In an previous article I explained how to perform the initial configuration of Microsoft System Center Data Protection Manager and how to deploy the agents to the servers that you want to protect. In this article, I will explain how to actually protect those servers.
The first step in configuring Data Protection Manager to protect the servers that you have deployed agents to is this: Create one or more protection groups. A protection group is a collection of one or more resources for which you have a common protection goal.
For example, resources within a protection group share a common protection schedule, consistency check schedule and even the same disk allocations. If all your protected resources have the same protection-related requirements, there is no reason why you can't just place all of the protected resources into one protection group. If some of your protected resources need a greater degree of protection than others, you'll need to create multiple protection groups and place resources into those protection groups according to your protection requirements.
Before you can define your Data Protection Manager server's first protection group, you must have added at least one hard disk to the storage pool and deployed at least one agent. (Those tasks are fully explained in the previous article.)
To create a protection group, select the DPM Administrator Console's Protection tab. Then click the Create link found in the Actions pane. When you do, Windows will launch the Create New Protection Group Wizard. Click Next to bypass the wizard's Welcome screen. You'll be prompted to enter a name for the protection group you are creating.
You can call the new protection group anything you like, as long as the name has not already been assigned to another protection group. I recommend using a descriptive name to help you to remember the protection group's purpose.
Click Next and you'll be prompted to select the resources you want to include within the protection group. Fig. 1 shows that you can select either Shares or Volumes and Folders. You cannot mix the two in a protection group. A protection group must include either all share resources or all volume and folder resources. However, you can create one protection group for shares and another protection group for volumes and folders.
You must select the resources to include within the protection group.
Note: You are not obligated to protect all of a server's resources. You are free to pick and choose which resources will be added to the protection group.
After selecting the resources that you want the protection group to protect, click the Next button. You'll see a screen similar to the one shown in Fig. 2. This screen displays the cumulative size of the resources you're including in the protection group. Microsoft System Center Data Protection Manager will automatically calculate the amount of space that should be allocated to the protection group (this calculation takes a few minutes). You are free to change the space allocation, but Microsoft recommends that you follow DPM's recommendations.
DPM automatically calculates how much disk space should be allocated to the protection group.
Click Next and you'll be prompted to select the initial replication method for the resources included in the protection group. Microsoft System Center Data Protection Manager is configured to begin replicating data from the protected servers immediately upon completion of the wizard. But you have the option of scheduling a time to begin the replication cycle. DPM also gives you the option of transferring the protected files to the DPM server manually. Manually transferring the protected files to the DPM server is a pain, but it may be worth it if the protected server resides across a WAN link and contains more than a couple of gigabytes of data.
Click Next and you will be asked to create a protection schedule for the protection group. The Create a New Protection Group Wizard requires you to create a synchronization schedule and a shadow copy schedule. What's the difference between synchronization and a shadow copy? In DPM terms, synchronization refers to looking at the protected data, and copying any changes to the DPM server. The thing to understand about synchronization is that only the bytes that have changed within a file are actually copied. This conserves network bandwidth and disk space since, the entire file isn't being copied each time that it changes. For example, if you have a 100 MB file and 1 KB of data within the file changes, only 1 KB of data is sent to the DPM server rather than copying the entire 100 MB file.
Because Microsoft System Center Data Protection Manager only copies changed bytes rather than entire files when data changes, it occasionally performs a consistency check. A consistency check is a block-by-block comparison of the data on the protected resource, and it's backup copy on the DPM server. Because consistency checks chew up time and resources, they are normally performed only when a replica is created for a protection group or when a new data source is added to an existing protection group. It is also possible to schedule a daily consistency check through the Advanced Options section of the Create New Protection Group Wizard's Protection schedule screen.
Shadow copies are a different animal. DPM is designed to retain multiple versions of each file as the file changes. Each shadow copy is basically a file version.
For example, the default protection schedule consists of hourly synchronizations, and perofrms shadow copies three times a day.So if you had to recover a protected file, you would never lose more than an hour's worth of changes to that file. However, Microsoft System Center Data Protection Manager doesn't flag the file as a new version every time you modify the file. New versions are linked to shadow copies. Therefore, with the default schedule, there are three different versions of the file retained each day (assuming that the file is modified enough to warrant the new versions). Depending on your server's resources, Microsoft System Center Data Protection Manager can retain up to 64 versions of each protected file.
Now that you have defined the protection schedule, click Next and you'll see a summary of the protection group's configuration. If everything looks good, click the Create Group button and the initial replica will be created (unless you have chosen a delayed or manual replication).
Microsoft System Center Data Protection Manager Fast Guide
Verifying Data Protection Manager status
Server plays key role in Data Protection Manager deployment
Why Data Protection Manager is replacing disk-to-tape backups
Troubleshooting Data Protection Manager warning message
Measuring the impact of Data Protection Manager 2006
Storage pool savvy helps admins optimize Data Protection Manager
Watch out for unsupported data types in Data Protection Manager
Protecting servers with Data Protection Manager
About the author:
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. He writes regularly for SearchWinSystems.com and other TechTarget sites.