NetApp's Protection Manager

NetApp has had an interesting line of data protection products for a long time, including snapmirror, snapvault, snapmanager, and open systems snapvault.  What they didn’t have was a centralized place to configure, manage, and report on all those things.  That all changed with the release of Protection Manager several months ago.  Click Read More to learn more.

Protection Manager (which I’ll call PM because my fingers are lazy) has been GA since May 2008 and now has over 500 customers, including some of NetApp’s largest customers.  I finally had a chance to see a demo of it today and was pretty impressed.

PM uses Data Fabric Manager (DFM) that runs on a Windows, Linux, or Solaris server.  You log in to the PM GUI that can run on your Windows or Linux workstation, and it talks to the DFM server for you.

PM first allows you to define Data Sets, which are groups of data that will be protected in a similar way, such as home directories or Oracle data.  You can also define Resource Pools, which are groups of targets that can accept snapmirror and snapvault traffic, such as all your NearStor systems.  You can then define policies that associate Data Sets to Resource Pools, and include when and how that data will be protected.

Instead of using product names (e.g. snapmirror), the policies use common sense terms like “backup” and “mirror.”  You can have a policy that backs up (only), mirrors and backs up, backs up, then mirrors, etc.  (There are 10 different policy types in the GA version, more coming in October’s release.)  You can even define a “no protection” policy, which basically says “ignore this dataset.”

Once you’ve defined the data sets, resource pools, and polices, then policy manager does all the work for you.  It automatically creates the snapvault/snapmirror relationships and schedules, assigning each data set to an appropriate resource.  It even tries to take into account load balancing, so you it’s spreading out the backup load.  You can then click on Preview to have it do a dry-run of what the backup is supposed to do when it runs.  The dry run makes sure that all the appropriate passwords are in place and that the resources are available and have sufficient space to do the job.

Once you’ve done all that (which is about 1000% easier than it used to be, when we had to set up all those snapmirror/snapvault relationships and schedules on our own), you can then report on the success and failure of all your PM jobs from the dashboard.  If there are any volumes, qtrees, or OSSV systems that PM knows about, and that you haven’t told it to ignore using the “no protection” policy, it will list them in the “unprotected” tab.  Pretty nice.

The most recent version of PM (limited release now, due to be GA in October) has added support for DR policies, adding the common sense “DR” term to some of the policies.  (The difference between a DR and a non-DR policy in NetApp’s eyes is whether or not you can fail over to it.  For example, a snapvault destination is a backup, not a DR system.  Only snapmirror and qtree-snapmirror can make targets that you can failover to.)  If you do need to failover, for testing or for real, you can manage and report on the failover in PM.   If you’re failing over for testing, you can even tell it to do a final update before failing over.  Nice.

While there is some functionality for snapmanager (e.g. SnapManager for Exchange, Oracle, etc), the product still isn’t fully integrated with the snapmanager line, and they said they’re working on that.  They’re on their third version in under a year, so it’s obvious that they’re working very hard to bring new functionality to the product, so I’m sure we’ll see something soon.

Things have come a long way since the first time I saw snapmirror so many years ago.  Keep it up, NetApp.

Written by W. Curtis Preston (@wcpreston), four-time O'Reilly author, and host of The Backup Wrap-up podcast. I am now the Technology Evangelist at Sullivan Strickler, which helps companies manage their legacy data