Tech Tripp is a platinum partner with EMC’s Mozy Pro / Mozy Enterprise. EMC is the world’s largest data backup provider – backing up more Fortune 500 companies than any other.
ESG-Global a global advisory firm using IT market research, hands-on lab validation, and expert IT analysis to turn insight into action, recently thoroughly tested and reviewed Mozy’s Professional and Enterprise offerings.
Here is what they found: http://www.esg-global.com/lab-reports/mozyenterprise-secure-efficient-cloud-based-backup/
Most large organizations have on-premises backup solutions, but for many, building and managing another data center for remote backup and disaster recovery is expensive, and often beyond their financial and operational capabilities. For this reason, cloud-based backup solutions are gaining popularity because they offer reliable data protection while offloading CAPEX and OPEX to a provider. ESG research demonstrates that organizations implementing cloud solutions are enjoying significant benefits. In a recent survey, respondents indicated that reducing IT infrastructure costs was the top benefit, with 41% of respondents citing it. Other top-five most chosen benefits included reducing the costs of IT staffing and power/cooling, reducing IT complexity, and improved user productivity (see Figure 1).
MozyEnterprise is a remote backup solution designed for enterprise organizations. MozyEnterprise backs up files and other mission-critical data such as Microsoft SQL Server and Exchange from Windows and Macintosh servers, desktops, and laptops, and also supports iOS and Android mobile devices. All backups are stored in Mozy’s cloud-based infrastructures housed in multiple highly secure, fully managed data centers around the world. Backing by industry giant EMC assures Mozy customers that their data is secure and available.
MozyEnterprise includes advanced features that large organizations are seeking, such as simple per-user licensing, keyless activation, and storage pooling. MozyEnterprise delivers an enterprise-class remote backup solution that doesn’t take months to set up or demand huge payouts for space, equipment, and administrative staff. It is flexible and enables IT to easily manage large multi-user environments from a web-based administrative console.
Backup and Restore
With MozyEnterprise, the administrator sets up backup and retention policies, and lightweight Mozy agents run on the devices to be backed up. Data is encrypted and an initial backup is sent to the backup data center. After the initial backup, all backups are incremental, so only new or changed portions of files are backed up. Backups can occur according to a schedule; they can be automatically launched when certain client thresholds are reached; or they can be initiated on demand. Standard and customizable backup sets are supported, and previous versions and deleted files are retained and available for 90 days.
Backup data can be restored on the client machine with in-client software, a virtual drive, or by right-clicking on any protected file. Restore to another device can be done using Mozy 2xProtect through a local drive, physical media sent by Mozy, or via the Web. Data can also be accessed directly by mobile devices.
The client experience is simple. Users can sign in once using Microsoft Windows Active Directory (AD) credentials, and then simply select files and folders to back up automatically, on a schedule, or on demand. Configuration options and bandwidth throttling ensure optimal performance without disrupting production activities. If an administrator allows, backup settings can be customized for individual devices.
Other MozyEnterprise capabilities include:
- Advanced Security
- Data encryption—including 448-bit Blowfish and military-grade 256-bit AES options. Encryption keys can be managed by Mozy or solely by the customer.
- World-class data centers—fully staffed, with state-of-the-art security, onsite monitoring, fire detection and suppression systems, and redundant power systems.
- Third-party audits and verification—SSAE 16 audited, ISO27001- and TRUSTe-certified, Veracode AA rating, and rated for European Safe Harbor privacy.
- Active Directory Integration: single sign-on so that users with corporate credentials can access data anytime, anywhere, and IT can fully manage user services. MozyEnterprise also supports other SAML-compliant identity providers, LDAP-compliant directory services, and VMware Horizon environments.
- Mozy Data Shuttle: fully encrypted initial backup data seeding using an external drive, an option for large initial backups that eliminates sending terabytes of backup data over the wire.
- Custom Installations: options include user-assisted, background, and silent. Mozy also supports multiple software management systems.
- Pooled storage: account-based storage pools simplify provisioning, eliminating the need to assign storage by device.
