legaltech® new york january 29 – 31, 2013 legaltech® new york january 29 – 31, 2013 protecting...

LegalTech® New York January 29 – 31, 2013

Protecting Your Crown Jewels in a Virtual World: Strategic

Systems RecoveryJanuary 29, 2013

3:45 - 5 PMNew York Hilton

LegalTech® New York 2013 2

Speakers:

• Marcus Bluestein, Kraft Kennedy, Moderator

• Steven Shock, Irell & Manella LLP • Jim McCue, Rodey Law Firm• Steve Skidmore, Martin, Clearwater &

Bell LLP

Industry Trends

Marcus BluesteinChief Technology OfficerKraft Kennedybluestein@kraftkennedy.com

Industry TrendsUse of server virtualization increase again…

Industry Trends…as does use of SANs.

Firms using SANs

2012 2011 2010 2009

Industry Trends

Traditional backup systems are declining

Industry TrendsFirms increase use of disk-based backup

Industry Trends…increase use of replication technology,

Industry Trends…and slowly begin to explore online backup.

RPO and RTORECOVERY POINT OBJECTIVE (RPO)The amount of data loss associated with a service failure.

The Recovery Point Objective (RPO) is the point in time to which you must recover data as defined by your organization. This is generally a definition of what an organization determines is an "acceptable loss" in a disaster situation. If the RPO of a company is 2 hours and the time it takes to get the data back into production is 5 hours, the RPO is still 2 hours. Based on this RPO the data must be restored to within 2 hours of the disaster.

RECOVERY TIME OBJECTIVE (RTO)The amount of downtime associated with a service failure.

This is meant to describe the amount of time between when a service becomes unavailable to users and when service is restored. This includes time to try to fix the problem without resorting to the recovery procedures, the time to enact the recovery process, testing of the recovered system and communication to the users.

RPO and RTO

ApplicationPerceived

RTOPerceived

RPOAchievable

RTOAchievable

RPODesired

RTODesired

Messaging

Accounting

Lit Support

Remote Access

Docketing

Records Management

Knowledge Management

Other practice area specific systems

Applications

Strategic Disaster Recovery with Exchange

Steven ShockChief Technology OfficerIrell & Manella LLPSShock@irell.com(310) 203-7511

Irell & Manella LLP

• 450 users• 2 Offices• IP Litigation

• Concierge Service

• Retention Policy

Irell Environment

• Los Angeles Primary Data Center• Newport Beach Data Center• Arizona Data Center• HP Server – DL 380: 20 Hosts• HP Storage – HP P4000 Lefthand: 1.5 Petabyte raw storage• VMWare 5.1 - SRM• Cisco Nexus Core Switching• MPLS – 100mbps each location• Watchguard Branch Office VPN – LA & AZ

BASIC CONCEPTS

Client Connections

MAPI Connects through the CAS Role

What “Mailbox” Server is listed in Outlook Profile?

Database Availability Group• Replication Boundary

• High Availability vs. Site Resiliency– HA is Site-based– Site Resiliency Across Sites

• Consider Recovery Objectives

• Quorum Isolation

Redundancies• Servers / VMs• Load Balancing

• Multiple Database Copies

• Shadow Redundancy

Design Philosophy• New Design Philosophy

– Recovery Objectives– Database Design

• Dependent on Environment– Simple– Complex– Moderately Complex

• Staggering Number of Options!

Design Options

• High Availability• Exchange Native• VMware• Third Party On-premise• Third Party Email

Continuity

• Client Connectivity • Outlook AnyWhere• Outlook WebApp• SSLVPN / UAG• Mobile Devices• MDM

• Replication • Exchange Native• Third Party Software• SAN-based• Future Integration

• Disaster Recovery• Exchange Native• Third Party Email

Continuity• Third Party On-premise

• Software Based• SAN Solutions

Too Many Options!

Recovery Objectives• Reasonable Objectives are Usually Exceeded

– Don’t Increase Firm Expectations!

