World Backup Day
Backup is a process of making a copy of our data and storing it into a secure location. With the backup copies, we can restore our data to any point of time when the backup copies is created, if there is any event of system failure, data loss or file corruption.
In this session, we will have our senior Veeam Instructor, Daniel Foo, to tell us more about the backup; what are the importance of backup, and most importantly, how can we perform backup with the Veeam product.
Mr Daniel Foo
Trainer at Infosyte,
HCIE Cloud Computing, Best Veeam Certified Trainer of The Year (2019)
Daniel started off his IT career as System Engineer handling Cisco, Microsoft, VMWare, Netapp and Commvault. He is very well-versed in storage and cloud computing solutions that he is the one of the two certified Veeam Trainer and certified trainer to deliver HCIE-Cloud Computing in Malaysia as of 2020.
Good day everyone, my name is Danial. I’ll be the one who is sharing some tips to increase the awareness of data protection for most of the IT infrastructure and data centers here. First, I’ll (Danial) be sharing some data loss amounts today.
As we know that for the current IT market data is valuable to most of the company and businesses which is why nowadays even viruses like ransomware are basically hijacking your data. So you will know that ransomware nowadays when you actually got hit by this attack your data will go encrypt and they now actually attack even up to the server and also virtual machine server level. We’ll show what kinds of data actually available in your infrastructure there and we will also see what kinds of tips to protect your data itself. Let’s look into some news over here as you can see for global ransomware attacks they have lost among averaging for businesses now go up to 4.62 million in USD. So, basically hackers us asking for a ransom payout in order for them to unlock your data. If you are unlucky enough to get attacked by ransomware that is when you will see how much you need to pay for your data set. Usually, the average ransom demand from the hacker will go up to like 5.3 million depending on how huge and how important your data and you will see the average mid-sized companies payout can go up to $170,404. One of the news whereby the U.S travel services company CWT Global set a world record payout in July 2020 that they actually handed over $4.5 million in bitcoin to the Ragnar Locker ransomware gang. The demand is still over there because companies actually tend to get attacked from all their viruses and they do actually get what they want that is why ransomware until today a few years back is still very active so we should be more aware of this kind of security concept.
As we know data is very important now, let’s see what kinds of data are actually available in your production environment usually and also the types of sizes now according to the statista, data center comes up to 570 Terabytes on-premises data center in the year 2022. It’s actually up to 91% increase compared to the year 2020 because we have a lot of services going on and off and I’m (Danial) not covering data in the cloud yet. So, when we look into data protection usually we will need to see what we have on-prem over here most likely you will have virtual machine data. Most of the company now in order to save costs and increase utilization, will basically run their application inside the virtue machine itself so do you know that virtual machine data will also be open for ransomware attacks there are some articles and news mention that even VM data now will also get encrypted by ransomware in certain cases and some of the environment might be using a physical server to offer their application services and if the entire machine actually got attack by ransomware and you have nothing able to get recovered. Besides that, another more common data usually will be running in small medium even large enterprises will be a file server or data set where all your documents, DO, Invoices, and everything will be stirred here. You may imagine if you are unlucky, all those data got encrypted then we basically lost all records to the company. That’s why all these data set and time we should actually think of a way to protect them that’s where backup actually comes in.
You will see that in most the production environment’s first problem we have usually will be human error. Humans tend to make mistakes accidentally in most production environments so if you do not have a backup if the user actually deleted the data itself you have nothing to recover. Hardware tends to fail sometimes, no matter if you buy the highest-grade hardware server itself it will also tend to have a failure rate in number. This might cause by an external factor like a power surge and not to mention viruses as we mentioned ransomware things and also a disaster as we know Malaysia tend to have flash flood issue so if your offices is sitting in a high-risk area maybe it’s a better idea to protect your data least without backup. This certain problem and event that is actually unpredictable as you know from the news the flashback actually happens within half an hour time if you do not have your data protected earlier it will be quite a disaster for the company. What is actually a backup? When we talk about backup, backup is copies of your important data so the important data that we mentioned the sound may be your virtual machine data your server data itself entirely, and also nas data. After we have this backup we can use it to restore your lost data and recover your service too because it is a redundancy of your original important data set so once you make a backup it’s a standalone data set that we can now choose to keep in a different safer location and if your production environment is a pretty high risk like mentioned just now maybe due to flash flood.
What are the best practices is it making a single backup will be enough? Actually not necessary now according to the global backup specialist group they do agree that best practices for backup should maintain at least these 3-2-1 rules. This is the bare minimum. What is 3-2-1? Number 3 here will be your production data and your protection data is the active running data we will usually make backups of your production data into one backup here. Why do we need this 3-2-1 rule pretty easily if you have only a single backup, we are not very sure that later if your production data has an issue is these backups still able to restore especially since this backup might sit in different hardware and also tend to have failed too. That’s why in order for us to have more complete protection we should have another additional backup set. That is why with this production data one copy of backups 1 & 2 another copy of your active data. We now come with the number 3 rules here a total minimum of 3 copies of your data to act as a bad minimum production. Now we already know the importance of making additional backups here because we should also store them in different equipment here so that our backup will also be protective from the hardware perspective if hardware 1 has an issue, we still have another hardware here keeping backup 2 for me to restore my environment that comes with the row number 2 here. 3-2-1 rules than the last one usually hard ware 2 will be recommended to store in another different offsite location. This is to protect in case your production environment has some disaster event such as fire hazard, flash flood and etc so you still have another off-site location to restore data maybe another new production site if required. This is the best practice agreed upon by most of the backup experts in the group itself and this is mainly the bare minimum so if we can keep of this number it will be even better.
