none
How can I access a DPM 2010 partition to scrub it? RRS feed

  • Question

  • We are sometimes required to destroy data that is found on our network.  This includes the original data, all known copies of the data, backup tapes and we must scrub near-line backups 7 times.

    I have not found a way to get at a partition without returning it to white space.  The problem here is that scrubbing the amount of white space we maintain would exceed the time limit for the cleanup.

    Is there a known method?

    Thank you in advance.

    Wednesday, June 16, 2010 4:50 PM

Answers

  • Hello,

    There is no way via DPM configuration to scrub the space 7 times within the storage pool.
    I will research this further to see if there is another way for you to accomplish this.

     

    Thanks
    Shane

    Friday, August 20, 2010 2:09 PM
  • Hello,

    There is no way via the DPM console to scrub the space 7 times within the storage pool. I have seen to where others would keep such data on customer volumes and then if needed use 3rd party utils to perform an erase 7 times.

    Thanks
    Shane

    Wednesday, September 15, 2010 3:45 PM

All replies

  • Hello,

    There is no way via DPM configuration to scrub the space 7 times within the storage pool.
    I will research this further to see if there is another way for you to accomplish this.

     

    Thanks
    Shane

    Friday, August 20, 2010 2:09 PM
  • What I do requires a bit of advance planning so it may not help much right now.  FWIW, I start by placing potentially scrubbable (PS) data on separate partitions as much as possible on the original servers.  Then place all the PS data into separate protection members from the rest of the data (non-PS), and place the separate classes of data into separate protection groups (one PG for PS, one for non-PS).  I use an iSCSI SAN for DPM replica and recovery point storage, but I start by partitioning the SAN space into two distinct RAID arrays.  For us the non-PS data is larger and I allow DPM to manage storage on the larger RAID array.  I create custom volumes on the second RAID array for all members of the PS PG.  Life would be much easier if DPM supported one or more storage pools for each PG, but that suggestion didn't make the last cut for DPM 2010.  DiskPart requires caution to use, but it does work to extend volumes when needed.  When there is a need to scrub data I replace the drives comprising the RAID array holding the PS storage and start recreating the replicas.  The original drives can then be cleaned off line.  Tapes are a bit more of a challenge.  You need to use separate logical tape libraries for the different protection groups to keep the data separate.  Otherwise, use the DPM tape reports to follow where all the PS data went since the date you need to recover back to.  I don't know of any way to scrub tapes so we destroy and replace them.  Obviously, do not co-locate different protection groups onto the same physical tapes.  At least that way you can keep the number of tapes to destroy to a minimum.  If you use D2D2T for your tapes you will really need to partition the disk space for the virtual tapes to each virtual tape library.  Alternatively, the disks holding the virtual tapes can be removed and scrubbed offline and tape backups redirected temporarily to the physical tape library.  Not as fast but it works.  DPM needs a way to assign tape library partitions like Backup Exec does, and then assign specific protection groups to specific library partitions.  Having a vendor supplied backup product has a number of advantages, but security cleanup obviously wasn't a concern when designing DPM.

    Bottom line is to keep the PS data as small as possible and always know where it is physically located.  Keep spare drives on hand to replace storage quickly to get back up again, and scrub the original drives offline.  This will leave a window of partial vulnerability when you replace drives until the new original replicas are created.  At that time only the older tape backups are available. It's the best design I could come up with using DPM at present though.

    Saturday, August 21, 2010 3:34 AM
  • Hello,

    There is no way via the DPM console to scrub the space 7 times within the storage pool. I have seen to where others would keep such data on customer volumes and then if needed use 3rd party utils to perform an erase 7 times.

    Thanks
    Shane

    Wednesday, September 15, 2010 3:45 PM
  • I am closing this thread. Please reopen if this does not address your problem. 

     

    thanks,

    Parag Agrawal

    This posting is provided "AS IS" with no warranties, and confers no rights.

    Monday, September 20, 2010 9:46 AM
    Moderator