• What Failures are you Designing for?– Failure Domain(s)

• Time Objective (RTO)

• Point Objective (RPO)

Database• Design Philosophies: Old and New

– Policy– Backups– Recovery Objectives

• Large Databases

• Archive Database

• Lagged Copies

Database

• Single Item Recovery

• Recovery Database

• Override Mount Dial

• Offline Database Copy Seeding – http://blogs.technet.com/b/timmcmic/archive/2011/07/12/exchange-2010-using-v

ss-to-perform-an-online-offline-database-seed.aspx

CAS / Hub Roles

• Multiple Servers Hosting Roles

• Production and DR

• NLB for CAS

• Hub – Native HA

Network / WAN

• WAN Redundancy– Links– Carriers– Equipment

• Replication Network

• DAG Replication Maximum Latency– Adjust Cluster Settings?

Backup / Recovery

Other Options• HA at Virtualization Level

• SAN Replication– Database or Full Environment

• Managed & Cloud Services

DR Testing

• Worse Than a Disaster?

• Full Failover vs. Unit Testing

• VMware / Site Recovery Manager– Restore Environment in a “Bubble”– Restoring DAG Can be Difficult– Consider New Server and Database Portability

Site Failover

• Database Failover• Activation Blocking• CAS Proxying

• Site Failover– Start/Restore DAG– Update DNS

• Internet Mail

Site Failback• Restore / Resume Servers

• Resume / Update Database Copies

• Verify Health

• Failover Databases

• Update DNS

Lessons Learned - 1• NLB / Kerberos Authentication

– Consider DR site – http://technet.microsoft.com/en-us/library/ff808312.aspx

• DAG in a Single Site?– Put DAG in DAC Mode Anyway– DatacenterActivationMode [DAGName] –DatacenterActivationMode

DAGOnly

• Only One CAS Server?– Still Consider using CASArray Setting– Future Growth

Lessons Learned - 2

• Failback URL– http://blogs.technet.com/b/mbaher/archive/2010/11/27/robert-s-rules-o

f-exchange-namespace-planning.aspx

• Namespace Considerations– Internet Name(s)– MAPI– Don’t Mix!

Steven ShockChief Technology OfficerIrell & Manella LLPSShock@irell.com(310) 203-7511

Q & A: Steven Shock

Back Up/Recovery with VMWare

Jim McCueInformation Systems ManagerRodey Law Firmjmccue@rodey.com

Rodey Environment• Overview

– 75 attorneys/150 people/2 offices – Litigation/Business– 30 mb QMOE WAN Albuquerque – Santa Fe

Rodey Environment• Virtualization

– 80% virtual– 2 datacenters (Albuquerque, Santa Fe)– 4 VMWare 4.1 esxi hosts w H/A– 30 Guests

• Exchange 2010• Aderant• Autonomy• BES, File Servers, DCs, MailMarshal

Rodey Environment• EqualLogic SANS

– Albuquerque 2 x PS6000XV• 13 TB usable• 3.5 TB data + replication

– Santa Fe PS6000E• 11 TB usable• 3 TB data + replication

• Local disk backup storage– Albuquerque, Santa Fe

• Drobo B1200i: 12TB

• Disk to tape: Dell Powervault lto5 tape autoloader

Rodey Goals• RPO (Recovery Point Objective)=4 hour• RTO (Recovery Time Objective)=8 hours, 16

hours– Tier one applications=8 hours

• Network Authentication• E-Mail• Documents• Time Entry & Billing

– Tier two applications=16 hours• E-discovery & Litigation DBs• BES• Citrix

Rodey Goals

• D/R– Move operations to other office– Replication

• Restores– VM Level Recovery– Application Level Recovery

•Files, SQL, Exchange, A/D• Archive to tape->move to disk offsite in the

future

EqualLogic• Thin provisioning• Snapshots• Replication

– 6.0 firmware: Synchronous

• EqualLogic Snapshot Manager/VMware Edition (ASM/VE)– VMWare Tools quiescence– VMWare consistent image

• EqualLogic Snapshot Manager/Microsoft Edition (ASM/ME)– Volume Shadow Copy: Exchange, SQL– Requires guest attached storage– Transactional consistent image– No log truncation

Veeam Backup & Replication• Bare metal hypervisor backup

– Vmware/Hyper-V• Deduplication• Compression• Changed Block Tracking (VMware

Veeam Backup & Replication• Application aware processing

– Exchange, SQL, AD, Sharepoint– Veeam agent -> MS VSS agents– No permanent guest agent– Transactional consistent image– Log truncation

