Data Backup Basics II: Why Replication is not Backup - Understanding the Differences


Userlevel 7
Badge +16

In the realm of IT infrastructure and data management, the terms "replication" and "backup" are often used interchangeably, leading to misconceptions about their functionalities. While both processes involve duplicating data, they serve distinct purposes in safeguarding data integrity and availability. Understanding the fundamental disparities between data replication and backup is pivotal for designing a robust data protection strategy.
 

The Essence of Replication


Replication primarily focuses on mirroring data from one location or system to another in real-time or near-real-time. It ensures data consistency across different environments, enabling high availability and disaster recovery. The goal of replication is to maintain synchronized copies of data to facilitate continuous operations and minimize downtime in case of hardware failure or site disasters.

The synchronicity of replication is also its biggest weak point – all errors in the data and all compromised data is propagated to the target side.

Characteristics of Replication:

  1. Real-time or Near-real-time: Replication systems aim to achieve synchronization as close to real-time as possible to minimize data loss in case of failures.
     
  2. High Availability: It ensures data accessibility by creating redundant copies that can be quickly accessed in case the primary system fails.
     
  3. Recovery from system outages: Replication aids in disaster recovery by enabling failover to secondary systems or locations.
     
  4. Reduced Downtime: By having readily available copies, it helps in minimizing downtime during hardware failures or maintenance.

Replication's Limitations in Dealing with Logical Errors:

  1. Propagation of Logical Errors: Replication systems dutifully copy data changes, including unintended logical errors, from the primary system to its replicas. This process results in the dissemination of flawed data across all mirrored environments, exacerbating the issue.
     
  2. Inability to Discern Logical Errors: Replication mechanisms lack the intelligence to differentiate between legitimate data updates and those influenced by logical errors. Consequently, they propagate erroneous changes across the network without identifying or rectifying them.

Challenges in Addressing Compromised Data through Replication:

  1. Unmitigated Spread of Compromised Data: In scenarios where the primary system falls victim to a cyberattack, replication mechanisms, operating in real-time, inadvertently propagate the compromised data to all mirrored instances, leading to widespread contamination.
     
  2. Limited Data Integrity Checks: Replication processes focus primarily on mirroring data swiftly without extensive integrity checks, making them susceptible to transmitting corrupted or compromised data without detection.
     

Mixed approach – Snapshots and Replication


Snapshots of the primary system can be replicated to a secondary system, which is a middle ground between the above methods and a backup. With this procedure you get different states of the data in the individual snapshots, so a certain versioning has been achieved. But here too, all copies of the snapshots are on production machines, which are supposed to take over from each other if one of the systems involved fails. For this reason, this mix of methods does not qualify as a real backup, at least for me.
 

The Crucial Aspects of Backup


Contrary to replication, backup involves creating secondary copies of data at specific points in time. These copies serve as a historical record, enabling the restoration of data to previous states. The key objective of backup is not just data redundancy but also the ability to recover from various data loss scenarios, including human errors, malware attacks, or data corruption.

Characteristics of Backup:

  1. Independence from productive systems: Backups copy the data into an environment that is independent of the production environment. There they are saved according to the set policies and with the desired retention.
     
  2. Point-in-time Recovery: Backups capture data at specific moments, allowing restoration to a particular state in the past, essential in addressing accidental deletions, data corruption, or cyberattacks.
     
  3. Versioning and Retention: They maintain multiple versions of data, enabling access to historical records and mitigating the risk of overwriting or losing valuable information.
     
  4. Isolation of Clean Data States: Backups retain historical versions, allowing the restoration of data to a point before the logical error or cyber intrusion. This capability prevents the propagation of erroneous or compromised data across the system.
     
  5. Protection against Human Errors and Malicious Acts: Backups act as a safeguard against accidental or intentional data alterations, ensuring recoverability from various threats.
     
  6. Comprehensive Data Integrity: They provide a comprehensive snapshot of the data, preserving its integrity and consistency over time.
     
  7. Granular Recovery: With multiple data versions stored in backups, IT administrators can meticulously select clean copies, mitigating the risk of reintroducing flawed data during the restoration process.
     

