Part 7: Disaster Recovery Locations
Part 7: Disaster Recovery Locations
In the last post I talked about what information is needed to develop a disaster recovery (DR) plan. The plan should include a table of all of the servers and systems that need to be recovered and what order they should be recovered in as well as recovery point objectives (RPOs), and recovery time objectives (RTOs) for each of the servers and systems. Now, the challenge is to finish the DR plan by selecting disaster recovery locations and selecting and implementing the technologies to be able to meet the requirements laid out in the plan.
Let’s start by looking at what type of disaster recovery locations are available. Disaster recovery locations fall into three basic categories:
- Disaster recovery locations owned by your organization
- Locations offered by DR service vendors such as SunGard
- DR to the cloud
One of the factors used to help determine what types of disaster recovery locations you need is what type of disaster you need to plan for. This is primarily important for natural disasters. If you live in the Midwest, you probably don’t need to prepare for hurricanes or volcanoes, however, tornadoes, floods, and power grid failures are concerns. The type of disaster you are preparing for affects the distance you should have between your production site and your recovery site. Here are some distance guidelines for various types of natural disasters.
- Hurricanes – 100 miles or greater
- Volcanoes – 70 miles or greater
- Floods – 40 miles or greater
- Power grid failures – 20 miles or greater. Shorter distances can be used if generators are in place.
- Tornadoes – 10 miles or greater
These are just rough guidelines. Basically, you need to make sure there is enough distance between your production and recovery sites that the same disaster will not affect both locations. This has to be balanced with making sure that the recovery site isn’t so far from other locations that network latency will affect usability and performance in the event of a disaster. Taking distance into account may limit your choices for a recovery facility. If you want more than 100 miles of separation, but your organization does not own any facilities that are more than 100 miles from the production site, your choices are to either build a recovery site that meets your distance requirement, or look for other cost-effective recovery site solutions.
Another consideration for a recovery site is that it must have the facilities required to restore your environment to. That is, it needs to provide everything that a good data center provides. This includes, but is not limited to:
- Appropriate equipment for your recovery needs
- Adequate power and cooling
- Adequate Internet and network connectivity
- The required level of access to be able to conduct both recoveries and recovery testing
- Adequate physical security
These are not trivial requirements. If your disaster recovery locations do not meet at least this minimum list of requirements, you may wind up recovering from one disaster only to be quickly faced with another more disruptive disaster.
Company Owned Disaster Recovery Locations
Let’s take some time to look at the three categories of disaster recovery locations and some of their pros and cons. I’ll start with locations owned by your organization. This can be one of the most expensive locations for a recovery site. As outlined above, it must fall in an appropriate distance range, and it must meet certain minimum requirements, such as having equipment to recover to and providing adequate facilities. A worst case scenario would require that every time you add a server or supporting system to the production site, you have to add an identical device at the recovery site. You also have the expense of floor space at the recovery site as well as proper power and cooling. This gets very expensive, very quickly. One way to help reduce these costs is to use the recovery site to run your test and development environments for normal production so the equipment at the site is not just standing idle. When a disaster is declared, test and development take a back seat in most organizations, so the equipment can be re-tasked for DR purposes. In the next post I will identify some additional methods to reduce these costs.
The upside to using a facility that your organization owns is that you have complete control of the facility. This allows you to determine exactly what equipment will be in place to facilitate recoveries and ensures that you have proper access to the recovery site. It also allows you to control how the recovery site is staffed. If it’s staffed 24 x 7 x 365, this may allow your organization to respond to disasters more quickly, as well as allowing you more flexibility in testing your disaster plans.
Recovery Site Providers
Next, let’s look at recovery site providers like SunGard. The biggest benefit of recovery site providers is also their biggest weakness. They provide facilities and equipment for recovery for many customers. This allows them to charge fees which are typically lower than owning your own recovery site. They do this by oversubscribing their service. This means that they can’t provide facilities and equipment for all of their customers at the same time. They own capacity and equipment for a certain percentage of what would be required to support all customers at once. This reduces your cost, but their contracts contain language stating that if they do not have the capacity to support all customers that need recovery facilities at any given point in time, access to their facilities and equipment will be on a first-come first-served basis. So in the event of a disaster that affects a large geographic region and causes an unusually high number of companies to declare disasters, you may not have a facility to recover to, even though you have paid for the service. Since recovery providers are trying to minimize their expenses while providing equipment that will work for all of their clients, they provide less control over the specifications of the equipment that will be provided for recovery. They will provide equipment which is sufficient for you to recover to. This equipment may be over configured for your needs with more RAM or more processor cores leading to potential licensing issues which need to be addressed in your DR plan. To summarize, recovery site providers offer reduced prices when compared to owning your own recovery site, but they provide less control over the specifics of the recovery environment.
Recovery to the Cloud
The third type of recovery location is recovery to a cloud provider. To be clear, when I talk about recovery to the cloud, I am referring to large cloud providers such as Amazon, Microsoft, and Google, due to the economies of scale that they have from their large footprints. Many smaller cloud providers offer DR to the cloud solutions, but due to their smaller sizes their cost models are closer to that of a recovery site provider, while having more limitations than a recover site provider. The standard DR model that uses a large cloud provider requires that you have connectivity to the cloud provider with sufficient bandwidth to support your DR technologies, and that you pay for the storage required to hold your disaster recover images and data. That is all you pay for on a monthly basis until you either declare a disaster or want to perform a DR test. When either of these happen, you simply create the cloud-based servers you need to recover to and execute your recovery plan. You only pay for the servers for as long as they are in use. Once the disaster or test is over, you delete the servers and stop paying for them. In most cloud-based DR plans, there are a few small servers that you keep running at all times, such as Active Directory servers. Running these servers presents a small monthly expense and will allow you to recover much more quickly. Due to the nature of public cloud providers, many of the recovery tasks can be highly automated. This can make recovery much easier. It does however require constant attention, updates, and testing of this automation due to changes in both your environment and the cloud environment. One other thing that is nice about a cloud-based recovery site is that if your DR plan requires you to implement DR policies at your recovery site once you have failed over, it is easy to quickly reestablish all of the DR functions to a cloud facility in another region.
There are some downsides to cloud based recovery sites. Typically, cloud sites only support X86-based workloads. This means that if you have non-X86 workloads such as a mainframe, IBM-I, or other mid-range systems, you will need to make other arrangements to recover them. Unlike a site that your company owns, or a site from a recovery site provider, you have no ability to place your own equipment in the racks, you are limited to what the cloud provider provides you to work with. You actually have no physical access to the recovery site. Another bit of intrigue with cloud providers is that while it is typically free to get data into the cloud, there are fees associate with getting the data back out. I like to refer to this as the “Hotel California syndrome”. Also, like recovery site providers, cloud-based solutions are multi-tenant. However due to the scale of the big cloud providers, there isn’t usually a concern with the availability of resources to recover to, even in the event of disasters that affect large geographic areas.
Here is a table summarizing the pros and cons of the three types of recovery locations.
Next up, Part 8: Disaster Recovery Tools. Until next time, keep your data protected.
Get the FREE eBook
This is part 7 of 10 in the From High Availability to Archive: Enhancing Disaster Recovery, Backup and Archive with the Cloud series. To read them all right now download our free eBook.