Which Data Recovery Method is ‘Best?’
The question remains: how should the data be recovered?
In this post, we outline the best recovery methods for various types of data loss, based on the unique circumstances of the event.
Not All Data Loss is the Same
Every data-loss incident is different, requiring a slightly different approach to recovery. For example, the process for restoring a single missing spreadsheet will obviously be different than restoring an entire server after hard drive failure or a ransomware attack.
That’s why today’s best business continuity and disaster recovery (BC/DR) solutions offer a range of recovery options. IT managers can choose the restore method that is most appropriate for the situation. This eliminates the risk of extended downtime and reduces the impact on systems that weren’t affected by the incident.
In that sense, there is no single “best” data recovery method. The correct question is: which recovery method is best for the situation?
With that in mind, let’s look at some of the recovery options available to you on the Datto SIRIS and when to use them.
File Restore & Volume Restore
When you only need to retrieve select data, then the file restore option will usually be the quickest and easiest way to retrieve it from a backup.
File restores are a solid option if there is no need to virtualize or conduct a bare metal restore of a device. Per Datto, the file restore option allows you to “mount the selected recovery point as a LAN-accessible Windows Samba share and as a web-accessible share.” Every user who accesses the share can tap into the full file structure.
So, when to use it? If you’ve lost a single file or maybe accidentally deleted a folder, a file restore should do the trick. Typically, it’s the best option when you know what data is missing and file permissions aren’t required.
If file permissions are needed, then try Datto’s Direct Restore Utility instead. This tool lets you mount volume restores via iSCSI from any recovery point on the Datto appliance, retaining file permissions when you transfer them from the utility back to your Windows desktop. You can also restore files touched by Windows deduplication or encryption.
Since Datto offers hybrid cloud backups, you have the option of restoring data from the local SIRIS appliance or from the Datto Cloud (in instances when the local appliance is inaccessible).
Virtualization allows you to boot a backup as a virtual machine. This provides near-instant access to not only the protected files but also the applications and operating systems on that machine. This allows for continuous operation of protected systems, so that you can continue using your critical applications through the disruption, even if a full data restore is still underway.
With local virtualization, the recovery point is locally hosted on the Datto appliance, which powers the virtualization. This provides the fastest access to your protected systems.
When should you use it? Basically anytime you need fast and full access to a protected machine. Virtualization is typically just a temporary solution, enabling your IT team or other critical personnel to maintain access to applications while a full restore is in progress.
Cloud & Hybrid Virtualization
When local virtualization is not possible, SIRIS also gives you the option to boot your backups in the cloud. Once again, this ensures the ongoing operation of a protected system, albeit powered by the computing resources of the Datto Cloud, rather than your local Datto appliance.
Hybrid virtualization is another capability of the Datto SIRIS, which relies on both the local device and the Datto Cloud. It initializes a virtual machine within the secure Datto Cloud, and then automatically connects that VM to the local network through the Datto appliance via a secure VPN tunnel.
Datto strongly recommends using local virtualization in all scenarios except when the Datto device is inaccessible. With local virtualization, you can create a Rescue Agent that will continue to take backups of your virtualization. This will simplify the restore of the original protected machine with the most recent data changes intact.
Datto also strongly recommends that you “perform virtualization tests (local and offsite) regularly, to find and fix issues before an actual disaster recovery situation.”
Rapid Rollback permits the restoration of solely the files that were altered on computers after the last backup occurred. In short, if extensive file changes occurred and you would like to reverse them, rapid rollback may be the quickest and easiest recovery method.
As an example, rapid rollback is often the best method for recovering data after a ransomware attack. It essentially undoes widespread file changes, restoring them back to their original state without reformatting or re-partitioning the target hardware.
In addition to ransomware, Rapid Rollback is also an ideal approach for:
- Restoring uninstalled software
- Restoring damaged system files
- Undoing widespread file changes of any kind
Bare Metal Restore (aka Full Machine Restore)
What happens when you’ve lost large amounts of data from a server that is no longer booting? In situations like this, a bare metal restore may be needed.
The bare metal restore approach, or BMR for short, relies on a recovery point to fully re-image the computer, returning it to its prior state of operation. This option is preferable in situations where the production machine’s operating system cannot be repaired, and you need to restore it to a previously backed-up state.
Prior to the BMR, Datto recommends that you first virtualize a recovery point. There are 3 advantages to this process: 1) instant access to the protected machine, 2) it ensures that the recovery point can virtualize, and 3) it allows you to identify any problems with the recovery point right away, as opposed to finding them in the middle of the BMR process.
If the protected machine is a virtual server, then you’ll want to do an image export instead …
The export image option allows you to export your chosen recovery point to Microsoft Hyper-V or vSphere Hypervisor. It is also possible to export to a network share or even a USB drive. As long as your machines are Windows/Linux protected, export image is a viable option.
When to use it? Consider an image export when you need to recreate a virtual machine from a previous backup completely, or in situations where a protected machine’s physical hardware has failed and you want to return it to production as a virtual host.
The ESXi upload transmits data to a specific restore point by way of a connected ESXi host through the VMware Converter. This option is ideal for those who want to use the ESXi host for processing power and also in the form of a datastore.
The magnitude of the datastore determines the amount of time necessary for the transfer. Once the transfer occurs, there is no disk I/O burden on the SIRIS. Nor is there any need for a certain level of bandwidth between the ESXi host and SIRIS. This can improve the performance of the virtualization, as Datto explains, “The datastore uses thick provisioning on the ESX host, which increases the speed of the virtualization.”
iSCSI Restore or Rollback
The iSCSI restore option is available to those who would like to restore an iSCSI file share in the form of an iSCSI target. If you would like to attach a file restore to the production machine in the form of a logical volume, ensuring the file permissions remain intact, iSCSI is a viable option for data recovery.
Alternatively, the iSCSI Rollback option allows you to essentially “roll back” the iSCSI share hosted on the Datto appliance to a prior recovery point. Keep in mind that all data added following your selected recovery point is erased.
The iSCSI rollback option should only be considered if irreparable harm has been caused to the NAS share, such as in a ransomware infection where there have been extensive file changes.
External NAS: File Restore Featuring NTFS Permissions
This recovery option is ideal when you need to restore an externally-hosted NAS share with its file permissions intact.
The contents of your chosen point for recovery are shared across the network in the form of an iSCSI target. The folders and files within the recovery point are restored with the attributes they had at the point that the snapshot occurred.
If you don’t need file permissions preserved, then you can also use the standard External NAS File Restore option, which allows you to mount a selected recovery point as a LAN-accessible Windows Samba share and as a web-accessible share.
Microsoft Data Recovery
The Datto SIRIS offers additional recovery methods that are specially designed to aid the recovery of Microsoft Exchange data, SQL data and Active Directory.
Each method has its own recovery steps and leverages Kroll Ontrack PowerControls to ensure the fastest possible restore of Microsoft data.
Full Off-Site Data Restore
If you need to bring all your data back onsite from the Datto Cloud, you can take one of two routes. If the restore in question is comparably small and there is ample bandwidth to receive the restore without delay, Datto Technical Support can help transfer the data back to your Datto device.
If the restore is large, you’ll need to request Datto’s Reverse Round Trip drive. With this approach, Datto will copy all your data from its datacenter onto a portable drive, which will then be mailed to your location.
Contact Us for a Free Demo
Take a closer look at the Datto SIRIS and see how it can protect your organization from a data-loss disaster. Request a free demo or speak to our business continuity experts at Invenio IT today. Call (646) 395-1170 or email success@invenioIT.com for more information.