Understanding the Gaps: Replication vs. Backup

  1. Lack of Point-in-Time Recovery:
    Replication does not inherently provide the ability to recover data from a specific moment in the past. While it ensures data availability in real-time, it does not capture the historical states necessary for reverting to a specific point in case of errors or attacks.
     
  2. Vulnerability to Human Errors and Malicious Attacks:
    Replication solutions propagate changes, including human errors or malware-induced corruptions, to mirrored systems. In contrast, backups preserve different versions, protecting against these alterations and ensuring the ability to revert to clean copies.
     
  3. Retention and Versioning:
    Backups maintain a history of data versions, enabling granular recovery from multiple points in time. Replication lacks this feature, as it typically overwrites old data with newer versions, leaving no historical records beyond a certain point.
     
  4. Comprehensive Data Protection:
    While replication ensures redundancy and availability, it does not guarantee complete data protection against various scenarios, including ransomware attacks, data corruption, or accidental deletions, where backups play a critical role in recovery.
     

The Complementary Role of Replication and Backup


It's essential to recognize that replication and backup serve distinct purposes in a comprehensive data protection strategy. Rather than being mutually exclusive, they are complementary elements, each fulfilling specific requirements for ensuring data integrity, availability, and recoverability.

Achieving Synergy:

  1. Integration for Enhanced Resilience: Combining replication for high availability with periodic backups provides a resilient strategy that covers both immediate accessibility and historical data recovery needs.
     
  2. Optimized Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO): Employing replication for continuous availability and backups for point-in-time recovery allows organizations to tailor RPO and RTO to their specific business requirements.
    (Spoiler: We will have a closer look at these term in a later article…)

Building a Comprehensive Strategy:

  1. Identify Critical Data: Understand the criticality of different datasets to determine the appropriate mix of replication and backup.
     
  2. Implement Tiered Approach: Employ different levels of protection based on the importance and frequency of data changes, utilizing both replication and backup accordingly.
     
  3. Regular Testing and Validation: Regularly validate the effectiveness of both replication and backup strategies through testing and simulations to ensure their readiness during actual data loss scenarios.
     

Conclusion


While replication serves the purpose of maintaining data availability and facilitating disaster recovery, it falls short in providing the essential elements of a comprehensive backup solution. Understanding the nuanced differences between replication and backup is imperative for IT professionals tasked with building robust data protection architectures.

In essence, replication and backup are not interchangeable terms but rather complementary strategies that, when integrated thoughtfully, form a resilient and comprehensive data protection framework. By acknowledging their distinctive roles and leveraging them accordingly, organizations can fortify their defenses against data loss, ensuring continuity, integrity, and recoverability in the face of evolving threats and challenges.

A prudent approach involves not relying solely on replication or backup but synergistically integrating both to create a holistic data protection ecosystem that safeguards against a myriad of potential risks, ensuring that data remains resilient, available, and recoverable in any circumstance.


13 comments

Userlevel 7
Badge +20

Another great article Joe in your series. Thanks for sharing. 👍

Userlevel 7
Badge +8

Great write up.  I may forward this up the chain for reference. 

I am often explaining why our costs are so high, and why we need so may copies of our data.

Separating DR and BACKUP is a hard thing for non technical people to understand sometimes.

Can backups be part of your DR plan, sure. but not if you have a low RTO/RPO usually. 

Having a DR plan for your backups with offsite copies is important too. 

 

 

Userlevel 7
Badge +7

Great article, thanks for sharing it @JMeixner !

I agree with everything, but one point has me wondering: Lack of Point-in-Time Recovery.

It is certainly true that, with same RPO, with backups we can go much further back in time, but it is also true that I can get a minimum of "history” even with replicas:

 

  • standard replicas: the maximum number of restore points for VM replicas is limited to 28
  • CDP replicas: the maximum number of long-term restore points per disk is 95.

In any case, for me replicas are made to have the most up-to-date data possible, in fact I almost always leave only one restore point in the configurations..let's leave the long term retention to the backups! 😅

Userlevel 7
Badge +16

Great article, thanks for sharing it @JMeixner !

