ABOUT SANITY

HOME

THE SANE CHOICE

OUR MISSION/CULTURE

PROFESSIONAL SERVICES

CAREERS

BEST PRACTICES & INDUSTRY NEWS

CONTACT US

OTHER STORIES

COMPOS MENTIS

SANITY SPOTLIGHT

ARCHITECTING THE RIGHT ARCHIVING STRATEGY

THE CASE FOR CONTENT ADDRESSABLE STORAGE

OTHER STORIES

COMPOS MENTIS

SANITY SPOTLIGHT

ARCHITECTING THE RIGHT ARCHIVING STRATEGY

THE CASE FOR CONTENT ADDRESSABLE STORAGE

OTHER STORIES

COMPOS MENTIS

SANITY SPOTLIGHT

ARCHITECTING THE RIGHT ARCHIVING STRATEGY

THE CASE FOR CONTENT ADDRESSABLE STORAGE

Data News

Fourth Quarter 2008

Compos Mentis
Sanity Speaks

On behalf of the entire crew at Sanity Solutions, I want to wish our clients, partners and everyone out there a happy holiday season. To commemorate all of the advancements we have made this year, we are ending 2008 with a double-sized Data News. There's a lot of great information to be shared, so enjoy and know that we always stand ready to assist you with any of your data management needs.

Sanity Spotlight Chris Harrold We are thrilled to welcome Chris Harrold to the team as our new consulting engineer. Chris, a Denver native, comes to Sanity with more than 15 years experience in the servers and storage administration, architecture and implementation industry. "I am excited to be a part of the Sanity team and to help increase the company's professional service capabilities," said Chris. "I also appreciate this opportunity to help our clients weed through the often confusing data storage technology that is out there, and to find the solution that best fits their company and its requirements." Chris previously worked for CommVault as the senior engineer for the western U.S. region and has also worked for companies such as Archstone and Time Warner Telecom, as well as consulted for Qwest, Lucent Technologies, MediaOne Group (now AT&T), and others. In his most recent positions, Chris was responsible for implementation of large storage area network (SAN) infrastructures, networks, and servers within UNIX and Windows environments.

ARCHITECTING THE RIGHT ARCHIVING STRATEGY

The Convergence of Archiving Strategies in the Enterprise

In December of 2005 the Federal Courts released a change to the rules that govern court cases tried in the Federal Court system. Called the Federal Rules of Civil Procedure or FRCP, this rule update contained requirements governing electronic discovery. It is a general practice that all lower courts (State, Civil, and Criminal) generally adopt the same rules and they have moved quickly to do so in this case. This means that any organization, large or small, public or private is subject to the same set of rules in the event of litigation.

Much hay has been made of this rule change, but in spite of the hype and fear surrounding the rule changes they are actually a boon for IT managers looking to control the explosive growth of their storage environments. This convergence of disparate archive strategies is the basis for an effective litigation support strategy and a solid ILM strategy that allows the back-end benefits of reduce storage utilization and the all important ability to be prepared for litigation.

What it is and what it isn't
First and most importantly the FRCP ruling DOES NOT say that you have to keep all your data forever. I saw an ad on a sign at the airport recently that said keeping all your email is the law. This is 100% false. Companies are using the fear factor surrounding the misunderstanding of the FRCP change to market products that fit a specific niche while failing to acknowledge the larger picture of IT strategy. What the FRCP ruling DOES say is that if you have a retention plan (and you really need to have one) then as long as you can prove you follow it you cannot get in trouble for deleting stuff "in the course of normal operations". What that means is that if you have a policy that says you keep your emails for 45 days and you purge your system at 45 days then you are just doing what you said you would.

Where this situation changes, and this is part of the FRCP as well, is if you KNOW you are getting sued or party to a lawsuit. This notification process is the first step in the E-Discover process and it creates some immediate action items for IT. Once notified of pending action, IT must identify the data in question in the suit and then retain it until the case is decided – this can also (and almost always does) include any subsequent data produced after the date of notification. Well therein lies the rub, doesn't it? How do you even begin to sort through the data to find the relevant stuff? Add to this the other little gem in the FRCP that says ALL electronic information (not just email – this means anything made out of 1's and 0's) is fair game to be requested AND it has to be in its original format. Oh boy. Now what?