- Advanced Administrative Features: IT can customize user group configurations, create sub-administrator roles, view account usage details, manage end-user settings, distribute license keys, and run reports.
- Dedicated Mozy Account Management and Around-the-clock E-mail and Phone Support.
- Mozy 2xProtect Local Backup: extra protection with synchronous backup to local external media.
- Single Instance Storage: minimizes network bandwidth for backups by only sending one copy of duplicate files.
How It Works
Figure 2 provides an overview of MozyEnterprise, with the client side represented on the left and the MozyEnterprise logical data center represented on the right.
Backup clients initiate the backup process. Each client keeps a manifest that tracks backup data, versions, and backup times. When a backup is begun, a request goes to an authentication server and, if approved, a backup token is generated. That token is then sent to the load balancer, which forwards the backup request and encrypted data objects to one of many controllers using a RESTful protocol over SSL. The controller then pings the authentication server again to ensure approval. Once the request is approved, the backup is completed using multiple storage nodes and Reed Solomon erasure coding. Data is separated into chunks and distributed among nine data disks and three parity disks, ensuring that data will remain available even in the unlikely event of two simultaneous disk failures. Redundant manifest servers on the data center side track each encrypted backup using hexadecimal hash tables; if the manifest indicates that data is already stored, then a pointer is included in the manifest and the data is not backed up again (single instancing). Backup data can be accessed by the original machine, over the web, or via mobile device using the Mozy app.
ESG Lab Validation
ESG Lab performed hands-on evaluation and testing of MozyEnterprise at a Mozy facility in Provo, Utah. Testing was designed to demonstrate ease of installation and management, security and trust, and efficiency.
To get started, ESG Lab confirmed the ease of setting up and configuring MozyEnterprise from the administrative view, installing MozyEnterprise on the client side, and performing common tasks such as backup and recovery operations using the graphical user interface (GUI).
ESG Lab Testing
ESG Lab began its MozyEnterprise validation testing by connecting to the management interface and navigating through the multiple setup and configuration options. As shown in Figure 3, the Lab used a root administrator account that Mozy provided to connect to the admin console and conduct common setup and configuration tasks. For smaller environments, a single root-level administrator account may be all that is required for management.
As shown at the top of Figure 3, the Lab explored installation, activation, and configuration tasks for three predefined Active Directory users. A fourth user was then added to an existing user group and profile, as shown in the middle of Figure 3. Account-level storage pooling simplifies provisioning by eliminating the need to provision storage for each individual user. Administrators may optionally provision by sub-pools or users at their discretion. To facilitate scale, Mozy provides the ability to create sub-administrators under the root administrator account. Sub-administrators are assigned tasks such as managing backup and restore operations for different groups. ESG Lab created a new sub-administrator and assigned it to a user group and role that had been created earlier, shown at the bottom of Figure 3.
Next, as shown in Figure 4, ESG Lab conducted an interactive installation for one of the six test environment Active Directory users. We directed the standard user “Welcome” message (sent at the beginning of the user set up process) to an ESG Lab e-mail account. This message contains a URL to an interactive Mozy activation page for our new user. A password was chosen and a link was provided to download the client software. No activation keys were necessary. The Lab then conducted a silent install for a second user account by logging into the host via single sign-on credentials and runningMozyEnterprise executable install file from the command line.
Finally, ESG Lab used a Windows server to explore the user interface features. The server contained basic file data as well as a Microsoft Exchange 2013 database. The Lab conducted backups of both the file data and the Exchange application. For the Exchange backup, we leveraged VSS integration. As shown in Figure 5, the Lab used the Backup Sets option to select the data to be protected. Then, the running database was dismounted and renamed using the Exchange 2013 management interface. Lastly, the Restore tab in the user interface was used to select a point-in-time Exchange backup for restore. The database was restored to the host and the Exchange 2013 management interface was then used to remount the database and successfully restart the Exchange application.
