Microsoft System Center Data Protection Manager 2010 Beta 1

Microsoft System Center Data Protection Manager 2010 Beta 1

Summary: Backup is one task in IT that no one looks forward to, so if you've been looking for a comprehensive, low maintenance solution, Data Protection Manager from Microsoft might just be the ticket.

TOPICS: Microsoft, Storage

Backup is one task in IT that no one looks forward to, so if you've been looking for a comprehensive, low maintenance solution, Data Protection Manager (DPM) from Microsoft might just be the ticket.

DPM is specifically designed to protect Microsoft workloads: Exchange, SharePoint, SQL Server, AD and Hyper-V. It also follows the paradigm shift for data protection sweeping through the IT industry: rely on hard disks for backup and recovery; only use tape for long-term archiving.

DPM 2010 runs only on Windows Server 2008/2008 R2 and requires the x64 version; 4GB of memory is recommended. A free version of SQL 2008 comes with DPM, but a full version of a local or remote SQL 2008 database can be used instead.

Define where DPM is going to keep its own data.

Define where DPM is going to keep its own data.
(Screenshot by Paul Schnackenburg/

Fire and forget

Under the hood there are several improvements in DPM 2010 designed to make it more efficient, robust, reliable, and easier to design and deploy. One improvement is data co-location. In DPM 2007, each data source needed one replica volume and one recovery point volume; in DPM 2010, multiple data sources can live on the same volume, enabling more efficient data storage. If a particular file can't be backed up for whatever reason, DPM 2007 will fail the entire job; DPM 2010 will continue backing up and provide a list at the end of files that weren't protected.

A common occurrence in DPM 2007 was inconsistent replicas (where the data on the DPM server doesn't match the data on the production server), requiring manual involvement to run a consistency check. In DPM 2010, this will automatically happen. Another issue that could occur in DPM 2007 was that the data source grew unexpectedly, leaving the replica volume to be too small; DPM 2010 will auto-grow volumes by 25 per cent to avoid backups failing due to lack of disk space.

DPM 2010 has also received significant scalability enhancements. Preliminary figures indicate a fan-in rate (the number of servers that can talk to a single DPM server) of 100 production servers for each DPM server, or 1000 workstations or 2000 SQL Server databases and about 80TB of data on one server (early adopters have brought this figure to 200TB). When a large number of databases is going to be backed up, you can designate which databases to back up in parallel, thus making sure disk traffic is spread across disk spindles efficiently.

Various data sources can be added to a protection group

Various data sources can be added to a protection group; for instance, protecting the legal department's files, databases and mailboxes according to a particular schedule.
(Screenshot by Paul Schnackenburg/

Another interesting feature in DPM 2010 is the concept of end user recovery for databases. Given the right permissions, a DBA can use a separate application to recover an SQL database from any recovery point to either an administrator specified alternate instance of SQL, or to a network share.

Client computers anyone?

Whilst DPM 2007 could protect client computers, the assumption was that these were permanently connected desktops. Trying to back up laptops, for instance, generated numerous errors if the data source was "on the road". DPM 2010 fundamentally improves on this model by providing comprehensive protection for both desktops and laptops running Windows XP and above. Policies for client backups are defined centrally, but users can optionally be allowed to change items to be included in backups, as well as manage their own backups.

Various folders can be included or excluded on client computers.

Various folders can be included or excluded on client computers.
(Screenshot by Paul Schnackenburg/

DPM can synchronise backups from client computers whilst they're remotely connected to the corporate network via VPN connections (PPTP, SSTP or L2TP); 1Mbps is a suggested minimum bandwidth. Direct Access (a type of VPN only offered in Windows Server 2008 R2 with Windows 7 clients) will not be supported at the release of DPM 2010. Restores of protected files are integrated with the Previous Versions function in Windows, so users don't need to learn a different method of retrieving files.

End users can easily see how the backups of their machines are going.

End users can easily see how the backups of their machines are going.
(Screenshot by Paul Schnackenburg/

DPM virtualisation

The recent release of Windows Server 2008 R2, and the included Hyper-V virtualisation platform, brought many important improvements, not the least of which is Cluster Shared Volumes (CSV), essentially a way to store the files for multiple VMs in the same area in a Storage Area Network (SAN). This is required for scalability of Hyper-V implementations, but has caused issues for backup vendors as they struggle to make sure their solutions know how to "talk to" a CSV volume.