This all sounds like a lot of work. It could be if you are not prepared for this situation and taking steps now to mitigate the risks to your organization. What is fantastic about the FRCP changes is that on the one hand they are very specific about what you need to do, but on the other hand they give no real direction as to HOW you need to do it. This gives you a lot of flexibility in crafting an architecture that meets your needs and protects your company. The policy statement protects you from getting in trouble for deleting information without knowing it might be important someday so now you just have to prove enforcement of the policy itself. This is where a carefully architected and well thought-out archiving strategy is going to be extremely important.

What, when, and where
Archiving falls into two basic categories: what I call storage archiving – which is the cleanup of old and infrequently used data (often called HSM, ILM, or Tiered Storage), and what is currently positioned as "compliance archiving".

I feel it is very important at this point to say that there is a very common and widely propagated misconception that by installing a hardware appliance or piece of software you have magically made yourself compliant. This was the point of the ad I saw in the airport, but the real question is compliant to what? There are lots of different compliance and governance guidelines out there and none of them say "install this hardware device and you are good". All of them say that you need to have a program that is made up of policies and procedures and anything you install or apply to this program is just a tool to support your compliance objectives. That said these tools are still very important and play a role in making what would be an otherwise impossible task for the IT team something that can be made a reality.

The Convergence of the two archive types
Storage archiving takes data that hasn't been "touched" in a while and moves it somewhere else. This could be to a lower tier of storage inside an array, to an alternate tier of storage physically separate, or even to something like tape or DVD for long-term retention. Most storage archiving products will either be array based or software based and while they are both called archiving they both have very different goals. Array based archiving simply moves blocks of data from one type of disk to another – usually from a higher performance and/or cost disk to a lower one. This is great, but it is important to note that the data is still in the array. If you want to get it out of the array and onto something else you will need a software solution.

On the back end of this operation is a concept that dovetails into compliance archiving. Data cannot live forever and the ability to delete data that has lived to a ripe old age is a critical piece of compliance to your data retention policy. If you cannot delete it eventually then you are not adhering to your policy. Software based archiving will give you the ability to delete the data after a certain time has passed. This is critical to maintaining your compliance plan and keeping yourself out of hot water!

What has commonly been dubbed the Compliance Archiving model has been focused on the complete capture of email messages. These systems use some form on inline transit capture to grab a copy of every email message in and out and around the organization. These messages are then kept for some period of time as potential evidence and for internal investigations. This was fine before the FRCP ruling went into effect, but now falls short of the global discovery requirement that the rule change has created. So while this form of archiving is still very much a critical part of the overall strategy for archiving it has become less of the focus that it had previously been.

The complete Archiving Strategy
The complete archiving strategy then must include elements of both types of archives as well as the ability to perform overarching discovery of data throughout the enterprise regardless of where it is. It must be simple and scalable in order to not require additional FTE labor to manage it and it needs to incorporate a good reporting mechanism so that your adherence to your policies can be validated. When you consider the enormity of your data and the complexity of your systems this can appear to be a daunting task, but there are many ways to integrate effective archiving into your storage management plan. When the time comes to begin the planning and policy creation phases keep this information in mind as you move forward to develop the archiving strategy that is right for your organization.

About the Author: Chris Harrold is a Consulting Engineer at Sanity Solutions. Sanity Solutions is a nationwide specialist in data management, backup and recovery, business continuity, security, and infrastructure and support. Chris can be reached at charrold@sanitysolutions.com.

THE CASE FOR CONTENT ADDRESSABLE STORAGE

The jury is out on the relevance of CAS in the Age of Archiving

CAS or Content Addressable Storage is a very popular industry buzzword that has been going around for a while now. Along with its half-sibling WORM (Write Once Read Many) it is designed for the most stringent of requirements – permanently preserving electronic information in its unaltered original form until such time as it can be destroyed. There are currently quite a few CAS solutions on the market, but it is not a saturated one and with good reason; there's a dirty little secret about CAS storage that does not get much press. Ready for the big secret? It is often a completely unnecessary expense driven more from fear or confusion than any sort of actual requirement.