Why This Matters
A common problem for enterprise organizations is having heterogeneous backup solutions among different departments to support various operating environments, applications, and compliance/security requirements. These different solutions require infrastructure resources and need to be managed separately. In addition, outside of the main office, there may not be sufficient skilled staff to properly handle the task. Ensuring that data is securely and effectively protected for a large number of users across multiple locations challenges IT on a daily basis.
In our testing, ESG Lab demonstrated the ease with which IT administrators can manage backup. Installation is extremely simple, and the option to separate installation from activation makes it easy to deploy at scale. The ability to group users and define sub-administrator roles is key for large organizations, and features such as keyless activation, storage pooling, and Active Directory integration vastly simplify user management. Both backup and restore operations were simple to execute and included scheduling and configuration options to ensure no interruption to productivity.
Security and Trust
For cloud backup solutions, security and trust are essential characteristics that have a significant influence on customer acceptance. Included in this category are the physical security of data and data centers, third-party certifications and validations, cloud provider monitoring and management, the ability to restrict data access, and the capability to keep data protected at rest and in transit.
ESG Lab Testing
ESG Lab started its exploration of how Mozy delivers security and trust to its customers by reviewing the attributes of the data centers that host customer back-up data. In addition to the redundancy built into the hardware and software of the Mozy solution itself, the equipment is housed in secure and highly available data centers as shown in Figure 6. From the start, each data center location is selected based on the region’s susceptibility to natural disasters. Then the data center infrastructure is designed to meet important industry standards such as ISO 27001 certification, Safe Harbor, and other regulations. The next important aspect of the Mozy data center is physical security and availability. Each data center is built with fire detection/suppression and physical security that ensures access is given only to authorized personnel. Next, the data center is equipped with redundant networks, power, and cooling. Each data center is periodically reviewed to ensure that it maintains these certifications and ratings.
Next, ESG Lab validated the data encryption capabilities of Mozy. The Lab configured one of the test clients to use a personal encryption key. A set of Exchange log and configuration files was selected for backup. Once backed up, the file set was restored to the same client in a different directory. As shown in Figure 7, the Lab used Notepad to open and view one of the files. The top right circle in Figure 7 shows that because the data was restored on the same host with the encryption key, the file ExchangeSetup was readable. Next, the same data set was restored to a different client using the Mozy web interface and an administrator account. The Lab once again used Notepad to open the file with the same data restored to a client that did not have the personal encryption key. As shown in the bottom right circle of Figure 7, the file ExchangeSetup was not readable on the client without the key.
Finally, ESG Lab toured the Mozy network operations center (NOC). As shown in Figure 8, the NOC is staffed 24×7 with a team of support engineers who leverage custom tools to proactively monitor the Mozy infrastructure. The team is also responsible for managing upgrades and additions. The support staff is on call in the NOC to assist clients with any issue that might arise. For large client restore requests, the support team is equipped with the tools and infrastructure to restore to local media that can be quickly shipped to the client. Just behind the front line staff in the NOC sits a team of developers who assist the support team when deeper analysis of an issue is needed.
Why This Matters
Keeping data safe and secure is essential. IT organizations treat data with extreme care, sometimes eschewing potentially beneficial solutions out of an abundance of caution. ESG research bears this out, as the number one reported reason that organizations shy away from cloud-based backup solutions is data security and privacy concerns. Data protection strategies are designed not only to create backup copies of data, but also to ensure that data can be retrieved despite failures, and cannot be viewed by unauthorized parties. Consequently, one essential feature for cloud backup providers is their ability to prove their level of security and commitment to customer data protection and privacy.
ESG Lab validated that MozyEnterprise offers the highest levels of security, with redundant operations; Reed Solomon erasure coding; state-of-the-art, fully protected NOC and data centers; and military-grade encryption. Certainly, the backing of EMC delivers an additional level of comfort for customers, as does the fact that Mozy has never had a security breach. One key MozyEnterprise feature that many cloud backup providers are missing is the ability for customers to maintain their own encryption keys with no access by the cloud provider. MozyEnterprise includes this privacy and security option, ensuring that Mozy has no capability whatsoever to decrypt user data, even under penalty of law.
