Protection groups in Data Protection Manager

System Center Data Protection Manager (DPM) is a Microsoft backup solution. The configuration of this backup solution is based on Protection Groups. A protection group contains several data sources that share same configuration such as backup duration (Short-term or Long-term), retention range etc.

DPM can store backup on disk (disk-to-disk or D2D), on library tape (disk-to-tape or D2T) or on Windows Azure (disk-to-cloud or D2C). These supports can be mixed for high availability: so it is possible to perform D2D2D backup or D2D2T etc. The latest best practice about backup is called 3.2.1 and says that:

  • Perform 3 backups.
  • On 2 different support.
  • Store replica on 1 remote site.

This article is focusing on short-term protection with D2D support to explain protection group (and because I do not have a library tape J).

Disk-to-Disk protection process

When you create a protection group, an initial replica of data protected is created. Then the DPM agent tracks every change on data sources to transfer modification to replica, block per block though DPM server. That means that only changes are synchronized. Then a recovery point is created from the synchronized replica. A recovery point is a point in time from which you can perform a recovery of your data. The scheduling for recovery points creation is configurable.

To synchronize the replica, there are two ways in DPM: the synchronization and the express full backup. The synchronization tracks journal change in the Operating System or in applications and transfer only modification block per block. On express full backup, a full volume shadow copy is created but only changes are transferred. Some applications don’t support the synchronization (such as SQL Server in Simple Recovery Model) so the express full backup is very useful in this case.

Data protected by DPM

DPM can protect Microsoft Exchange, SQL Server, Hyper-V (and virtual machines), SharePoint, File Servers and System State. Thanks to System State protection, Active Directory databases can be saved (including AD DS, AD CS and AD LDS). To finish, DPM can protect and recover a machine as a Bare-Metal. That means that if the machine is broken and need a recovery, this last not need the DPM agent to be restored.

Protection group parameters

Protection group type

This setting defines which kind of machines is saved: Servers or Clients. The Server type is used to save file servers or application servers. You can save SQL databases, files, Hyper-V virtual machines, system states etc. Client type enables to save workstations (laptops or desktops).

Group Members

This setting defines the collection of data sources that you backup. Because that data sources share the same configuration in a protection group, these last are usually the same kind of data. For example to backup Active Directory, a protection group will be created to save system state of domain controller. In this example, the system state is the data source.

Data Protection Method

This is here that you choose short-term or long-term protection. When you choose short-term protection you can select the backup support (disk, tape or cloud) while when you select long-term protection you have to own a tape library.

Protection goals (Short-Term)

In this section you can define the retention range, the synchronization and full express backup frequency for files data and application data.

Protection group preparation table

Below an example of how to prepare your short-term protection groups:

Parameter Description Value
Name Protection group name DATABASES
Type of data Files or applications data Applications data
Backup supports D2D, D2C, D2T, D2D2D etc. D2D
Data Source Definition of data saved Databases on VMSQL01
Retention Range How many time you keep your Recovery Point ? 7d
Recovery Point Recovery point creation scheduling Based on Synchronization frequency
Synchronization frequency Synchronization frequency scheduling 15mn
Express full backup frequency Express full backup scheduling 20 :00 every day

I have based the recovery point on the synchronization frequency because in this example, databases support incremental backup using transaction logs in MSSQL. If your databases don’t support incremental (log shipping or Simple Recovery Model), synchronization cannot be used and Express full backup frequency should be increased.

On next section I will implement a protection group based on this table.

Protection group example: MSSQL databases backup

To create a Protection Group, click on Protection tab and select New. I assume that you have created a storage pool in DPM before performing the protection group creation.

To backup MSSQL databases, select the protection group type called Servers.

Then I select databases that I want a backup on my SQL server called VMSQL01. Once data sources are selected, they appear in Selected members list.

Next, type your protection group name and select the protection method. Here I want to perform a D2D backup and a short-term protection.

Then choose your short-term goals. In the below example, I synchronize the replica every 15mn and I create the recovery point every synchronization. An express full backup is performed every day at 20:200. To finish the retention range of recovery point is set to 7 days.

On the next screen, set the disk allocation. You can enable the auto grow of your replica volume and choose to co-locate data.

Next choose when you want to create the initial replica.

Then choose when to run a consistency check: only when a replica becomes inconsistent or on scheduling. The schedule method adds more CPU workload.

Once the protection group is created, the initial replica is created for each data source.

Below, the ReportServer database is protected by a replica and 3 recovery points have been created.

About Romain Serre

Romain Serre works in Lyon as a Senior Consultant. He is focused on Microsoft Technology, especially on Hyper-V, System Center, Storage, networking and Cloud OS technology as Microsoft Azure or Azure Stack. He is a MVP and he is certified Microsoft Certified Solution Expert (MCSE Server Infrastructure & Private Cloud), on Hyper-V and on Microsoft Azure (Implementing a Microsoft Azure Solution).

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Check Also

Monitor Data Protection Manager with SCOM

System Center Operation Manager (SCOM) is able to monitor Data Protection Manager. SCOM enables to ...

Use a dedicated network for Data Protection Manager

Make a backup consumes a lot of bandwidth especially when Bare-Metal protection is used. This ...

Restore a server with Bare-Metal Recovery protection in DPM 2012R2

Bare-Metal Recovery (BMR) enables you to make a full protection of a machine. Usually BMR ...