|
Seven Secrets to 24 X7 Exchange Availability |
|
|
Businesses have grown to rely on 24x7 access to Microsoft Exchange to meet the increasing demands of mobile computing, global business, and electronic commerce. They depend on e-mail, group scheduling, and calendars for critical business communication and key business processes. E-mail also supports vital applications needed for functions such as workflow, collaboration, and knowledge management. According to Microsoft, nearly 45 percent of business-critical information is housed in e-mail and e-mail-attached documents. Companies implementing business continuity plans are designating Exchange as a mission-critical application that must be protected from downtime in the event of disaster. E-mail access is particularly important during and immediately after a disaster, when employees may be dispersed or working from home and remote offices. There are many expensive, complex technologies that promise disaster recovery for Exchange. Fortunately, there are also simple, automated ways to get the highest levels of disaster protection. The following seven secrets to 24x7, disaster-tolerant Exchange will show you how to implement an Exchange environment with zero lost data and continuous application availability—with no IT intervention—in the event of a disaster. O NE: DON’T CONFUSE DISASTER RECOVERY WITH DISASTER TOLERANCEMost solutions on the market today require you to recover from a disaster rather than to tolerate one. With these disaster recovery solutions, end users lose access to Exchange during a disaster, some data is permanently lost, the IT staff has to intervene to bring Exchange back online, and more IT resources are needed to recover or back up data. In contrast, disaster-tolerant solutions enable Exchange (and other Windows applications) to operate through disasters, providing continuous service to end users and complete data protection. To choose the right technology, evaluate Exchange in business continuity terms of recovery time objective (RTO) and recovery point objective (RPO). In this context, the RTO is the amount of time your business’ e-mail system is down. The RPO is a measure of how out-of-date your data is once e-mail is back up and running. Technologies vary widely in their ability to reduce RTO and RPO. They also vary in their cost to implement and manage. Companies that keep backup servers on-site, pre-staged with Exchange installed—a so-called hot standby methodology—can reduce RTO to hours while RPO may be several days. Companies can also configure redundant servers into a cluster, with automated failover from an active server to a standby server in case of a fault or disaster. Under ideal circumstances, clusters can reduce RTO and RPO to tens of minutes. But during those minutes, application state is lost—employees are idled, customers are frustrated, and money is lost. Some technologies, such as traditional data backup, are focused on reducing RPO. Although backup has a low acquisition cost, if offers no protection for the application. RPO can be as low as 24 hours if your IT staff can access the backup media, set up a new system, and reload the data in that time. More costly streaming data-replication technologies can replicate to an off-site vaulting service, reducing RPO to several hours. Synchronous data replication can reduce it further. However, these technologies interrupt service to end users, lose transactions, and don’t protect the application. As a result, customers’ orders or other vital information may be lost and revenue may be jeopardized. TWO: CLUSTERING CANNOT PROVIDE DISASTER TOLERANCE Clustering for Exchange cannot provide disaster tolerance because it requires a failover process. During the minutes of the failover, Exchange is not available to users, application state is lost, and data that was in transit during the disaster may be lost. If system administrators have not been meticulous about keeping the redundant systems identical in all aspects, the failover will not work at all, and the RPO and RTO could be hours to days. Furthermore, clusters require a significant investment of IT time and full system shutdown to bring the system back to its high availability state. According to a Gartner report on Exchange 2003, “Exchange’s ‘sensitivity to failures’ results in a significant number of false [cluster] failovers to the point that enterprises have chosen to remove the clustering after implementing it.” THREE: PROTECTING YOUR EXCHANGE DATA NEED NOT COST A FORTUNE Many IT managers assume that to drive RPO to zero with complete data protection during a disaster, they need expensive synchronous data mirroring. This common assumption overlooks new fault tolerant-class, software-only technologies that deliver synchronous data mirroring for Exchange much more cost effectively. Fault tolerantclass software (such as Marathon’s everRunTM) keeps two identical servers synchronized, where every write-to-disk is performed on both servers at the same time. This technology provides a higher level of data protection at a lower cost. FOUR: REDUCE THE NEED FOR HUMAN INTERVENTION IN THE EVENT OF A DISASTER Choose a solution that does not require human intervention to keep Exchange up and running. By automating disaster protection, you reduce human error during a crisis and eliminate your dependence on a small number of key employees. Systems that provide automatic disaster protection also require less maintenance and testing to ensure performance during a disaster. Although