 4-2-2 strategy with Unitrends.
How Unitrends is deployed
Following the premise of a 4-2-2 backup strategy, the first copy of your data is the production data. In order to safeguard production workloads, Unitrends deploys either a purpose-built physical backup appliance or a virtual appliance on existing compute, storage and hypervisor resources. Unitrends virtual appliances may be deployed on VMware, Hyper-V or Nutanix AHV hypervisors.
Regardless of the deployment type, Unitrends appliances offer support for more than 200 versions of operating systems, applications and hypervisors. Your backup schedules and policies may utilize a combination of file-, image-, hypervisor- and application-level backups, depending on your recovery goals and the makeup of the protected environment. The second copy of data in the 4-2-2 strategy resides on the local appliance where it is stored in a hot state and immediately available for recovery. Unitrends appliances leverage global, adaptive deduplication to optimize the utilization of your local backup storage. While users typically store 30–90 days of backups on their local appliance, it’s not unheard of to have customers store data for three years or longer to meet their needs.
It’s important to have a redundant copy (or even better, copies) of your backup data that’s moved off-network and off-site in the event of a disaster. To move backup copies to an alternate target, Unitrends appliances are equipped to perform WAN-accelerated replication to help you achieve this goal. Replication capabilities are native to the Unitrends appliance. You’ll benefit from techniques like deduplication, compression, encryption, latency optimization, checkpointing and source querying, connection limits, simple rate limits and other functions to move data as efficiently as possible over the WAN, without the use of add-ons or proxy servers and gateways. The decision you’ll have to make is where are you sending the data to. Depending on your goals, you may use a combination of hot and cold targets to achieve them.
Replicating to hot targets
If you need your data to be available for recovery at a moment’s notice, you’ll want to replicate one set of your backup copies to a hot target. A hot target stores backup copies in a recovery-ready state.
Hot targets include:
- Unitrends Recovery Series
- Unitrends Backup Virtual Appliance
- Unitrends Cloud
You may replicate from your source appliance (physical or virtual appliance) to a secondary appliance (physical or virtual) to perform disaster recovery functions. The restore options available with your local appliance (file, folder, bare metal, instant recovery, etc.) may be used with backup copies. Backup copies at your DR site may be used in combination with Recovery Assurance, enabling automated, application-level verification of backup copies prior to recovering them in a DR event. Should the environment have limited recovery infrastructure, Unitrends Recovery Series MAX appliances boast 300% more compute and memory, designed for on-appliance failover for small office and branch locations.
For organizations that operate from a single location or don’t have a dedicated DR site, Unitrends Cloud is an SSAE 16 certified, SOC 2 Type II compliant cloud data center designed to enable our customers with long-term off-site retention and white-glove Disaster Recovery-as-a-Service. With this model, mission-critical workloads (or your entire data set) are replicated to the Unitrends Cloud where the backups are stored in a hot state. Should a disaster disrupt operations at the primary data center, the Unitrends team will spin your backups into production and reroute traffic through an IPsec tunnel. When ready to return to the local data center, the Unitrends team will assist in failback and move workloads out of the cloud to return to their primary location. Unitrends operates multiple geo-redundant cloud data centers across the globe, regions include the US, Canada, the UK, Germany, Ireland and Australia.
Replicating to cold targets
Cold targets are a great way to achieve geo-redundancy and retention goals in a cost-effective fashion. Cold copy backups enable users to achieve inexpensive (when compared to some cloud services), long-term retention as well as creating an airgap between the production network and the backup copies. However, recovering data from cold media requires additional steps. Local backups or hot copies should be used, where possible, for situations where a low RTO is required.
Unitrends cold copy targets include:
- Disk (eSATA, USB)
- Tape* (SAS, SCSI)
- NAS (CIFS, NFS)
- SAN (iSCSI, Fibre Channel)
- Third-party cloud (AWS S3, S3-IA, Google Cloud Storage Standard, Google Cloud Storage Nearline, Rackspace, Wasabi Standard and Wasabi S3)
*Virtual appliances do not support drivers to replicate to tape.
The 4-2-2 backup strategy enables you to perform disaster recovery in different ways, whether by using the cloud, physically moving data off-site or a combination of both. Unitrends offers a variety of strategies to meet the unique needs of your environment. While you may not need this type of flexibility today, you may in the future. Ensure your business continuity and disaster recovery vendor(s) are focused on delivering you support for your agile, ever-changing IT environment.
If you’d like to learn more about how Unitrends can help you achieve your BCDR goals, get a demo today.