IBM Spectrum Protect Futures

I mention on the Strategy page that I think the future is that backup and recovery applications will start to recognise that they do not need to move data about to create backups, but can use snapshots and mirrors as backup datastores. The role of the software would then be to manage all that hardware and maintain the necessary catalogs that refer to backups contained in all these snapshots so the storage manager can easily work out what backups are available and also recover from them with simple commands.
We will also need cloud-to-cloud backup, where Backup vendors will need to add tools to back up and restore applications within the cloud.
Backup and recovery products can help with ransomware attacks, by using ransomware monitoring and detection tools to detect suspicious application behavior before files are corrupted, or by using predictive analytics to determine the probability that ransomware is operating on a server.
Some of these features have appeared in recent releases of IBM pectrum Protect.

IBM Spectrum Protect Release 8.1.7

Long Term Data Retention

One of the issues with the old TSM was that there was no easy way to take a backup of a server, group of directories or files, and then keep them for an extended time period, outside of the normal backup retention rules. It was possible to do this, but it involved quite a but of 'fudging'. IBM SP Version 8.1.7 has a new features that makes this process much easier and official.
You do this by defining a new type of object client, and also retention rules for long-term data retention on the server. Once you have these, you can create collections of client backup data called retention sets. These are point in time snapshots of the active backup data from one or more clients, that is backup data that already exists at the IBM SP server. So the data is not backed up again, or even copied, but just tracked by the server and not expired until the long retention period is reached.
You can run this process as a one time event, or you can run a schedule to creation a retention set on a regular basis.

Servermon Server Monitoring

IBM have supplied an optional Perl script called Servermon to collect analytical data from IBM Spectrum Protect servers since version 7.1 and higher. Starting with IBM SP 8.1.7, Servermon is installed and configured automatically as part of the server installation, so it will run automatically when the server is started. The script runs commands every 20 minutes, including SHOW commands, to gather server data for trouble shooting. You can also configure it to run traces, or to be triggered if a specific server message is logged in the activity log. It does not just collect IBM SP data, but also DB2 specific information and data from the operating system, such as CPU, memory and disk metrics.
While Servermon is primarily intended for IBM support, Administrators can also study the data to investigate problems, find performance bottlenecks, and even look at historical data.

Bits and Pieces

IBM SP 8.1.7 makes it easier to configure a clustered environment with an improved configuration wizard. Also, if you use the configuration wizard in a clustered environment then you don't need to temporarily enable and then disable the Microsoft Windows SMBv1 protocol anymore.

There is a new command, REMOVE STGPROTECTION, that allows you to remove protection from one or more directory-container storage pools. The command also has a preview option so you can see how many files would be affected by the removal process. You might want to use this command if you are running out of storage pool space, but note that while data from the affected directory-container storage pool will no longer be copied to another storage pool, the replicated space will not be released until the reuse delay time is passed.

If you are backing up VMware clients, you can run an immediate backup operation of all tagged VMware VMs with a -tagschedule option.

Client Changes

One issue with running client restores on Windows or Linux was that you needed to log onto the client to perform the restore. In larger organisations this can be a problem as access to clients, especially as administrator or root, is tightly controlled. IBM SP release has a 8.1.7 web user interface from which you can run file restores without needing access to the client machine. This new web user interface will display all the backups, both active and inactive. A restore will not overwrite existing files or directories, but rather it creates a new file or directory with a timestamp added to the original file or directory name.

IBM Spectrum Protect Release 8.1.6

New Cloud Storage Options

IBM SP 8.1.6 provides more granular control over Cloud Tiering, which is simply the process of offloading some backup data off to the Cloud to reduce storage cost. Previous releases simply used backup age, for example, migrate all backups older than 10 days to the Cloud. 8.1.6 introduced new options for the DEFINE STGRULE command:

Once you run the DEFINE STGRULE command you can define one or more subrules to get more granular control. For example you might want to keep some critical data on disk storage for longer for faster retrieval, while moving less critical data off to the cloud faster. You could also define a tiering subrule to exclude the data from some nodes from tiering completely.

NAS File System Backups and Restores

IBM SP 8.1.6 allows you to use the backup-archive client GUI to back up and restore NAS file systems. NAS backups use NDMP, which is only available on IBM SP Extended Edition. Filer to server data transfer is available for NAS devices that support NDMP Version 4. After configuring NDMP support, the server connects to the NAS device and uses NDMP to initiate, control, and monitor each backup and restore operation. The NAS device performs outboard data transfer to and from the NAS file system to tape drives or libraries that are locally attached to the IBM SP server.

Version 8.1.2 security enhancements

Although 8.1.2 is a quite old release now, it is worth noting that it brought in a significant change in the way server / client security works. IBM SP 8.1.2 and later software has an improved security protocol that uses TLS 1.2 for authentication between the server, storage agent, and backup-archive clients. Servers, storage agents, and clients using V8.1.2 or later software are automatically configured to authenticate with each other by using TLS. Automatic Secure Sockets Layer (SSL) configuration and distribution of certificates.

Beginning with IBM Spectrum Protect Version 8.1.2, a master encryption key is automatically generated when you start the server if the master encryption key did not previously exist. After a successful authentication to V8.1.2 or later software, administrators cannot authenticate to earlier versions of IBM Spectrum Protect software on the same server. If a single administrator ID is used to log in to multiple systems, plan to upgrade all of those systems with V8.1.2 or later software to ensure that the certificate is installed on all systems that the administrator logs in to.

back to top


TSM pages

Lascon latest major updates

Welcome to Lascon Storage. This site provides hints and tips on how to manage your data, strategic advice and news items.