DPM 2010 fully supports CSV; DPM 2007 doesn't, and won't in the future. Be aware that although DPM supports both software and hardware snapshot providers for backing up VMs on CSV, the latter will be significantly faster and impact VM performance less. A VM can be recovered to the original host, to an alternate host or to a network folder. There's a PowerShell script (like all System Center products, DPM is totally built on PowerShell) to automatically protect new VMs that are created on a host.

In DPM 2007, the choice was either putting a DPM agent on just the virtualisation host, or putting an agent on each VM. The host-based agent essentially allowed you to roll back a whole VM to a particular point in time, but not recover individual files inside the VM, whereas an agent inside a VM could recover individual files or Exchange/SQL data. The problem is, of course, cost: multiple DPM agent costs more money. DPM 2010 allows item-level recovery (ILR) inside a VM with only a host-based backup, and although this is limited to files (not Exchange/SQL databases), it's a fantastic addition, providing more flexibility in backup design. To make this work, the Hyper-V role has to be installed on the DPM server.

New kids on the block

As is to be expected, DPM 2010 protects SharePoint 2010 and Exchange 2010. For the latter, protection of Data Availability Groups (DAGs) is comprehensive, and different types of backups can be organised for different database copies. Restores of databases can be made to the original location, to an alternative server, to an Exchange Recovery database, or to a network share.

Recovery is as easy as pie in DPM.

Recovery is as easy as pie in DPM. (Screenshot by Paul Schnackenburg/

The biggest addition in SharePoint 2010 is that a recovery farm is no longer necessary for restoring documents or lists. New content databases in a given farm are also automatically protected by DPM 2010, without having to be manually configured.

You're the strongest link in the chain

Many businesses have a mandate to "keep the tapes offsite" to provide disaster recovery (DR) in case of a major disaster, but the required infrastructure involving couriers and safe tape handling can be onerous. DPM offers a better solution.

DPM 2007 allowed one DPM server to protect another, primarily as a DR feature. In your primary datacentre one or more primary DPM servers protected production servers and these DPM servers were then backed up to an offsite DPM server. For minor disasters, recovery could be done from local DPM servers; in the case of a major datacentre disaster, recovery was provided from the offsite DPM server.

DPM 2010 provides considerably more flexibility, where two DPM servers can protect each other. This is excellent for scenarios with two datacentres that are both in use, perhaps serving different geographical areas. Chaining is another scenario, where a primary DPM server is protected by a secondary server, which in turn is protected by a third DPM server. In DPM 2007, switching a secondary DPM server to be the primary backup target required a PowerShell script; in DPM 2010, this can be done with a right-click in the management console.

The boss always likes colourful reports to know how things are going.

The boss always likes colourful reports to know how things are going. (Screenshot by Paul Schnackenburg/

An option for storage of backups, other than disk or tape is backing up to the cloud through a company called Iron Mountain. DPM 2010 can also be bought as a preconfigured backup appliance from i365 which extends the capability of DPM with software to backup non Windows platforms.

My network, my domain

In our opinion, possibly the biggest change in DPM 2010 barely makes a single bullet point in the new features list: support for workgroup/non domain joined computers. In enterprise environments, this makes it possible to protect servers in a perimeter/DMZ network by manually configuring them to talk to the DPM server.

More importantly, this feature makes another scenario possible in the SMB market space: your IT service provider can now remotely back up your server, as well as maintain your environment. A DPM 2010 server is located at the IT service provider, and an agent is manually configured at the small business to back up to the DPM server over the internet.

A good solution just got better

DPM 2007 was a very comprehensive product for protecting Microsoft workloads; DPM 2010 takes this foundation and makes a good product even better, even more reliable and smarter, as well as more flexible. If you have a mostly Microsoft environment, DPM is a logical choice. In heterogeneous environments, DPM also fits well by protecting what it is best at and then letting the enterprise backup solution back up DPM.

Topics: Microsoft, Storage

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to start the discussion