The definition of mission critical has evolved dramatically in the past five years. The growth and business criticality of email and unstructured data, shared documents and the continued importance of transactional data have widened the spectrum of recovery point objective (RPO) and recover time objective (RTO) requirements.
Increasingly, business continuity practitioners are being asked to provide a wide-range of services with RPOs from zero or near-zero data loss to within a day; and RTOs ranging from near instantaneous to within a day or two. These parameters are driven by business and regulatory requirements and the spectrum of cost can be enormous-- ranging from many thousands to hundreds of thousands to millions of dollars to provide these capabilities. This widening spectrum is what interested me in Axxana’s Phoenix product. Phoenix is a disaster-resilient storage unit, which is deployed at the site of the primary storage device in a storage system. Phoenix temporarily stores data records during the process of copying stored data to a remote secondary storage device. If the primary storage device is damaged, the records stored by Phoenix can be used, together with the data in the secondary storage device, to reconstruct all of the data stored previously by the primary storage device with zero or near-zero data loss, regardless of how distant the secondary storage device is from the primary. In other words – Phoenix can provide zero or near-zero data loss over asynchronous distance and infrastructure (i.e. data center costs, communications lines, etc).
Tradeoffs in Synch and Asynch Replication
Before the Axxana product became a commercial idea, synchronous replication was required to ensure zero or near-zero data loss. In synchronous replication, each item of data in an I/O operation must be written successfully to both the primary and the secondary sites before data processing can continue. The longer the distance between the sites, the greater the time required to complete the write and send back the acknowledgment from the secondary site. This long delay in I/O response is unacceptable in many applications.
The alternative technology is asynchronous replication, which allows virtually unlimited distance between sites by buffering the data and writing to the remote site asynchronously. In a disaster, however, this buffer is lost, and with it up to 30 minutes of I/O data (depending on the distance between the primary and secondary sites). This sort of loss is not acceptable for many enterprises, such as financial organizations, for example, which may transfer millions of dollars in a transaction. It is increasingly unacceptable to organizations with highly-integrated sets of applications, including e-mail, in which any data loss means significant problems for IT and business recovery.
The need for secure storage backup was emphasized by the U.S. Securities and Exchange Commission in a Draft Interagency White Paper that was released in 2002. The paper discusses the need for disaster-proof backup and implies (see the last paragraph on page 12) that primary and backup sites should not be proximate – that is they should be as much as 200-300 miles apart. The paper caused major concerns in the industry, since synchronous replication over such distances is too slow to be practical, while asynchronous replication could not provide zero data loss.
Achieving Near Zero Data Loss
The only technology capable of providing disaster recovery with near-zero data loss was three-node remote replication, which requires IT equipment in each of three nodes and high-speed Wide Area Network (WAN) communication between the sites. Three-node systems are available from EMC, Hitachi, IBM, and, most recently, 3PAR, often for use with mainframe computers, but they are prohibitively expensive and have therefore gained limited market acceptance. And they are still susceptible to regional disasters that take down both synchronous sites, so that while they will reduce the probability of losing data, such configurations do not eliminate the data loss problem.
Until Axxana introduced the Phoenix product, the problem of achieving zero or near-zero data loss with low I/O latency in a two-node system was thought to be unsolvable. The idea that information stored at the primary site could be used in reconstructing data following a severe disaster at the primary site was not even considered to the best of my knowledge. Alex Winokur (the inventor of this technology) solved this “unsolvable” problem by coming to the surprising realization that a certain amount of data could be preserved at the primary site and used in post-disaster data recovery, as long as it is stored in a suitable enclosure that is practically disaster-proof. This invention reconciles the seemingly contradictory demands of zero data loss and low latency. It thus answers the need that has been widely felt, at least since 2002, for a secure zero-data-loss storage solution at reasonable cost.
The Road Ahead
It is our expectation that Axxana technology will gain wide acceptance and enjoy commercial success, but it will take time because it is so new. A number of major storage system vendors, including EMC, have indicated that they will collaborate with Axxana on integrating the Phoenix product into their systems. It is our view that the availability of Axxana technology will, in fact, increase the market potential for zero-data-loss, remote-backup solutions by as much as 300-400%.
But several things need to happen for this prediction to come to fruition, including:
- Axxana needs to secure its first public reference accounts.
- The company needs to broaden compatibility beyond EMC’s CLARiiON product line, which works in conjunction with EMC's RecoverPoint solution.
- OEMs and the channel need to strongly endorse the concept.
Axxana’s Phoenix technology is not considered mainstream. Phoenix is big and bulky, and some are off put by its size and unattractiveness. However it solves a real problem at substantially lower costs and is far smaller than a third data center. In fact, if the technology can be proven reliable, there is no practical reason that it should not become a fundamental component of a company’s business continuity strategies.
Action Item: Technologies to achieve near-zero data loss at asynchronous distance involve infrastructure including data centers, communications lines, and other resources that are prohibitively expensive. However, increasingly businesses require zero-data-loss solutions as information risk escalates. Practitioners should investigate Axxana's Phoenix System family of solutions, if only to visualize how such an approach might change the risk profile of their organizations, while dramatically decreasing expenses.