some technologies, such as clusters, may have automatic failover capabilities, they require IT staff to perform extensive disaster scenario testing to keep them operational. Disaster-tolerant technologies continue to operate through disasters, eliminating the need for human intervention and allowing repair and replacement of damaged components while continuously online. FIVE: MINIMIZE TIME AND RESOURCES NEEDED TO RETURN TO A DISASTER-TOLERANT STATE Disaster recovery is not just recovering data and restoring system operation after downtime; it also involves bringing systems back to their fully redundant, highly available state once the disaster is over. This step may involve replacing hardware damaged in a disaster, restoring lost data, replacing redundant network connections, and reloading applications or operating systems. The goal is to return to a high availability state again as soon as possible after an event while minimizing the need for both application downtime and IT resources. Most disaster recovery solutions require significant IT work to return them to a high availability state. For example, after a disaster, clusters require significant scheduled downtime and complex testing to bring them back to full availability. Choose a solution that recovers on its own once power and connectivity are restored at the primary or new site. S IX: TEST, TEST, TEST WITHOUT EXCHANGE DOWNTIMEDisaster recovery/business continuity experts, including Gartner analysts, stress the importance of routine testing of the IT infrastructure in preparation for a disaster. Frequent testing is the only way an enterprise can be confident about its disaster recovery plan. Testing is also important for refining business continuity procedures and processes. However, many companies do not perform routine testing because it drains IT resources and requires Exchange downtime. Choose a solution that can be tested without IT intervention or interruption of end-user service. SEVEN: GET AUTOMATED, 24x7 EXCHANGE AVAILABILITY Marathon’s everRun fault tolerant-class software provides a completely automated path to 24x7 Exchange availability. Hundreds of organizations have deployed everRun to protect their Exchange environment from hardware failures, software failures, and disasters. They’ve found everRun to be less expensive, simpler to operate and maintain, and more effective than any other availability solution they’ve evaluated. everRun completely synchronizes two standard Windows servers—including the OS, Exchange, network interfaces, storage, and data—into a single operating environment with full hardware redundancy. Unlike cluster or failover technologies that require two fully configured systems, everRun creates a single Windows environment that operates like a standalone server. everRun software prevents interruptions and downtime by fully automating fault management, so that Exchange never sees the failures. This design enables support for any Exchange implementation without the need for customization or scripting. You simply install Exchange and you’re done. Exchange servers protected by everRun let you perform a variety of upgrades (e.g., HD, BIOS, Memory, OS fixes) without downtime, and no-touch recovery automatically returns the system to a fully fault and disaster-tolerant status without IT intervention. The result: everRun frees your IT staff to focus on implementing technology that keeps your business ahead of the competition. Both everRun HA and everRun FT deliver the same automated capabilities, as well as a fully fault tolerant I/O subsystem. This means that failures at the I/O level, including network and storage adaptors, storage devices, etc., do not cause an interruption or restart of the application. The only difference between the everRun HA and FT configurations is that with everRun HA there is a brief interruption, if and only if, an entire server fails. In this case the system will automatically and immediately restart on the secondary server. everRun HA drives Exchange RPO to zero and RTO to just a few minutes. It is ideal for the majority of Exchange environments where a few minutes of downtime is acceptable, but data integrity and reliable recovery are critical. everRun FT is designed for your most mission critical Exchange applications that simply can’t afford even a brief interruption in service. Zero RPO and RTO. everRun FT prevents Exchange downtime even when a server fails, delivering true continuous availability without any interruptions. To sum up, everRun provides the ideal solution for 24x7 Exchange availability by delivering: Simple, fully automated operation - Easy to operate and maintain. All fault handling and policy management are automated for you. Superior availability – We’re up. Always up. No loss of Exchange application state. No loss of data. Affordability – Getting started is up to 36% less than other options. Administration and maintenance costs are up to 55% lower than they are with clusters. Maximum protection – Protects applications and the OS from I/O faults, the leading source of failure. What’s more, the two servers that comprise an everRun configuration can be separated by up to 100 miles for optimal disaster protection. Non-intrusive solution – Works with standard x86 servers with no application or OS modifications required. Also works with any Exchange application with no need for awareness or scripting. Remote availability – Install our SplitSite® option to geographically disperse your Exchange servers.
|
|
