In this continuing series of blog posts we are going to cut through the self-serving and competing claims and examine each of the arguments in favor and against the various techniques used for virtual data protection. You can check out the first post from this series here. Today’s post will discuss virtualizaton backup approaches.

Picking up where we left offearlier this week, we’re going to explore the primary advantages and disadvantages of GOS-level protection versus HOS-level protection. Today we will cover a few more topics and then conclude the discussion next week. Please leave us a comment letting us know if we’re leaving out a feature that you would like to see discussed here.


Validation refers to various techniques for ensuring that a backup is recoverable.  Both HOS and GOS-level data protection vendors typically offer various types of audited instant system recovery techniques.   In additional, GOS-level protection vendors who offer application-aware protection typically offer various types of integrity checking that go beyond the “data is data” mantra of block-only protection.

Advantage: Tied (vendor implementation is the critical deciding factor with respect to validation)

Backup Performance

File-based backup allows the greatest degree of flexibility and granularity; however, this flexibility and granularity comes at the cost of slower backup performance.  Particularly on Windows-based file systems, the read speed of the file system can be much slower than block-based backup.  Thus block-based backup tends to be faster than file-based backup.

HOS-level backups are always block-based.   GOS-level backups can be either file-level, block-level, or both.

Make sure if you use block-based backups with applications that your application vendor supports it.  For more information see “Application Support” later in this blog post.

Advantage: Tied (both GOS- and HOS-level backup if performed at a block level is faster than file-level backup.)

RPO: Recovery Point Objective

RPO is the maximum amount of data, measured in time, which you can afford to lose.  Thus if you have an RPO of 5 minutes, that means you can afford to lose up to 5 minutes of data.

Vendors typically talk about RPO as a monolithic single entity for an IT infrastructure.  But the truth is that RPO should be based on the discrete entities that constitute your IT infrastructure.  There are going to be certain physical servers, virtual machines, applications, volumes, directories, or even files that are more critical than others.

Note that in the simplest case, you could just decide your entire IT infrastructure has an RPO of 1 minute (for example) and use HOS-level or GOS-level block protection.  The problem tends to be the change rate of your data in your environment.  If you have a low change rate and you know you’ll always have a low change rate, then this non-granular approach to RPO works fine.  But as your change rate increases, you find that you’re not able to capture and transfer all of the changed data at once – and even if you are it takes a toll on your production environment.  Thus it’s best to optimize this through granular application-aware backup.

The ability to granularly define how often you backup an entity up is key to achieving an optimal RPO throughout your IT infrastructure.

Advantage: GOS-level protection (with the caveat that you’re using a non-block-based application-aware backup and not just application-aware recovery)

RTO: Recovery Time Objective

RTO is the maximum amount of time that it takes to recover data, a system, or your entire environment.  As long as your data protection solution offers modern instant recovery technology, your RTO will be measured in minutes whether you’re using HOS- or GOS-level protection.

If you need an RTO in seconds, you should look into a virtualization-based high availability solution to augment your data protection solution.

Advantage: Tied

Application Support

HOS-level vendors tend to tout application-aware recovery – the reason is that they do not offer application-aware backup.  GOS-level vendors who offer only block-level backup tend to do the same.  The best application-level data protection solution is one which is not just application-recovery aware but also application-backup aware.  Application-aware backup allows IT administrators the ability to change backup policies and to recover with a finer degree of granularity.

Also be aware that there are applications vendors which specify they will support you in your recovery attempts only if you use application-aware backup.  For example, Microsoft specifically notes in their system requirements for Exchange 2010:

Some hypervisors include features for taking snapshots of virtual machines. Virtual machine snapshots capture the state of a virtual machine while it’s running. This feature enables you to take multiple snapshots of a virtual machine and then revert the virtual machine to any of the previous states by applying a snapshot to the virtual machine. However, virtual machine snapshots aren’t application aware, and using them can have unintended and unexpected consequences for a server application that maintains state data, such as Exchange. As a result, making virtual machine snapshots of an Exchange guest virtual machine isn’t supported.

A good conversation regarding this, with references to the Microsoft documentation, may be found here.

Advantage: GOS-level protection (if application-aware backup and recovery are offered.)

Distributed Application Support (e.g., SharePoint Farms)

HOS-level protection is agnostic to distributed application support.  GOS-level protection at the block level is also agnostic to distributed application support.  Unfortunately, protecting distributed applications requires a backup solution that understands how to synchronize distributed applications.  Thus an application-aware backup scheme must exist.

The advantage here goes to GOS-level protection if and only if application-aware backup exists.

Advantage: GOS-level protection (with the caveat that application agents exists.)


GOS-level reporting can be performed at a per-object level and thus is much more granular than HOS-level reporting with respect to files, directories, volumes, databases, and other application objects.  So if you’re looking for sub-virtual machine object level reporting, GOS-level protection is superior.

However, GOS-level protection is blind to the virtualization infrastructure; thus GOS-level protection can’t report on virtual machines and aggregations of virtual machines.

Advantage: Tied (depends on the type of reporting you want.)


Archiving refers to making tertiary copies of data that are packaged together and transferred to some physically separate storage device.  An easier way to think about this is that backup should be designed primarily for recovery and short-term retention while archiving should be designed primarily for longer-term retention.  Archiving should be integrated into a data protection system and offer both rotational archiving strategies (e.g., disk and tape) as well as fixed archiving strategies (e.g., NAS, SAN, cloud.)

Neither GOS- nor HOS-level data protection confers an inherent advantage over the other in terms of archiving; instead, the implementation of archiving by the vendor is critically important.

Advantage: Tied (depends upon vendor implementation.)


In terms of replication, both GOS- and HOS-level data protection can do a fine job of transferring data.  What’s more important is the method by which replication is performed.  The two things to watch out for with respect to replication are

  • Primary/primary versus primary/secondary replication.  Primary/primary replication means that both backup and replication occurs from the primary (or live) data.  This means that replication will contend with user data access and possibly with backup as well.  Primary/secondary replication means that backup occurs from the primary (or live) data and replication occurs from backup (secondary) data.  Primary/secondary replication is almost always recommended.  This is independent of HOS- and GOS-level data protection.
  • The granularity of objects that can be selected (or unselected) for replication.  WAN bandwidth tends to be the primary issue with respect to replication – thus the ability to select what will and won’t be replicated is critically important.  GOS-level data protection tends to be more flexible and granular with respect to replication granularity.

Advantage: Tied with a nod toward granularity if WAN bandwidth is important (depends upon vendor implementation.)

Licensing and Pricing

Regarding licensing and pricing, the key questions to ask are

  • Is more than one type of licensing available?  Typically at least two are preferable.  That way if you’re IT infrastructure represents an end-case for a licensing methodology (for example, 1 server with a petabyte or 100 servers with only 5GB each to protect) you are more likely to have a choice as to which you’ll use.
  • What types of licensing are available?  Typically it’s better if both a resource-based licensing scheme (based on sockets, servers, applications, and the like) as well as a capacity-based licensing scheme (based on terabytes) are available.  That way you can choose the licensing that best matches your environment and your anticipated growth in the future.

There is no specific advantage of GOS- versus HOS-level protection with respect to licensing and pricing because this is more a function of the vendor than it is whether GOS- or HOS-level protection is used.

Advantage: Tied

We’ve covered quite a few topics this week. What do you think?