Microsoft relied on third parties for enterprise backup and disaster recovery of Windows server products until a few years ago. The first iteration of Data Protection Manager was fraught with inadequacies, including an inability to take snapshots of the Exchange Information Store without first shutting down the store. Backup and recovery over a WAN was also problematic, and bare-metal restores of servers were extremely cumbersome.
Fast-forward to the recent release of Microsoft System Center Data Protection Manager 2007. Testing in our Boston Real-World Labs showed that many weaknesses have been addressed, while some previous strengths have been further improved. If you're primarily a Microsoft shop, it's worth a look.
DPM provides backup and recovery for Exchange 2003 and 2007, SQL Server, SharePoint, Windows Server and Virtual Server, and Windows XP and Vista. Leveraging the Volume Shadow Copy Service, DPM takes a full snapshot of the application database. Then, in intervals of up to 15 minutes, it sends only block-level file and database changes to the DPM Server.
DPM can perform lossless recovery for SQL and Exchange, letting IT restore data close to the exact point of failure using a combination of snapshots and transaction logs. In lossless recovery, the most recent interval snapshot is restored, all transaction logs are automatically replayed and applied to the database, and the database is mounted online and ready for production. Note that if the partition containing your database is completely lost, DPM can help only if you've kept your log files and database volumes separate. If you've put your logs and database on the same volume, and you lose that volume, you'll have no transaction logs to play forward and will be stuck using the database contained in the most recent snapshot.
Microsoft touts Data Protection Manager 2007 as an easy, scalable way to enable continuous backup and recovery of Microsoft server apps. This release addresses shortcomings in full restores; continuous backup and restore of Exchange, SQL, and SharePoint; and the ability to back up and restore branch office servers over a WAN.
Symantec Backup Exec is not only the market leader, it's also application- and operating system-agnostic. But DPM is less expensive and provides all the necessary backup/restore functions for Microsoft-only environments.
The second generation of Microsoft's DPM is much improved. However, it does require a significant application infrastructure and effort to put into production. Look elsewhere if you need multi-OS support.
Because e-mail is a critical application, we put DPM to the test in an Exchange 2003 environment. We deployed the DPM Agent software to the Exchange server in our lab. Thankfully, the DPM backup agent is a single, integrated component, so only one agent is required to protect SQL, Exchange, and SharePoint, and the DPM management console can centrally deploy the agent software to many machines simultaneously.
DPM's intelligence was evident during client setup. In the case of Exchange, we followed best practices by separating our log file directory from our operating system and mail store volume. DPM interrogated the Exchange processes to automatically detect the paths to our Exchange transaction logs, OS, and mail stores. After setup, we configured DPM to take snapshots of our mail store every 15 minutes and save them to a separate backup volume, with a daily off-load to secondary tape storage.
To test Exchange lossless recovery, we sent e-mail to our test client in between snapshot intervals, and then pulled the plug. In theory, all incoming e-mail hits our information store and is recorded in the Exchange transaction logs until a full backup comes along and flushes the transaction logs. By pulling the plug between snapshots, we forced DPM to prove that it could restore each individual message using a combination of transaction log data and the last available snapshot of our mail store.
DPM's restore procedure runs as follows: It automatically dismounts the mail store, performs the restore, plays forward the transaction logs, and remounts the mail store. The messages we sent between backups were there--DPM passed the lossless recovery test.
Microsoft claims this lossless recovery is a unique feature, so we did some fact checking and found that Symantec Backup Exec supported the same lossless recovery option back in version 10d.
In addition, Backup Exec can drill down and browse individual mailbox folders, even individual messages, through the management GUI. DPM can't, and the lack of this capability may cause problems for Exchange admins who need to restore individual messages on an ad hoc basis.
DPM handled SQL and SharePoint restores similarly well. The hardest part of testing these features was properly identifying and installing the prerequisite software needed to get DPM to properly back up SQL and SharePoint. Despite Microsoft's claims that DPM is designed to enable Exchange, SQL, and SharePoint admins to do their own restores, we found DPM sufficiently complex that we question the wisdom of that concept.