The Challenges and Benefits of Virtualization Protection

Last week, my article in Windows IT Pro on “Virtualize Everything” stimulated a rather wide range of banter:

  • A few folks pointed out that some servers should not be virtualized, such as some DNS, Active Directory domain controllers, and perhaps the management system that controls your hypervisor infrastructure. Those folks are correct—there absolutely are logical exceptions and “everything” is an intentional exaggeration. But hopefully, we as an IT industry are getting continually closer to server virtualization being the defacto method for server provisioning and management, except where an exception is reasonable.
  • One reader accused my article of being poorly veiled marketing, such that by following my advice to virtualize more, folks would have to buy my backup product. But considering that I didn’t mention any backup products nor do I directly represent any product but actually the industry overall, he’s half right. Aside from being woefully boneheaded in misjudging my motivation, modernizing your server infrastructure around as much server virtualization as possible will likely force you to reconsider your data protection mechanism(s).
Virtualization alone is not a silver bullet for IT overall, nor for data protection. In fact, in ESG’s Trends in Protecting Highly Virtualized Environments report, five of the top six most-cited challenges related to protecting virtualized infrastructure were “visibility” related—meaning that without the proper tools (within the hypervisor, management framework, and/or VM-savvy backup solution), the abstraction of which physical hosts, storage, and networks that your newly provisioned VMs run on can make data protection significantly more challenging, particulary to assess the success of backups and the performance of protection or ensure the success of restores.


So yes … if you are using legacy management tools and a legacy approach to backups that treat VMs as physical servers, then protecting a modern private cloud or software-defined data center (SDDC) can be daunting. Said another way, when you are 20-30% virtualized, you can likely use any mediocre approach to backups that you can tolerate. But when you are 50% … 65% … or 80% virtualized, you need to embrace data protection tools that are designed with host-based protection in mind for backups, snapshots, and replication. The tools may be VM-specific (e.g., Veeam, vRanger, PHD, VPDA) or built for a unified approach to data protection (e.g., Networker 8, Backup Exec 2014, NetBackup 7.6, Simpana 10) that still leverages modern hypervisors’ APIs for reliable backups.

Sidenote: While I don’t often reference products and versions in my blogs, I did today for two reasons: 

  1. To demonstrate to the cyber-basher that I’m not a shill for any particular product  :-P
  3. To point out that the latest releases (hence the version numbers) of some of the enterprise-unified solutions utilize the same vStorage and VSS APIs that the VM-specific solutions use (to various degrees per product). Older versions of some of those products didn’t, which is one reason why the VM-solutions have been successful.

Here is what I hope you take away from this: 

  • Virtualized production servers are easier to protect and offer a wider range of recovery options than physical servers—so virtualize as much as you can so that you can gain increased agility for your production resources.
  • Be sure to modernize your protection capabilities as you modernize your production infrastructure so that your legacy approach to protection doesn’t hinder your new infrastructure investments.

As always, thanks for reading.

Topics: Data Protection