As amazing as it might sound, many companies still don't pay adequate attention to their backup strategy and run the risk of losing crucial data due to server failure or user error. Some companies might find out too late that the data stored in their databases, document collaboration systems, or email systems didn't get backed up because their backup solution was out of date, unable to work with modern applications, or meant to handle only file-level backups.
There are many available backup solutions that companies can buy and install on their own servers. However, there are far fewer backup appliances. One noteworthy offering is the Symantec NetBackup 5200 series of appliances, which runs the same NetBackup software that companies can buy and install on their own hardware. The basic NetBackup 5220 appliance comes with two 1GB network ports: one for initial configuration using a laptop computer and the other for connecting the appliance to the network. The device has slots for additional network ports. The basic unit ships with 4TB of disk space but can be expanded.
I recently installed, configured, and used a NetBackup 5220 appliance. I was impressed by the rich feature set and performance offered. However, I did encounter a few problems.
Performing the Initial Configuration
You begin the initial configuration by connecting your laptop to the configuration network port using a crossover network cable, opening your browser, and connecting to 192.168.1.1. This is where I first encountered a problem, as that address was being used by my primary firewall on my network. To fix the problem, I had to change the configuration port's IP address to one outside of any subnet range I was using, which can only be done from the command line. Symantec confirmed that this was a known issue and said that a future version of the Getting Started guide would address the problem and provide a workaround.
Next, you provide configuration information. In addition to specifying the network parameters (e.g., IP addresses for all NICs), you specify a password for the built-in administrator account, Network Time Protocol (NTP) information, and whether to use DNS or a local HOSTS file for client name and address resolution. You also specify whether the appliance will take the role of a Master or Media server. In a new deployment, the first appliance will be a Master server. Additional servers typically are Media servers, which let you expand the amount of disk space available for backups. However, you can install multiple Master servers in a deployment.
When you configure an appliance as a Master server, you can configure the internal storage into either Deduplication storage (the default) or AdvancedDisk storage. Unless you have a specific need, I recommend you use the default option.
After you've entered the configuration information, the appliance performs the initial configuration and prepares the internal storage. This can take quite some time. During testing, my laptop went to sleep due to inactivity while the device was being configured. This caused the initial configuration to fail, and I had to start over after turning off the power-saving functionality on my laptop.
Once the initial configuration is complete, you can use a web browser to connect to the appliance using your network's IP address. Note that not all browsers are supported. Your web browser needs to run Microsoft Internet Explorer (IE) 7.0 or later or Firefox 3.0 or later. Also note that you'll run into problems when connecting to the appliance if IE is configured to use enhanced security.
Configuring the Management Console
The next step is to install and configure the management console on a management workstation. The installation software for the management console is hosted on the appliance's home web page. There are versions for a variety of OSs, including Windows (32-bit and 64-bit versions of Windows XP and later), Mac OS, and HP-UX. On Windows, you must download and extract the management console installation package from a .zip file. The installation must be performed by a member of the local group Administrators. In addition, by default, any member of the local group Administrators will be able to manage the appliance using the management console. For these reasons, make sure that your management workstation is physically secured, uses a static IP address, and doesn't rely on DHCP for address assignment. When installing the management console, you'll be prompted to enter a license key-a prompt that you can ignore. Simply select Remote Administration as the installation mode. Both the management console and the backup software will then be installed on the computer.
After I installed the management console, I wasn't able to get it to connect to the Master server appliance. Through trial and error, I found out that there is another step, which isn't documented anywhere. You have to use a browser to connect to the appliance and add the name of the management workstation to the appliance as a server on the Appliance tab of the Manage page.
As Figure 1 shows, the management console appears as a dense, confusing tool with a wide variety of options to the uninitiated. It isn't well laid out and will likely seem daunting to any user who doesn't use it frequently.
Configuring the NetBackup Software
Before any system can be backed up, the NetBackup software on the appliance must be configured. The first time you launch the management console, a wizard walks you through a set of tasks to manage storage, create catalogs, and configure backup and restore policies.
Backups are done by policy, not per backup client, so you must assign clients to backup policies before they can be backed up. (You might also need to specify information such as credentials to connect to devices and server applications during backup operations.) A client can be in one or more backup policies, so if a server with multiple applications is a backup client, you can back it up several ways to ensure that no data is missed. It's during this configuration process that you start to see the power and flexibility of the NetBackup software. For example, you can configure policies that allow end users to perform their own backup and restore operations. In addition, multiple client OSs are supported.
Any client you want to back up must have the NetBackup client software installed on it. On Windows systems, the easiest and most reliable way to
install the software is to map the share \\
Backing Up and Restoring Clients
Backup administrators can use the management console to schedule backups or perform one-time backups. Although backups are done by policy (and not per client), you can select one or more clients in a policy and back up just those.
The client software includes a client application. Despite being an old-style multiple-document interface (MDI) application, the Windows client application is powerful. It lets you manage different backup and restore operations simultaneously. You can even prepare a backup client for a bare-metal restore if you have to rebuild it from scratch. End users can also use the client application to back up their drives, folders, files, machine state, and even data stored in applications such as email systems (assuming they have the permissions to do so). Before a client can be backed up, it must be assigned to one or more backup policies on the appliance.
During testing, I ran into another problem. The Linux OS that the NetBackup appliance uses supports Multicast DNS, so every lookup of a Fully Qualified Domain Name (FQDN) that ended in .local failed. Only after searching the Symantec support site did I find a solution. The solution requires that you use the Linux command line on the appliance to turn off Multicast DNS or instead use the local /etc/hosts file on the appliance for name and address resolution. However, the latter approach could become unwieldy in environments with hundreds of servers. Plus, you must use the web interface or command line on the appliance to add entries to the local /etc/hosts file. I spoke with a Symantec representative about this, and he recognized it was an issue and said steps would be taken to correct it, even though it's not a problem with the NetBackup software itself.
Restoring files is a breeze for end users and administrators. Using the client software, end users can simply select the desired backup file from the set of available backups and select the folders and files to restore. I found the restore operation to be extremely fast. Administrators can restore files to their original location, a different location, or even a Virtual Hard Disk (VHD). This last option is extremely powerful, as you can then mount the VHD onto a virtual machine (VM).
The NetBackup 5220 appliance supports virtualization, which is where NetBackup truly shines. You can back up VMs on Microsoft Hyper-V and VMware vSphere Hypervisor (formerly VMware ESXi) hosts without the need to install the NetBackup client software on the VMs, as long as the software is installed on the host.
NetBackup uses the Volume Shadow Copy Service (VSS) on Hyper-V hosts and vStorage on VMware hosts. This means that the virtual disks associated with the VMs must be on storage disks attached to the server. If you use iSCSI or physical disks for VMs' hard drives, you'll need to install the NetBackup client software on the VMs.
A Great Appliance Overall
NetBackup 5220 is a great appliance designed for enterprise data center use. However, it's also well suited for remote offices and as a supplement to existing NetBackup solutions that require additional backup capacity. Organizations that use virtualization heavily might also want to look at the NetBackup appliance as a solution to their backup requirements.
I believe that the problems I ran into installing, configuring, and using the appliance are edge cases that you'd expect a support team to have to deal with. I would certainly encourage large and midsized enterprises to seriously consider the NetBackup appliance if they need to build a backup infrastructure or supplement an existing one.
Symantec NetBackup 5220