Cloud backup solutions demonstrate their levels of efficiency in terms of data management (offloading tasks from the IT organization) and in the amount of data transmitted for initial and ongoing backup and restore (due to the impact on corporate network bandwidth). ESG lab reviewed the storage capacity and network optimization capabilities available with MozyEnterprise.
A sound backup strategy involves both local and offsite copies of protected data. As seen in Figure 9, Mozy 2xProtect automatically backs up files locally in addition to synchronized backups to a Mozy data center. With local backup, users can protect large amounts of data quickly, ensuring that files are backed up locally while they are in transit to Mozy servers. 2xProtect also provides for fast, local restore of these large datasets, without the need to pull the data across the WAN.
Figure 10 shows the array of options available when data must be restored from Mozy data centers.
MozyEnterprise provides several methods for restoring files. The MozyEnterprise client provides a familiar backup utility interface and the MozyEnterprise virtual drive and Windows shell extension allow users to restore files directly using Windows Explorer. Installation of the MozyEnterprise client includes extensions that enable users to restore files by right-clicking on a file or folder and selecting the version to restore. Web-based restores are also supported and provide a zipped archive of the restored files. For larger data sets including databases and full file system restores, MozyEnterprise supports a media transfer option, where the data set is shipped directly to a client for fast local restore.
ESG Lab Testing
Efficiency testing started with an initial data set consisting of an Exchange server e-mail database, and a set of files. This data set consumed 495MB on disk. ESG lab initiated a manual backup to MozyEnterprise, and, as a result of Mozy’s single instance storage, the data transferred across the network in the initial backup was reduced by 45% to 271.6MB, as shown in Figure 11.
After this initial backup, ESG lab modified the backup data set by generating e-mails and adding/modifying files. The Exchange e-mail database grew to 269.1MB, and the total size of the added/modified files was measured at 53.6MB. To validate the 2xProtect feature, a manual backup of the Exchange database was performed, storing the backup on local storage. The Exchange database was then restored from this local backup.
Next, a manual backup to the Mozy cloud was executed. This backup transferred only 53.6MB, as shown in Figure 12. MozyEnterprise was aware that the restored Exchange database was the same file already stored on Mozy servers and in the manifest, eliminating the need to transfer the full 269.1MB file again.
MozyEnterprise 2xProtect integrates with the manifest function to enhance capacity and bandwidth efficiency. When ESG lab initiated the final backup to Mozy, the manifest had recorded the previous local backup of the Exchange database, so Mozy was able to avoid transferring the entire 269MB Exchange database across the network. Instead, a reference to the local copy was recorded, as seen in Figure 13.
What the Numbers Mean
- MozyEnterprise’s single instance technology significantly reduced the amount of data transferred over the network to the Mozy data centers.
- While 24 files were encoded for backup, MozyEnterprise only transferred changed blocks rather than entire files, reducing the amount of network and storage resources consumed.
- Subsequent backups are also efficient, compressing and reducing the amount of data transferred to only the actual data added or changed.
- MozyEnterprise demonstrated synchronization between the local 2xProtect copy and the Mozy data center copy, as well as awareness of the manifest function.
Why This Matters
Cloud-based backup offers significant benefits, among them offloading storage and management operations to a provider. However, backing up to the cloud does mean that backup sets are traversing the customer’s network and can impact production operations. Restoring data has the same impact.
ESG Lab validated that IT can retain backup configuration and enterprise-wide control while Mozy takes care managing backup storage. This makes it a highly scalable and affordable backup solution. MozyEnterprise streamlines IT administrative efforts, focusing them on client-side needs instead of on back-end infrastructure. On the network side, MozyEnterprise minimizes the amount of data transmitted by performing only incremental backups after the initial full backup, and by using pointers to data already stored. Support for data seeding, bandwidth throttling, and QoS help to ensure that backup doesn’t interfere with priority network traffic. Restore is also efficient, offering in-client, web, media, and local drive options, ensuring speedy restore and return to productivity as well as minimizing network usage.