In order to get to the root of this secret it is helpful to understand what CAS is and isn't. What CAS is in actuality is software that sits in front of the disk subsystem and governs the placement, retention, and access to the stored data. It is packed into the array itself in an appliance form so there are not extra servers to buy to utilize it, but it is software and as such is not infallible. CAS can be defeated pretty easily in fact, by someone with knowledge and access. What CAS is not is a magic bullet of compliance. I mentioned in the article on archiving solutions that no one piece of technology magically makes you compliant; you need process, procedure, and governance that drives compliance and the technology is just a tool.

So Why CAS?
There are two reasons to utilize CAS of any type, one is good and the other is bad. The good reason is that many legislative rulings, court procedure guidance, and compliance guidelines share one common element in that they all want data retrieved to be in its original format and unaltered. That is the big sell for CAS – once the data is written there it cannot be changed. This is only a little white lie since as an admin I could theoretically dump the archive to alternate storage, change whatever I want, and then put it all back, but the sheer magnitude of such an act pretty much negates its possibility.

The bad reason for CAS is a misguided trust in technology. CAS is an appliance or software or both and as such it can and eventually will fail. Companies have tech support teams for a reason and it is not because stuff never breaks. The trap that organizations fall into most commonly in this scenario is that they are afraid of some impending doom (certainly propagated by the person selling the solutions) and see the CAS solution as the only mitigation to this threat. The fact is that CAS works and works very well, but it is VERY expensive and with the advent of more complete archiving solutions the need for CAS hardware is lessening.

What now?
OK so everyone needs to archive data in its original format and unaltered state. That is just a fact. It does not matter if you are public, private, or a one man show, you can be sued in court and discovery requirements mean you have to produce the goods when asked for them. When the CAS device market really started up in 2002 there just were not many (if any) reliable ways to capture emails and documents prior to an end user having an opportunity to modify them. CAS was the bridge to where we are today since you could put all your files on the CAS and changes to the file were written as a new file meaning the original was always preserved. Emails had to be journaled or captured in some other way and then stored to the CAS device to get the benefit of its locked-down storage.

With today's myriad of archiving software getting the data to a CAS device is less of the challenge it was in 2002. This has effectively negated the CAS device's value to a certain extent in terms of being the only alternative for storing large archives of data. As LTO WORM media has increased in reliability and capacity this media has become a much lower cost alternative for those organizations with neither the desire nor the funding to implement CAS solutions. It performs the same functions at significantly lower cost when married with the right software solution to gather the data for archive.

CAS or not to CAS – that is the question.
Well that all depends now doesn't it? The first issue is money and in the current economic climate this is not a small issue. The second issue really boils down to a good risk assessment and likelihood of risk evaluation. In other words if you are highly unlikely to ever have to produce anything for a lawsuit then is the cost of CAS worth it or would WORM or even soft-locked storage be good enough? Lastly you need to be educated on the legislative and litigation precedents that drive your business requirements. Understanding what is required of your organization in terms of protection and discovery of data cannot be overstated – you have to know before you put any solution in place.

With the continuing growth of the archiving solution space and the continuing legislative and legal changes that always come about in times of turmoil it is certain that there will be even more changes on the horizon for compliance and protection standards. CAS is a powerful tool that can help your organization to meet these challenges, but it is not the only one, and even more so it may be overkill depending on what your requirements really are. As with any tool it is only as good as the person using it so make sure you read the manual completely and understand the right and wrong ways to apply it to your own set of needs.

About the Author: Chris Harrold is a Consulting Engineer at Sanity Solutions. Sanity Solutions is a nationwide specialist in data management, backup and recovery, business continuity, security, and infrastructure and support. Chris can be reached at charrold@sanitysolutions.com..