Instant Rant on Instant Restores Using De-Dupe Appliances

Wendt This article, published on January 12, 2023, was written by Jerome M. Wendt, president and founder, DCIG, LLC.

An Instant Rant on Instant Restores Using Deduplication Appliances

Every now and then a phrase shows up in the tech industry that may hurt more than it helps. ‘Instant restore’ represents one of those terms. In my mind, the word ‘instant’ implies ‘occurs in a moment.’ In practical terms, from a technical perspective, that translates into a few seconds or perhaps up to a minute or two. However, too many de-dupe appliance providers use the phrase ‘instant restore’ to describe a feature of their product. Unfortunately, the use of this term may leave organizations with the impression these products instantly restore more swiftly and robustly than they do.

Defining an instant
Covering enterprise data protection in my role working at DCIG, the phrase ‘instant restore’ shows up in my research. The use of this phrase has gained momentum as organizations look to quickly (i.e. instantly,) recover from a ransomware attack.

De-dupe appliance providers may describe and position their data protection product as possessing ‘instant restore’ capabilities. This resonates with their current and prospective clients for obvious reasons. After all, what organization does not want to instantly restore its data when a ransomware attack compromises it?

To meet their customers’ desire for rapid recoveries, most de-dupe providers have started using ‘instant’ to describe their product’s capability. Unfortunately, and too frequently, organizations may find the provider’s definition of ‘instant restore’ does not match their definition.

In a best-case scenario, an ‘instant restore’ takes minutes to complete. In a worst-case scenario, an instant restore may take an hour or hours to complete. Adding to the aggravation in quantifying ‘instant restore’ times, few providers publicly share any documentation about their restore times.

Absent any hard data, I support providers describing their product restore times as “fast”, “quick”, or “rapid”. However, for them to describe them as “instant” seems a stretch to me.

Instant restore ≠ instant recovery
Organizations should also take heed they do not confuse ‘instant restore’ with ‘instant recovery.’ The instant restore feature promoted on these products may only offer prompt access to their de-duped data stores. An instant recovery of de-duped data represents a different feature.

A restore may only grant read-only access to the needed data hosted on the de-dupe appliance. In contrast, recovery implies restoring the de-duped data to a state that the application or user can recognize and use.

An instant restore of de-duped data usually comes with no such recovery guarantee. Even if a de-dupe appliance provides ‘instant restore’ capabilities, the data it restores may not be fully recovered or usable.

It gets worse
Organizations should also temper their ‘instant restore’ expectations in other ways as well. On first blush, an organization may assume a de-dupe appliance’s ‘instant restore’ capabilities apply to all data hosted on it. That assumption would be wrong.

For instance, one provider only offers instant access. (it does not use the term ‘restores’) for up to 64 VMs hosted on its de-dupe appliance. If the data an organization needs does not reside on those 64 VMs, it should not assume it can access it. Even in the case where an organization needs to instantly access any data on those VMs, it must deploy a beefy de-dupe appliance.

Another provider, to its credit, grants instant access and restores of all recently completed backups stored on its de-dupe appliance. On the surface, that sounds perfect. However, what if an organization needs to instantly recover any data older than the most recently completed backup? Then data access and restore may not be so ‘instant.’

Organizations may also uncover that to instantly restore de-duped data may require them to first complete an extensive checklist. They must validate the current versions of the backup software, operating systems, NFS settings, and VMware vSphere configurations.

Even then, organizations may only achieve “acceptable” performance with a small number of VMs (the provider’s words, not mine.)

It’s time to demand faster restores using de-dupe appliances
It’s easy to sit behind a keyboard and rant about the difficulty of performing instant restores from de-duped data. For better or worse, organizations originally asked de-dupe appliance providers to deliver high de-dupe rates. They largely achieved that goal. At the time, few organizations cared or asked about instantly restoring de-duped data from these appliances.

Ransomware has changed all this. The same algorithms these providers use to achieve high de-dupe rates now contribute to the difficulty of performing fast restores.
Organizations, and the providers themselves, must demand faster restores from these de-dupe appliances for them to remain relevant going forward. De-dupe appliances that do not deliver fast restores going forward may not have the same value in organizations going forward. In their stead, organizations should look for de-dupe appliances that take requirements for faster recoveries into account. DCIG has already identified QoreStor, a de-dupe solution from Quest, that delivers these faster restores from de-duped data that organizations need.