ESG Lab Validation Highlights
- MozyEnterprise demonstrated easy-to-manage online backup and restore.
- Installation was extremely simple, and the option to separate installation from activation made it easy to deploy at scale.
- ESG Lab validated that MozyEnterprise offers the highest levels of security, with redundant operations; Reed Solomon erasure coding; state-of-the-art, fully protected NOC and data centers; and military-grade encryption.
- A key MozyEnterprise feature is the ability for customers to maintain their own encryption keys with no access by the cloud provider. MozyEnterprise includes this privacy and security option, ensuring that Mozy has no capability whatsoever to decrypt user data, even under penalty of law.
- ESG Lab validated that IT can retain backup configuration and enterprise-wide control while Mozy takes care of managing backup storage. This makes it a highly scalable and affordable backup solution.
- In ESG Lab testing, MozyEnterprise minimized the amount of data transmitted by performing only block-level incremental backups after the initial full backup, and by using pointers to data already stored.
- The 2XProtect local drive option demonstrated speedy backup and restore, enabling fast, efficient return to productivity as well as minimizing network usage.
Issues to Consider
- Though ESG Lab was able to easily execute a full restore of Microsoft Exchange 2013, the only option available was to do a full database recovery. The Lab believes that if MozyEnterprise offered a message-level recovery service, it would be well received by its clients.
- While ESG Lab validation testing was conducted on both virtual and physical machines, all backup and restore operations where conducted via a Mozy client at the OS level on both physical servers and virtual machines. There is currently no integration with VMware data protection APIs.
The Bigger Truth
ESG recently asked IT professionals which factors they believed would be most likely to lead their organizations to consider a cloud backup service. The top reason, cited by 51% of current cloud backup users: the ability to store data remotely for disaster recovery. It’s a simple equation. Building and managing an infrastructure for offsite backup is a difficult and expensive job; using the cloud makes sense as it offloads those tasks to a provider and makes it much simpler to scale. In addition, as ESG survey respondents cited, cloud backup often delivers more predictable costs, better support for remote offices, improved service levels, and an opportunity to take advantage of advanced technology without having to implement it yourself.
While MozyHome and MozyPro have been highly successful with their consumer and small business target customers, MozyEnterprise is truly the flagship product in the portfolio. It retains the efficient, highly protected backups that Mozy offers using extremely secure, redundant data centers that are managed around the clock. Security is the first hurdle that cloud solutions face with any customer, but the emphasis is truly mission critical for large business organizations. ESG Lab validated that MozyEnterprise brings a full suite of security features that engender trust, including advanced data protection, customer-only encryption key options, secure data centers, independent security ratings and certifications, and the history of never having a security breach. Backing by EMC doesn’t hurt, either.
ESG Lab also confirmed that MozyEnterprise is easy to configure and manage, non-intrusive to the end-user, and enables user access to backup files from any location or device. Per-user licensing and unlimited capacity ensure predictable costs as customer organizations grow. Data efficiency ensures that backups don’t interfere with higher priority traffic and business operations.
Importantly, MozyEnterprise adds enterprise-class administrative features. The solution fits the enterprise profile with features like keyless activation, account-level storage pooling, and Active Directory integration, which simplify IT’s job (from adding to managing to deactivating users) and the user experience (from credentialing to accessing data from any device or location). Also, the addition of user groups and sub-administrator roles enables even the largest organizations to easily tailor their backups and manage large numbers of users.
Enterprise organizations tend to be very careful with their data and, for many, trusting a cloud is not easy. But the term “cloud” can in some cases be a misnomer that does a disservice to the hardened, mature IT solutions built on it. The clouds in the atmosphere are ethereal, amorphous, and able to dissipate quickly—they don’t appear sure-footed or trustworthy. Conversely, a cloud-based infrastructure like Mozy’s can be rock solid, robust, bullet-proof—exactly where enterprises want to place remote backups if they want to count on data availability and security. So don’t let the language fool you. You can feel comfortable with cloud solutions such as MozyEnterprise that have proven their mettle.