Rollout: We Put Microsoft Data Protection Manager To The Test

DPM 2007 is a credible entry, as long as you're backing up only Microsoft applications.

Randy George

May 7, 2008

6 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Microsoft relied on third parties for enterprise backup and disaster recovery of Windows server products until a few years ago. The first iteration of Data Protection Manager was fraught with inadequacies, including an inability to take snapshots of the Exchange Information Store without first shutting down the store. Backup and recovery over a WAN was also problematic, and bare-metal restores of servers were extremely cumbersome.

Fast-forward to the recent release of Microsoft System Center Data Protection Manager 2007. Testing in our Boston Real-World Labs showed that many weaknesses have been addressed, while some previous strengths have been further improved. If you're primarily a Microsoft shop, it's worth a look.

DPM provides backup and recovery for Exchange 2003 and 2007, SQL Server, SharePoint, Windows Server and Virtual Server, and Windows XP and Vista. Leveraging the Volume Shadow Copy Service, DPM takes a full snapshot of the application database. Then, in intervals of up to 15 minutes, it sends only block-level file and database changes to the DPM Server.

DPM can perform lossless recovery for SQL and Exchange, letting IT restore data close to the exact point of failure using a combination of snapshots and transaction logs. In lossless recovery, the most recent interval snapshot is restored, all transaction logs are automatically replayed and applied to the database, and the database is mounted online and ready for production. Note that if the partition containing your database is completely lost, DPM can help only if you've kept your log files and database volumes separate. If you've put your logs and database on the same volume, and you lose that volume, you'll have no transaction logs to play forward and will be stuck using the database contained in the most recent snapshot.

THE UPSHOT

CLAIM: Microsoft touts Data Protection Manager 2007 as an easy, scalable way to enable continuous backup and recovery of Microsoft server apps. This release addresses shortcomings in full restores; continuous backup and restore of Exchange, SQL, and SharePoint; and the ability to back up and restore branch office servers over a WAN.CONTEXT:  Symantec Backup Exec is not only the market leader, it's also application- and operating system-agnostic. But DPM is less expensive and provides all the necessary backup/restore functions for Microsoft-only environments.CREDIBILITY: The second generation of Microsoft's DPM is much improved. However, it does require a significant application infrastructure and effort to put into production. Look elsewhere if you need multi-OS support.

Because e-mail is a critical application, we put DPM to the test in an Exchange 2003 environment. We deployed the DPM Agent software to the Exchange server in our lab. Thankfully, the DPM backup agent is a single, integrated component, so only one agent is required to protect SQL, Exchange, and SharePoint, and the DPM management console can centrally deploy the agent software to many machines simultaneously.

DPM's intelligence was evident during client setup. In the case of Exchange, we followed best practices by separating our log file directory from our operating system and mail store volume. DPM interrogated the Exchange processes to automatically detect the paths to our Exchange transaction logs, OS, and mail stores. After setup, we configured DPM to take snapshots of our mail store every 15 minutes and save them to a separate backup volume, with a daily off-load to secondary tape storage.

To test Exchange lossless recovery, we sent e-mail to our test client in between snapshot intervals, and then pulled the plug. In theory, all incoming e-mail hits our information store and is recorded in the Exchange transaction logs until a full backup comes along and flushes the transaction logs. By pulling the plug between snapshots, we forced DPM to prove that it could restore each individual message using a combination of transaction log data and the last available snapshot of our mail store.

DPM's restore procedure runs as follows: It automatically dismounts the mail store, performs the restore, plays forward the transaction logs, and remounts the mail store. The messages we sent between backups were there--DPM passed the lossless recovery test.

Microsoft claims this lossless recovery is a unique feature, so we did some fact checking and found that Symantec Backup Exec supported the same lossless recovery option back in version 10d.

In addition, Backup Exec can drill down and browse individual mailbox folders, even individual messages, through the management GUI. DPM can't, and the lack of this capability may cause problems for Exchange admins who need to restore individual messages on an ad hoc basis.

DPM handled SQL and SharePoint restores similarly well. The hardest part of testing these features was properly identifying and installing the prerequisite software needed to get DPM to properly back up SQL and SharePoint. Despite Microsoft's claims that DPM is designed to enable Exchange, SQL, and SharePoint admins to do their own restores, we found DPM sufficiently complex that we question the wisdom of that concept.

BRANCH OUT

One area where DPM really excels is in its ability to back up remote and branch office servers over a WAN. By deploying a central DPM server in your main data center, administrators can record block-level changes on branch servers and perform full restores quickly in case of failure.

Creating the recovery media required for bare-metal restores does take some work, but once it's done, you can recover from a failed OS quickly and remotely. Speaking of work, DPM installation was automated but still cumbersome. One reason is the list of prerequisites: Make sure you have at least Windows 2003 Server SP2, all critical updates, the Volume Shadow Copy Service update package, and Windows PowerShell 1.0 installed. Once you're done, DPM will add a second set of prerequisites, namely Windows Deployment Services, .Net 2.0, IIS 6 or 7, and SQL Server 2005.

chart: Feature by feature: Microsoft Vs. Symantec

If you kick off setup at noon, be prepared for a long lunch break because installation can take almost two hours, depending on your hardware. That said, Microsoft did a good job automating much of this heavy lifting.

DPM does have one quirk you should be aware of. Because it relies solely on the Volume Shadow Copy Service for backups, protected volumes must be NTFS with a partition size of at least 1 GB. While most administrators have eliminated FAT and FAT32 volumes by now, this limitation may affect some legacy Microsoft file systems.

The list price for DPM 2007 is $573 for the core engine software, and $426 per enterprise client that will be backed up from the DPM Server. That compares very favorably with Backup Exec. Symantec will hit you for $929 for Backup Exec 11d, plus $1,163 for each agent required to back up Exchange, SQL, and SharePoint.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights