1 / 57

Protecting Client Data with System Center Data Protection Manager (DPM) 2010

SIM339. Protecting Client Data with System Center Data Protection Manager (DPM) 2010. Young Kwon SE Service Manager Client Data Service Management Microsoft IT. Islam Gomaa Microsoft MVP | System Center Data Protection Manager . Session Objectives and Takeaways. Session Objectives:

liz
Download Presentation

Protecting Client Data with System Center Data Protection Manager (DPM) 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SIM339 Protecting Client Data with System CenterData Protection Manager (DPM) 2010 Young Kwon SE Service Manager Client Data Service Management Microsoft IT Islam Gomaa Microsoft MVP | System Center Data Protection Manager

  2. Session Objectives and Takeaways • Session Objectives: • Learn how DPM 2010 protects clients and how it differs from server protection • Learn about DPM Client Autodeployment with ConfigMgr and OpsMgr • Discover how MS IT is protecting client data on the Microsoft internal network • DPM 2010 is Enterprise Ready! • ECAL customers already have everything they need!

  3. Agenda • Overview of DPM 2010 • Challenges with Client Backup • Using DPM 2010 for client protection • DEMO: Protecting Client Data with DPM 2010 • Automatic DPM Client Deployment • Automating client deployment and assignment with ConfigMgr and OpsMgr • MS IT: How Microsoft IT protects client data • The Future: Client Protection and DPM 2012

  4. Backing up Data on Mobile ComputersThe challenge Mobile workforce Large scale Different users with different needs

  5. Client Backup in Most Organizations End user Copy to servers backed up by IT Do your own backups Limited/no IT involvement Cumbersome for end users Policies are difficult to enforce Critical business data on laptops is not backed up

  6. Requirements for Laptop Data Backup

  7. How Does DPM Solve This?

  8. Disk-based Recovery Online Snapshots (up to 512) Active Directory® System State Up to Every 15 minutes Data Protection Manager Tape-based Backup Disaster Recovery with offsite replication & tape Data Protection Manager file services

  9. Client Protection/Recovery – Back-up Policy When you want to protect the data? What data you want to protect? How long you want to retain the data? Backup Backup Policy 8:00 AM – 12:00 AM – 6:00 PM Protect “My Documents” Retain Data for – 14 Days 8:00 AM – 12:00 AM – 6:00 PM Protect “My Documents” Retain Data for – 14 Days 8:00 AM – 12:00 AM – 6:00 PM Protect ‘My Documents” Retain Data for – 14 Days 8:00 AM – 12:00 AM – 6:00 PM Protect “My Documents” Retain Data for – 14 Days 8:00 AM – 12:00 AM – 6:00 PM Protect “My Documents” Retain Data for – 14 Days Server Admin

  10. Client Protection/RecoveryDisconnected and connected Traveling At On Site Office Meeting 8:00 AM Time to take a backup 12:00 Noon Time to take a backup While Traveling by Plane Backup Policy 8:00 AM – 12:00 AM – 6:00 PM Protect “My Documents” Retain Data for – 14 Days Backup at 12:00 Noon Backup at 8:00 AM Day 2 Day 1

  11. Client Protection/RecoveryDisconnected and connected 8:00 AM Time to take a backup Back At Corporate Office Backup Policy 8:00 AM – 12:00 AM – 6:00 PM Protect “My Documents” Retain Data for – 14 Days Restore Yesterday’s Data Restore Last Month’s Data Day 10 Day 7 Day 3

  12. Client Protection/Recovery While Traveling on Plane Backup at 8:00 AM 14 Days Policy Traveling At On Site Office Meeting Backup at 12:00 AM Back At Corporate Office Backup To DPM Backup at 8:00 AM Counter Reset After Successful Backup Day 1 Day 2 Day 10 Day 1

  13. Protecting Clients with DPM 2010 Up to 60% of an organization’s data does not reside on servers in the datacenter! demo

  14. DPM 2010 scalability A single DPM 2010 server can protect: * • 100 production servers • 1000 Windows clients • 2000 SQL Server databases • 25 Terabyte SharePoint farms with over 1M objects • 40 Terabytes of Exchange storage groups & databases 3000 * May vary based on size of each datasource, as well as scaling of DPM server memory, disk and I/O architecture

  15. DPM 2010 – Roaming Laptops • Best-in-class laptop protection for Windows Clients • Support for Windows XP, Windows Vista, and W7 • Backup over VPN or Direct Access • Scale to 3,000 clients per DPM server • “Unique user data” only • Not the whole machine, so that the OS is not repeatedly backed up • Integration with local Shadow Copies for Windows Vista and Windows 7 • Centrally configured from DPM admin UI • End-User–enabled restore from local copies offline and online, as well as DPM copies • Admin-enabled restore from DPM copies

  16. Client Backup and Restore Restore Data from other machines you have permissions to demo

  17. Intuitive End User Interface • Easy monitoring of backups • Quick access to common information and features

  18. Customizability

  19. End User Restore 1. Local Restore when not connected 2. Network restore when connected End user 3. Remote restore for new laptop Restore from DPM DPM server Build, then Restore

  20. Local Restore: Even when Offline

  21. Restore to a New Laptop (from DPM)

  22. Traditional Deployment Options

  23. Enterprise DPML – “Application Agent” – per protected server Unified support of Microsoft applications SQL, Exchange, SharePoint, & Virtualization – and files Protect DPM 2 DPM 4 DR – disaster recovery Bare Metal Recovery Active Directory System State DPM Server DPM Server with integrated Disk & Tape Also available as a DPM OEM Appliance running on Windows Storage Server file shares and directories Standard DPML = “File agent” per protected Windows Server No additional “Open File” or add-on modules Client DPML “Desktop agent” XP Pro & Vista & W7 Pricing guidance posted on microsoft.com/DPM

