Intelligent Infrastructure controls

On this page:

Business continuity

The Intelligent Infrastructure (II) supports stretched clusters, an active Data Center deployment model in which a logical cluster contains two or more host servers in different locations. Stretched clusters use a failover process that significantly improves disaster preparedness. If one server fails, the virtual machines it hosts will automatically restart on another server either in the same location or at a secondary location, reducing downtime. The components required to enable stretched clusters include synchronously replicated storage, common network infrastructure, and sufficient compute resources.

For details, see About stretched clusters in Intelligent Infrastructure.

Backups and data recovery

In the event of an unplanned widespread failure in the Data Center, II stretched clusters improve service availability and ensure that VMs recover quickly in a crash-consistent state. Stretched clusters do not replace out-of-band backup solutions such as IU's Data Protection Service (DPS).

Data Protection Services (DPS) have options for recovering a VM's files or operating system from a historical state. The DPS AllDisks backup option lets you recover a deleted file or corrupted operating system on a single VM.

It is the responsibility of the VM administrator to set levels of data protection. In Commvault, tagging indicates the level of backup protection applied to a virtual machine (VM), with daily backups, weekly backups, and no backups as options. For more, see Data Protection Services (DPS) backups and VM disk tagging.

Backup location

DPS integrates with IU's enterprise-level virtualization and SAN infrastructures to create crash-consistent snapshots of the VMs. Each VM will have copies of these snapshots stored at both IU-owned and -managed Data Centers (that is, both in Indianapolis and Bloomington), allowing for full data redundancy.

For VMs with daily or weekly backups as an option, Commvault backs up a copy to each data center. Commvault servers to process the backup and restore functions are also located at both data centers. In a disaster, either site can be used for restores.

Backup logical security controls

Storage and Virtualization (SAV) employs a central, uniform, NIST 800-30 based risk management framework (RMF) which uses NIST 800-53 security controls to address cyber risk and compliance. This is carried out in conjunction with the CACR. These include encryption at rest, encryption in flight, and rigid access controls.

Physical security controls

IU Data Center access is strictly limited to those who need it to carry out their job functions. For details, see IU Data Center standards.

Backup testing

Backup and recoveries are validated during every Commvault upgrade. Additionally, recoveries are performed for normal operational requests, which require full VM recoveries. Individual file-level recovery is performed routinely via self-service recovery operations. SAV encourages VM owners to validate self-service recovery methods as often as they see fit in order to exercise operational knowledge.

Known limitations

For operation limitations for backup and recovery, see Data Protection Services (DPS): Known limitations.

For more to help review VM protection levels, see Determine the type of data protection used for your Intelligent Infrastructure (II) virtual machines.

This is document bhnu in the Knowledge Base.
Last modified on 2022-08-23 09:09:21.