Veeam 6 – distributed processing

Veeam Backups• Full, • Incremental• Reverse Incremental

Veeam Replication• Replication

– Full + VMWare snapshots

– Network mapping and re-IP

Veeam Replication• Replication Recovery

– Failover

– Failback

Veeam Verification• SureBackup

– Live Verification– Virtual Lab– Application Group– Scheduled

Veeam Verification• Application Group - Role

Veeam Restores

Veeam Restores• Instant Recovery

– Mount backup file as NFS– Track VM changes to store– Vmotion backup file +changes

• VM– Overwrite, new location

• VM Hard Disks• Guest Files• Application Items: Application Item Recover

– Exchange, SQL, AD

What does Rodey do?• Backups

– Veeam to disk– Backup Exec disk to tape

• Replication– Veeam to remote SAN

• Snapshots– Equallogic to same SAN

EqualLogic & Veeam• Application specific tips

– Active Directory• avoid restore/failover

– SQL• Use native SQL backups to disk• Don’t truncate logs with Veeam

– Exchange• Tie to A/D backup• DAGs - watch for failover

EqualLogic & Veeam• Things to watch out for

– Stagger scheduling• Backups• Replication• Snapshots• Backup of backups

– Open snapshots: alarms– Virtual or physical– Don’t backup to VMWare disks!

• Guest attached storage

Jim McCueInformation Systems ManagerRodey Law Firmjmccue@rodey.com(505) 766-7504

Q & A: Jim McCue

Backing Up with Evault

Steve SkidmoreIT DirectorMartin Clearwater & Bell LLP

skidms@mcblaw.com

• Martin Clearwater & Bell LLP

– Litigation Firm – IT Department

Backing Up with Evault• Risk Assessment

– Security Risk Tolerance•Interruption to business can be costly•Responsibility to clients

– Geographical Location•United Nations, Israeli Consulate,

Grand Central Station– Hardware / Software Infrastructure– Regulatory Compliance Requirement

• Risk Assessment– Disaster– Outages– Planned Maintenance

• Risk Assessment– Essential Applications– Recommended Applications– Non-Essential Applications

• Risk Assessment– Who is going to access the

recovery system?– Where are they going to access

from?– How will they access the system?

Backing up with Evault• Things to consider

– Traditional backups•Significant capital •Costly to scale •Multiple systems

– Cloud-based DR services•Turnkey solution•Virtualized environments•Overburdened •Budget-friendly

Backing up with Evault

• Cloud Disaster Recovery Service – Is data securely transferred? – Is data securely stored?– How does the authentication process

work? – Meet regulatory requirements?– Bandwidth capacity?

• Cloud Disaster Recovery Service– Secure,Virtual hot cloud environment – SSAE 16-compliant data center – ISO Certified– HIPAA Compliant– Offsite Solution– 4hr SLA

• Hybrid Approach– On Prem– Cloud

• Setup– Application Plug-ins– Backup Agents– Collector S/W – Additional NIC– Subnet– VPN

• Setup– Replication

•Vaults •Servers

– Utilities•Migrate•Optimization

• Test

Q & A: Steve Skidmore

Q & A: General

legaltech® new york january 29 – 31, 2013 legaltech® new york january 29 – 31, 2013 protecting...

legaltech new york

pm new york hilton slide

declining slide

based backup slide

clearwater bell llp

industry trends firms

recovery point objective

data loss

Documents

5. weblaw forum legaltech · weblaw forum legaltech ......

keele map january 2018 - york university

cross border ediscovery vs. eu data protection at legaltech...

new york family january, 2013

upper new york: january/february 2015

january 2013 made in new york

january 3, 2020 - york, maine

30 hot legal palm and handheld tips and gadgets in 60...

today's homes york january 14, 2016

legaltech lunch & learn feb. 3, 2009

slta regulatory task force report - swiss legaltech...swiss...

scojo new york january 2015 releases

legaltech lunch & learn feb. 3, 2009

legaltech and lawtech: global perspectives, challenges

tr legaltech startup report 2019 - thomson reuters ·...

todays homes york january 28, 2016

county opioid quarterly report published january, 2018 - new...

agile legal project management (moscow legaltech 2017)

scientific conference “legaltech, artificial intelligence

swiss legaltech association · 2019-10-19 · swiss...