Veeam is the leader in backup, recovery, and data management solutions that deliver Modern Data Protection Rank #1 in EMEA market share and #2 Worldwide. VEEAM is actually quite good at protecting certain data sets and they are basically the top 3 solutions that you can see in the enterprise backup data or data protection solution. What are the veeam-supported data types? Most of the production environments now do runs in one sort of virtualization environment and the common mainstreamer will be VMware Hyper-V or even Nutanix. If you are running these three platforms here, Veeam will be able to help you to protect your version machine data and will basically pull your VM data as another additional set to keep in the different locations. However, if you are still running physical server application services VEEAM do have VEEAM Asian backup to cover these lines of production equipment so coloring windows Linux, UNIX, and also apple mac machines so if you do have some user that utilizes mac itself and you’re concerned on the data sitting in the machine itself. Machines tend to fail and this is the main problem so using the Veeam agent we can also backup mac internal user data. So you will have supported here including mac and lastly will be your nes file server data. Your all documents sitting in the net storage or even a file server, VEEAM can also help you to protect these types of data sets. That’s why usually when you are looking into data protection itself in order to minimize the investment cost and we should get one backup solution that can cover most of the production data area.
VEEAM offers not only 3-2-1 itself as a bare minimum. VEEAM also added an additional 1 and 0 behind. First three copies of data, VEEAm actually can offer a backup feature and also can make additional backup copies to create additional backup data and store it in 2 different media too based on your own configuration. From the Veeam configuration point, the perspective is quite flexible, it’s based on the administrator to set which equipment you want to keep even off-site supported here. Using an off-site location, Veeam does support not only on-prem equipment sitting on yous their site and we do also support some public cloud storage such as amazon s3, azure Blogs. So if you do not want to invest in your own DR center, you might be able to leverage some of these public cloud storage to help you keep one additional set of data offsite so you can at least minimize overall cost to fulfill their 3-2-1 rules. If you’re utilizing the Veeam solution they even give you 1 additional or 2 additional numbers here. First, will be this immutable repository. Your backup data might tend to also get attacked by ransomware now this does happen in some of the locations too. Now, if your backup data is still online, you might get infected by ransomware that’s why Veeam also suggests to also keep your data in the offline air-gapped or utilizing a Linux immutable repository here. You may google vm.com to see what is this particular feature if you’re interested and we do cover this in the upcoming Veeam training. Lastly, will be number 0, Veeam does offer a backup testing function to make sure to test your backup sitting in your storage to see whether they have any errors in recovering your services. That’s why Veeam is able to support the bare minimum and also with an additional feature here to make sure your data is much more productive.
If you are interested to know more about VM, most of the time when we talk about enterprise solutions, you will know that it will not be cheap or low in cost but that is not the case for Veeam. When you look into the Veeam License package, we’re talking about paid licensing here, Veeam does come with a free trial available from their website to download for one-month usage or even you use the community free edition that comes with a limited feature. If you want more features and more machines to support backup then you should actually get this Veeam backup essential license package. This license package is designed for SME environments that can go up to 50 instances that require a 420 USD annual subscription so every year you need to pay 120 USD minimum to protect up to five virtue machines, physical machines, or your nas data set up to 2.5 terabytes. If you need more, we just need to add an additional 420 USD per 5 instances. This will basically bring down the overall investment cost to start your data protection solution. If you’re looking into more machines to protect, this is required for mid-range and higher tier environments then we should upgrade the license package to backup replication that will come within a higher cost with 10 instances minimum, and every time we need to add in additional 10 instances by 1,302 USD per year. So we are basically subscribing to something like an insurance package to pay annually to make sure our data will be a safety protector using this kind of solution.
So, those are for the Veeam product itself just to introduce to you all if you are not familiar with it and now it you want to know more about how to actually implement the solution itself, we do offer a Veeam training program here that covers your configuration and management.
How you can set up the entire Veeam software, and how can you actually configure the software to protect your environment will all be covered in this steam program which we call VMCE and it stands for Veeam Certified Engineer training. This training is a 3 days instructor lead course virtual or physical and the course itself when you subscribe to it they do come with online training material & a 13 days online virtual lab practice. The training itself will be covered by the 2 Veeam Certified Trainers (VMCT) in Malaysia. This candidate will able to attempt the VMCE exam after completing the official VMCE course with us because we are the veeam-authorized education center if you want to get certified with Veeam, you need to go through the education center to get your training just like VMware for example. This training will be covered by either one of the two VMCE in Malaysia, one is Mr.Yap and also myself (Danial) as we both are certified in training in Malaysia. If you pass the exam, you will get your certificate and also the bachelor’s to set up yourself as VMCE 2021 focuses on the latest product version 11.