  24. DPM Server DPM Server with integrated Disk & Tape Inside ECAL Also available as a DPM OEM Appliance running on Windows Storage Server Not sold separately Use Rights included with ML’s Client DPML “Desktop agent” XP Pro & Vista & W7 Pricing guidance posted on microsoft.com/DPM

  25. Traditional DPM Agent Deployment • Many Ways to Deploy • Active Directory • SCCM or SCE – Most scalable option • Pushed from DPM – Simplest Option, relationship auto-established • Sysprep – Great for System Replacements • Two binary packages = x86 or x64 • DPM Pushes the appropriate version • Two Step Process • Install the Agent • Establish a relationship to the DPM Server

  26. Connect Agent to DPM Server Actual PowerShell™ script Attach-ProductionServer.ps1 $DPM -> DPM Server Name $PS -> Production Server Name $User, $Pwd, $Domain -> Credentials for associating agent with a DPM Server (admin) Attach-ProductionServer.ps1 –DPMServerName $DPM –PSName $PS –Username $User – Password $Pwd –domain $Domain Detailed blog entry on disconnected agent install scenarios at: http://blogs.technet.com/DPM

  27. DPM Client Autodeployment

  28. DPM 2010 Client Autodeployment System Center Automatic Client Protection • Deploy DPM agent via CfgMgr • Connect clients to DPM servers via OpsMgr DPM-US1 DPM-US2 DPM-EU1 DPM-AUNZ

  29. System Center Unified Deployment of DPM Clients Data Protection Manager Data Protection Manager Data Protection Manager 3. Associates clients to available DPM servers & Protection Groups 4. Association List CfgMgr Package 2. List of Clients System Center Configuration Manager System Center Operations Manager Active Directory® 5. Client associated with owner DPM server 1. Windows Clients with DPM Agents pre-installed using CfgMgr or as part of image.

  30. Automated DPM 2010 Client Protection • Install DPM rollup 1 and 2 • Install OpsMgr agent on DPM servers • DPM servers get discovered in the OpsMgr console • Add desired DPM servers to auto deployment • Specify the desired domains to be considered for auto deployment • Setup the backup policy in the ClientPGSettings.xml • Add unwanted clients for exclusion from getting auto deployed

  31. Automated DPM 2010 Client Protection

  32. Automated DPM 2010 Client Protection

  33. Automated DPM 2010 Client Protection

  34. Automated DPM 2010 Client Protection

  35. How Microsoft IT is protecting individual business PC data Young Kwon SE Service Manager Client Data Service Management Microsoft IT MS IT

  36. How MSIT Protects our Servers • Total Server count that MSIT manages: 4,000 • DPM 2010 migration completed 3,953

  37. Microsoft $ Spent for Data Backup, Loss and Recovery Reactive Deskside dispatch tech cost for data backup & restore request – $370k Data Recovery cost spent due to data Loss – $450k Proactive • External Hard Drive purchase (MS Market data only) –$580k • External Hard Drive purchase (Non-MS Market, individual and Admin’s purchase) – $500k 2011 Total Estimated Spending: $2Million 37

  38. Client Data Backup Requirements and Needs at Microsoft • Data Protection • Data Availability • Data Portability • Data Centralization Microsoft IT Admin Client

  39. Many employees have asked “How should I back up my important data?” Client PC Data Backup and Management at Microsoft • SharePoint & MySite • Virtual File Share Storage • Self-host File Server • SkyDrive • Windows Live Mesh • Windows Home Server • External Hard Drive • IntelliMirror/User State Virtualization • External Hard Drive with Bitlocker-To-Go • Data Protection Manager (DPM)

  40. DPM Client PC backup, Pros & Cons Cost Risks Competitive differentiation Benefits Quota Limit,Single PC backup at a time. Automatic scheduled backup Flexible Backup Choices Separate Application Easy & Multiple Points in time Restore CONs PROs

  41. MSIT DPM Client Pilot Program was Completed Successfully! Pilot Program Timeline Milestones: • 5 months pilot period • Completed DPM Client validations • Became a MSIT supported PC backup solution

  42. Product Feature: UI,Installation, Configuration, Incremental Backup & Restore Reliability: Incident rate was 3.2% which is a lot less than shared goal 6%. Transactional NSAT score was 129 which was reflected high client satisfaction Scalability: 5GB – 10GB quota limit, and One DPM server can host up to 3,000 client machines Performance: Roaming user PC backup is optimal over WAN, MSITVPN or DirectAccess What did we validate during the MSIT Pilot?

  43. Pilot User Experience Survey Results

  44. MSIT Client DPM Offering

  45. MSIT Client DPM Offering Right-Click Run As Administrator

  46. MSIT Client DPM Offering

  47. MSIT Client DPM Offering

  48. DPM Client System Tray UI MSIT Customized DPM Client Agent UI • DPM Client Protected Items Selection

  49. Datacenter Server Architecture of MSIT Global Deployment 1 Dublin DPM Server EMEA 2 Redmond DPM Servers Redmond & North America 1 India DPM Server India 1 Japan DPM Server Far East 1 Sao Paulo DPM Server South America 1 Paris DPM Server France 1 Singapore DPM Server South Pacific

  50. MSIT DPM Client PC Backup Service Projection • User Adoption Projection • DPM Server Capacity Projection

More Related