From IBM presentation on 10/06/2009. With Reference to UCI’s Backup Evaluation criteria
TSM is a very mature (15yrs old), well-supported, sophisticated, enterprise-level backup architecture that can do both disk-based and tape-based backup and archiving. It’s special strengths are in tape backup and Hierarchical Storage Management (HSM).
It can do cross-site peering to allow one site’s backup to be backed up to another site. I believe that UCOP and UCLA are using TSM to do this.
Already in use by other UC campuses, so there is some in-UC expertise.
It does incremental forever backup, doing a single full backup then relying on client-side journaling and incremental backups to provide data on which data needs to be backed up.
It uses policy-based backup, which should be fairly easy to institute.
It has both CLI and a Web-based (Java) administrative interface so is available from everywhere.
supports NDMP backups (but would require NDMP licenses from NetApp, which we don’t use)
There are extra-cost add-ons to support instant backup aka "Continuous Data Protection" (Windows and Linux). Any file change is immediately synced to a server (like some web-based services like MozyPro, boxbackup).
Can use our existing Data Domain hardware or use the built-in de-dupe technology (in Extended Edition)
man optional, extra cost modules for backing up DB2, Oracle, MSSQL, Exchange, SharePoint, Active Directory servers (MySQL?, PostGreSQL?)
HSM options allow for active versions rather than retrieving from tape.
claims bare metal restores from Win, Lin, AIX, HP, AIX, but not MacOSX
generates Disaster Recovery Management Plan with each backup (in Extended Edition).
client-side file journaling to speed backup time (no need for at-backup eval)
allows fully open (or closed) registration but not by any internal filtering by IP#, net, domain name, etc. (could be done with firewall).
client-side include/exclude lists
open file backup for windows via VSS.
supports DHCP clients, off-site clients (backup/restore from Germany)
supports http://www-01.ibm.com/software/tivoli/products/storage-mgr/platforms.html?S_CMP=rnav [wide range of clients] including [Virtualization on VMware, HyperV, and Citrix].
supports a wide range of storage devices, especially tape dvices and libraries (but we’re not going to be using those)
Cannot re-use existing Networker backups.
It does not natively support encryption to tape, relying on the tape hardware to do the encryption.
It does not support encryption only over the wire (encrypting on the client, decrypting on the server, then dedupe to compact storage). Data is either encrypted from client or not. If it’s encrypted, then it can’t be decrypted on server to dedupe.
It relies on client-side file-journaling to determine what files to back up.
May be very expensive. Charge per-cpu for TSM server, client 'servers (mail, db, other), but no per-CPU charge for client machines regardless of CPUs. On web site, one estimate is $70/client. See here for explanation of Processor Value Unit, used to calculate the cost.
Proprietary formats. Need TSM to restore any backups (as opposed to Zmanda/Bacular/BackupPC which store files in an open format, so you can restore the files in the absence of the storage software (but since we’re not interested in tape formats, this is not critical).
Special advantages for tape and HSM storage (but we’re not going to use tape storage anymore? Are we?)
Device-level tape encryption depends on hardware to recover files (but we’re not interested in tapes..?)
requires proprietary client software (as opposed to simply rsync, for example).
requires client-side involvement to install and update client software
Licensing is complicated, somewhat a la carte, per CPU-class (Standard, Extended edition, CDP, etc, leading to confusion, underestiamtes of actual pricing, and cost creep as we have to add more and more licenses to the mix.
Client initiated backups and restores or only policy-based?
cost vs Zmanda? or other commercial vendors?
List of people who have used TSM to restore from actual disasters.
can it back up encrypted filesystems?
May be a good choice for large, very important servers on very tight shedules, with tape backup.
Less certain about wider client deployment, especially if we’re not going to use tape.
This admin oversees an installation of 1 P-5 series AIX TSM server backing up about 112 Windows servers. It uses a 5TB disk pool on a NetApp device, and an 8-drive IBM 3584 tape robot with 500 slots. It was installed in 2006 and the total cost including software, hardware, consulting, and maintenance has been about $500K. This is for a Medical Center, which has requirements that are quite different from a Research University. They distribute some critical data to UCOP and to SDSC for Disaster Recovery via ..?
The TSM server can be either Windows (not recommended) or AIX (possibly Linux). The AIX hardware is quite expensive and of course AIX training is required on top of the other training. He took 1 week of installation training and would recommend that the admin take at least 3 weeks of training.
They do client-side encryption, which essentially eliminates compressibility. All compression is done on the AIX server (don’t use external de-dupe hardware)
The main interface he uses to control the system is a character-based screen UI, altho the latest version of TSM has GUI that may be easier to use.
They use TSM to back up Exchange servers (~1/2 of a usual daily backup of ~4TB), Sharepoint, SQL servers, and many custom medical applications.
They had to have special consultants to enable permanent storage, to comply with the UCOP edict for archiving. TSM was not able to do that natively (store save sets independent of the TSM system).
They are backing up Virtual Servers, but only as regular servers, using the common interface, so it’s quite slow. TSM has a better way of storing the virtual images, but they haven’t converted to it.
Disaster recovery is possible from bare metal, but is much slower than installing a base OS and restoring from backups (seems to be a feature to address a sales point, rather than a real time saver). Regular restores are also dependent on what the activity is on the tape drives, so if backups are going on and they need data from a month ago, it will have to be queued to restore when a drive becomes empty.
Clients can initiate their own restores, but they mostly don’t back up Desktops, except shares stored on servers.
Since their installation is almost 4 years old, they are going to have to upgrade the hardware (possibly to an offsite Virtual Tape Library) and are dreading that changeover. Changing underlying hardware is extremely non-trivial.
UC Berkeley has implemented TSM for their entire campus under the name UCBackup. They have a fairly good web site describing how it works, what it covers, and what it costs. They are supplying TSM for Desktops as well as servers. Note that it requires the 3 staffers, altho they may have other duties.