Vaulting overview
Vaulting is a feature that enables data synchronization between one or more systems to a single off-premise system called a vault. Vaulting permits the storage of mission-critical data to an off-site location to protect against data loss in the event of a disaster. The on-premise backup system is used to protect against loss of files, folders, and individual machines. The on-premise system replicates data to the vault, protecting against the loss of an entire site. The replicated data from the vault is used to recover the on-premise backup system and all the servers it protects.
Vaulting features include:
|
•
|
Total data recovery from a site disaster. |
|
•
|
Deduplication of data for optimal transfer over the Internet. |
|
•
|
Encrypted and secure connection between the backup system and vault. |
|
•
|
Data encrypted on the backup system is encrypted in-flight and at-rest on the vault system. |
|
•
|
Configurable policies for vaulting, such as the ability to select specific clients, applications, and databases to vault; configurable bandwidth throttling between the backup system and the vault; and the ability to prioritize queued data to ensure that more critical systems are vaulted first. |
|
•
|
Detailed vaulting dashboard that displays active vaulting tasks, previously vaulted tasks, and tasks in the vaulting queue. |
When a Unitrends system is deployed, as discussed in the System setup, it is configured with one of the following installation types:
|
•
|
Local backup system – Used to protect the physical and virtual infrastructure on-premise. |
|
•
|
Vault – Used as a target for one or more backup systems. |
|
•
|
Local backup system and vault – This configuration is also known as a cross-vault in which the system is the local backup system for the local physical and virtual environment, and also serves as a vault for another local backup system(s). |
Once the system is set up as a vault or as a cross-vault, it can be configured as a target. The amount of data that can be vaulted from a backup system to the target depends on various factors, namely:
|
•
|
The rate at which data changes on the clients protected by the local backup systems. |
|
•
|
The bandwidth available between the backup systems and the vault. |
Once the initial data that is marked for vaulting has been transferred to the vault, all subsequent data transfers only send the changed data blocks, deduplicating the data in-flight. The initial transfer of data from the local system to the vault can occur over the WAN. However, for large data sets it is recommended to use a disk seeding mechanism to transfer the initial data set. Even with in-flight deduplication minimizing the amount of data being transferred, the speed of transfer is primarily governed by the size of the network pipe between the backup system and the vault. In addition, there may be specific times during the day when bandwidth available is used for servicing end users and cannot be used for vaulting. Another factor affecting vaulting is the resiliency of the line. Unitrends leverages OpenVPN, an open-source technology based on the UDP protocol that creates a secure VPN tunnel and also provides resiliency to intermittent network failures via UDP knitting. If there is a network drop during vaulting, the process utilizes advanced checkpoint controls to proceed with the job at the time of failure.
The vault system can be deployed as a private cloud or as a multi-tenant cloud. Vaulting architecture ensures that the local backup systems that vault to a single target only have access to their data. This secure architecture is the basis of a multi-tenant architecture.
The vaulting process is fully managed from the vault or backup system. Using the vaulting dashboard, you can immediately gauge vaulting status by viewing active, previously completed, and pending vault jobs.
In the event of a disaster, vaulted data from the target system is loaded on a new backup system which is then shipped on-premise to the disaster site (or to an alternate location). This backup system is then used to recover the environment to a consistent state before the disaster. For details, see the Legacy Disaster Recovery chapter.