Seven Tiers of Disaster Recovery

Seven Tiers of Disaster Recovery Solutions

The goal of any disaster protection planning is to protect the most business-critical processes and minimize unplanned downtime. Keep in mind that all planning for any type of a disaster-tolerant solution is always subject to balancing the solution versus the downtime versus the cost.

The recovery time of any of the Seven Tiers of Disaster Recovery solutions is very much dependent on the following:

• Recovery time for the data availability
• Recovery of the IT infrastructure
• Restoring the operational processes
• Restoring the business processes

A breakdown of the seven tiers
In 1992, the SHARE user group in the United States, in combination with IBM, defined a set of Disaster Recovery tier levels. This was done to address the need to properly describe and quantify various different methodologies for successful mission-critical computer systems' Disaster Recovery implementations. Accordingly, within the IT Business Continuance industry, the tier concept continues to be used, and it is very useful for describing today's Disaster Recovery capabilities. They need only to be updated for today's specific Disaster Recovery technologies and associated RTO/RPO.

The Seven Tiers of Disaster Recovery solutions offer a a simple methodology of how to define your current service level, the current risk, and the target service level and target environment.

Tier 0 - No off-site data
Businesses with a Tier 0 Disaster Recovery solution have no Disaster Recovery Plan. There is no saved information, no documentation, no backup hardware, and no contingency plan.
Typical recovery time: The length of recovery time in this instance is unpredictable. In fact, it may not be possible to recover at all.

Tier 1 - Data backup with no Hot Site
Businesses that use Tier 1 Disaster Recovery solutions back up their data at an off-site facility. Depending on how often backups are made, they are prepared to accept several days to weeks of data loss, but their backups are secure off-site. However, this Tier lacks the systems on which to restore data.

Examples of Tier 1 Disaster Recovery solutions:
Pickup Truck Access Method (PTAM), Disk Subsystem or Tape-based mirroring to locations without processors, IBM Tivoli Storage Manager

Tier 2 - Data backup with a Hot Site
Businesses using Tier 2 Disaster Recovery solutions make regular backups on tape. This is combined with an off-site facility and infrastructure (known as a hot site) in which to restore systems from those tapes in the event of a disaster. This tier solution will still result in the need to recreate several hours to days worth of data, but it is less unpredictable in recovery time.

Tier 2 Disaster Recovery solutions:
PTAM with Hot Site available, IBM Tivoli Storage Manager

Tier 3 - Electronic vaulting
Tier 3 solutions utilize components of Tier 2. Additionally, some mission-critical data is electronically vaulted. This electronically vaulted data is typically more current than that which is shipped via PTAM. As a result there is less data recreation or loss after a disaster occurs.

Tier 3 Disaster Recovery solutions:
Electronic vaulting of data, IBM Tivoli Storage Manager - Disaster Recovery Manager

Tier 4 - Point-in-time copies
Tier 4 solutions are used by businesses that require both greater data currency and faster recovery than users of lower tiers. Rather than relying largely on shipping tape, as is common in the lower tiers, Tier 4 solutions begin to incorporate more disk-based solutions. Several hours of data loss is still possible, but it is easier to make such point-in-time (PIT) copies with greater frequency than data that can be replicated through tape-based solutions.

Tier 4 Disaster Recovery solutions:
Batch/Online Database Shadowing and Journaling, PPRC-XD, FlashCopy, FlashCopy Manager, Peer-to-Peer Virtual Tape Server, Asynchronous Cascading PPRC, IBM Tivoli Storage Manager - Disaster Recovery Manager, eRCMF, iSeries IASPs with FlashCopy

Tier 5 - Transaction integrity
Tier 5 solutions are used by businesses with a requirement for consistency of data between production and recovery data centers. There is little to no data loss in such solutions; however, the presence of this functionality is entirely dependent on the application in use.

Tier 5 Disaster Recovery solutions:
Software, two-phase commit

Tier 6 - Zero or little data loss
Tier 6 Disaster Recovery solutions maintain the highest levels of data currency. They are used by businesses with little or no tolerance for data loss and who need to restore data to applications rapidly. These solutions have no dependence on the applications to provide data consistency.

Tier 6 Disaster Recovery solutions:
PPRC, XRC, GDPS/PPRC Storage Manager, Peer-to-Peer VTS, Asynchronous Cascading PPRC, PPRC Migration Manager, eRCMF, GeoRM, AIX Logical Volume Mirroring, iSeries IASPs with PPRC

Tier 7 - Highly automated, business-integrated solution
Tier 7 solutions include all the major components being used for a Tier 6 solution with the additional integration of automation. This allows a Tier 7 solution to ensure consistency of data above that of which is granted by Tier 6 solutions. Additionally, recovery of the applications is automated, allowing for restoration of systems and applications much faster and more reliably than would be possible through manual Disaster Recovery procedures.

Tier 7 Disaster Recovery solutions:
GDPS/PPRC, GDPS/XRC, GDPS/PPRC with Open LUN Management, GDPS/PPRC with HyperSwap, HACMP/XD, ESS support of GDS for MSCS, iSeries High Availability Business Partner software

Selecting the optimum Disaster Recovery solution
It is important to understand that the cost of a solution must be in reasonable proportion to the business value of IT. You do not want to spend more money on a Disaster Recovery solution than the financial loss you would suffer from a disaster.

Based on the following objectives it becomes relatively simple to decide, as a business, which solution to select according to how much you can afford to spend and the speed at which you need your data recovered. The quicker the recovery the higher the cost:

• Recovery Time Objective (RTO): How long can you afford to be without your systems?
• Recovery Point Objective (RPO): When it is recovered, how much data can you afford to recreate?
• Degraded Operations Objective (DOO): What will be the impact on operations with fewer data centers?
• Network Recovery Objective (NRO): How long to switch over the network?

A recovery solution must then be defined by making a trade-off among implementation costs, maintenance costs, and the financial impact of a disaster, resulting from performing a business impact analysis of your business.