Manage Learn to apply best practices and optimize your operations.

Data Protection Manager 2007: Relief from branch office backup headaches

The ability to easily back up applications is just one of the key improvements Microsoft made to Data Protection Manager 2007. In this article, Microsoft MVP Gary Olsen breaks down the basics of DPM and offers some helpful backup tips for Windows admins.

One of the biggest headaches for Windows administrators involves getting dependable backups. This problem takes on epic proportions in situations where there are a number of remote offices with servers that need to be backed up. Since these offices seldom have IT staffs, getting backups on those servers poses a great challenge.

Another problem is the slow process of backing up to tape (not to mention the fact that tape is fairly unreliable). A Windows admin's biggest fear would be to restore the data only to find that the backup media is unreadable -- assuming there is a backup to begin with.

Microsoft took a great step toward helping this situation a year or so ago with the release of Data Protection Manager 2007 (DPM). In the first couple of releases, Data Protection Manager had decent value in that it provided a byte/block level, disk-to-disk backup from servers (called protected servers) running an agent to the DPM server. Data Protection Manager also used Virtual Shadow service -- also referred to as Virtual Shadow Copy service.

Data Protection Manager version 1 definitely had some problems, however, causing Microsoft to abandon the hotfix route and release a new, much improved DPM v2. Currently, Data Protection Manager 2007 is marketed in the System Center suite of products and has some major improvements, including the ability to specifically back up applications like Exchange Server, SQL Server and others.

The basics of DPM 2007

As in previous versions, Data Protection Manager 2007 depends on the Volume Shadow Service (VSS) and provides delta changes at the byte/block level up to every 15 minutes. The Data Protection Manager configuration consists of a DPM server with the DPM bits installed and an agent installed on the "protected" servers. DPM 2007 is able to take advantage of native VSS writers in several Microsoft applications, allowing these applications to have their databases backed up to the DPM server. The applications that are supported by Data Protection Manager include:

  • Exchange 2003, 2007
  • SQL Server 2000, 2005, 2008
  • Share Point Server 2003, 2007
  • Virtual Server 2005 R2 SP1

In addition, DPM can be used to back up files on Windows Vista (Business edition or above), Windows XP Professional, and Windows Server 2003 and 2008. It can also be used in conjunction with the new Distributed File System replication groups.

Data Protection Manager itself can be purchased as a shrink-wrapped product for Windows Server 2003, or it may come in an OEM bundle on Windows Storage Server (WSS) 2003. Hardware vendors install WSS 2003 on network-attached storage and other storage server products and add their own management utility that can include DPM for the backup solution.

Using something like a NAS server for the DPM server is very attractive for small to medium-sized businesses. That's because the NAS server typically has a number of local disk drives that can be used to save the backups on, without the expense of fiber and SANs. Figure 1 shows the flexibility with which a Windows shop might use Data Protection Manager as a common backup solution. It is important to note that the DPM server and the application servers must be part of an Active Directory domain.

Figure 1

In a branch office configuration, you may have a variety of applications and file servers in the branch offices. While most of these will be file servers, you may have Exchange or SQL servers or other application servers in the remote offices. Thus, you could have a combination of application servers with DPM agents and file servers either with the DPM agent or configured in a DFS replication group backing up the files at the hub office.

In terms of licensing, Microsoft really got this one right. It reduced the products to only two SKUs:

    1. Standard DPML "File Agent"
    2. Enterprise DPML "Application Agent"

The Standard Data Protection Manager license permits file backups from Windows XP, Vista, Windows Server 2003 and 2008. The Enterprise DPM license is required for native backup of Exchange, SQL, Virtual Server and SharePoint Server as noted previously. But instead of splitting the Enterprise licenses by application -- thus making you buy specific licenses for Exchange and different licenses for SQL -- you simply lump all the application servers together and buy that many Enterprise licenses. For example, suppose you have 50 file and application servers that you want to add to the DPM enterprise for backup. The licensing would look like this:

  • 30 File and print servers

  • Application servers

    • 6 Exchange 2003 servers
    • 2 Exchange 2007 servers
    • 1 SQL 2005 server
    • 2 SQL 2008 servers
    • 5 SharePoint Server 2007 servers
    • 4 Virtual Server 2005 R2 SP1 servers
  • Licensing requirement:

    • 30 Standard DPM licenses (file agent)
    • 20 Enterprise (application) licenses

Not only does Microsoft make it easy to figure out what you need, it also lets you move the licenses around. For instance, if you consolidated and removed one of your SharePoint servers and added an additional SQL Server, you would not need a new license.

Data Protection Manager 2007 is definitely worth evaluating for a true enterprise solution, especially when combined with OEM storage server products like NAS and even SAN products. Using disk-to-disk backups will simplify your backup strategy and make backups faster and more reliable.

Gary Olsen is a systems software engineer for Hewlett-Packard in Global Solutions Engineering. He authored Windows 2000: Active Directory Design and Deployment and co-authored Windows Server 2003 on HP ProLiant Servers. Gary is a Microsoft MVP for Directory Services and formerly for Windows File Systems.

Dig Deeper on Windows Server deployment

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.