I agree with everything, but one point has me wondering: Lack of Point-in-Time Recovery.

It is certainly true that, with same RPO, with backups we can go much further back in time, but it is also true that I can get a minimum of "history” even with replicas:

 

  • standard replicas: the maximum number of restore points for VM replicas is limited to 28
  • CDP replicas: the maximum number of long-term restore points per disk is 95.

In any case, for me replicas are made to have the most up-to-date data possible, in fact I almost always leave only one restore point in the configurations..let's leave the long term retention to the backups! 😅

Thank you @marco_s ,
yes, you are right, there are many mixed concepts, one example is explained in the part “Mixed Approach - Snapshots and Replication” and there are many more...

The versioned replica you have mentioned is in my opinion not the classic replication, it’s a mix between snapshots, replication and some basic aspects of backup. The classic replication replicates all changes to another system or location and you have one identical copy of your primary data.

Userlevel 7
Badge +7

Yes, talking about general definition you’re right..my fault, I’m always too much focused on Veeam products/technologies! 😅

Userlevel 7
Badge +16

Yes, talking about general definition you’re right..my fault, I’m always too much focused on Veeam products/technologies! 😅

😁 Yes, I know that and it often happens to me that I think too specifically about certain products. But this time I wanted to write a series that was completely manufacturer independent.

Userlevel 7
Badge +9

Great piece, and topic idea from your last post @JMeixner!

Userlevel 7
Badge +6

Great article @JMeixner , thank you!

Userlevel 7
Badge +15

Another solid post Joe.

Again, storage array replication does indeed provide all you mention under the Backup section, with the exception of granular restore. My array (and I’m sure most arrays do) provides a full initial replicated copy to a partner/target array (i.e. separate from prod); subsequent snapshots/replicas are increments, and are from a ‘moment in time’, so provide a form of versioning; as they are snaps of production Volumes, they don’t involve human interaction & thus no human error.

And, I don’t understand how a backup doesn’t have the same ‘logical errors’ or ‘flaws’ as you mention a replicated copy would have. If there are errors within a system, whether a backup or replica is taken, both backups and replicas would have the same “logical flaw” or “error” within it, no? I think this is also true when speaking of malware infection/compromised data. Interested to hear your thoughts further here.

Userlevel 7
Badge +16

I see your point, Shane. And I described your scenario in my article → Mixed approach – Snapshots and Replication.

My main point of criticism with this is, that the storage system where the data is replicated on is in most cases t the system is designed to take over production if the main system fails. This scenario is completely valid to have a possible way to restore production very fast.

But it must not be the only protection of your data. In addition to this you need a backup with the backup data on a completely separate system. From this restore of the data is slower, but the data is much more save.

This is what I call tiered strategy - snapshots, replication AND backup (with 3-2-1 rule or better) together to protect your most valuable asset - your data. And yes, call me paranoid 😎, but most of my customers want exactly this, at least after the first attack or disaster….

Userlevel 7
Badge +15

For me, these replica partners, thankfully, are not used to take over my prod in the event of an outage. They are backup arrays in which I replicate parts of my prod data to. I have a whole other array to take over prod in the event my prod array goes down. I use this other array for Veeam Replicas. 

No sir...this isn’t the only way I protect my data...and totally agree. I agree with all you say, actually. Not trying to be a pain 😊 I was just playing devil’s advocate a little bit. 😉 I wouldn’t advocate this scenario I’m describing as a sole DR strategy for anyone. It’s just one of a few layers I have in place is all. I guess to your point..a ‘tiered strategy’ approach.

Enjoying your series btw… 😊

 

Userlevel 7
Badge +16

Fine. 😎

I do not claim to possess the sole absolute wisdom. There are many valid solutions, I try to demonstrate some best practices I build up in over two decades in data ürotection business with this series.

I enjoy to discuss about scenarios and solution. So, thank you for this, Shane. 👍🏼

 

Userlevel 7
Badge +15

Likewise Joe. 😊

Comment