Manage Storaging: A Plan of Attack
By John Webster, Sr. Analyst and Founder, Data Mobility Group and
Perry Harris, Sr. Analyst and Co-Founder, Data Mobility Group

A user recently pointed out that there are literally tons of white papers written about storage management products and the overwhelming need for such products, but very few, if any, articles exist on how to actually “hands-on” manage the new storage domain.

What should a storage management group within the larger enterprise IT department look like? What skills sets should be represented within this group? How should the group be structured? What disciplines should be practiced? These are just a few of the questions users ask.

While it would be a gross over-simplification to say that storage was once a simple matter of plugging an array into a SCSI port, compared to the array of alternatives available today, the past was clearly a lot simpler: The days of one-size-fits-all SCSI are long gone.

Storage as an enterprise core competency is becoming exceedingly complex as this brief, but by no means exhaustive, list of technologies involved with the new world of networked storage illustrates:

• Fibre Channel fabric architectures
• Ethernet and IP
• Server clustering
• Data backup and restoration
• Wide- and metropolitan-area networking protocols
• Bridging, routing, and switching
• Host bus adapters and drivers
• Object modeling
• Data traffic management
• Diagnostic and recovery technologies
• Enterprise management applications
• Database and file system architectures
• Security

Given this complexity, it is becoming increasingly common to find storage management groups within enterprise IT departments. Once a decision is made to form such a group, the next question is how to break management into manageable pieces and which disciplines each group member should represent.

Practice disciplines 
Think of enterprise storage management as a practice composed of a number of definable discipline areas. Each area can be further broken down into specific disciplines or tasks. Both management tasks and software-based management applications can be grouped under each discipline area.

To keep things as simple as possible, I have boiled down the list of possible discipline areas to just three: managing the storage environment as a business entity; managing data from the standpoint of the storage environment; and using the storage environment to manage and mitigate corporate risk.

There are no hard boundaries between discipline areas. In fact, management practices and products that fall under one heading could also be listed under the other two. For example, copy functions have been placed under the Data Management heading, but are also a critical component of business continuance (under Risk Management) and are becoming critical enablers of content distribution services (under Business Management).

Dividing storage management first into discipline areas provides a method for identifying and assigning specific disciplines to each group member.

Business management--management of the storage domain as a business entity complete with customers that must be kept happy and a method for tracking and charging-back usage.

Familiarity with the storage service provider (SSP) model helps here. Despite their hyperbolic track records, SSPs got at least one thing right: Storage provisioning is a business. And it is this same SSP business model--often referred to as the storage utility--that many enterprise IT managers are not trying to reproduce inside their own enterprises.

In the case of an enterprise-based storage utility, customers are users represented by departments or applications and can be managed the same way that SSPs managed their outsourcing customers--via service level agreements (SLAs).

Many of the provisions covered in SLAs fall under this discipline area, including on-demand capacity provisioning, quality of service (QoS), continuous availability, and performance monitoring and management. Since the storage utility is run as a business, riding herd on ROI is critical, as users will see their share of the cost of the entire storage environment.

Risk management - the use of the storage domain to mitigate corporate risk through the use of well-established backup-and-recovery procedures, business continuance, disaster recovery, and most recently, security functions.

A tightly integrated combination of storage hardware, software, and networking services can be used to secure and protect data from unforeseen catastrophic events, human error, or malicious intent. Consequently, storage platforms can now be thought of as places to manage and mitigate enterprise risk.

Three major IT disciplines relating to risk management can be applied to the storage environment, including

• Disaster recovery and business continuity--Storage can be used to replicate data inside and outside the data center, effectively mitigating the risk of data loss from a variety of system outages. Good business continuance and disaster-recovery plans use technologies like mirroring and remote copy to protect data against these types of outages. As such, this discipline is co-dependent with the Data Management discipline area.
• Backup and restore--Backup-and-restoration technologies mitigate enterprise risk by enabling users to restore backed-up data to its last uncorrupted state. Simply copying data to secondary storage devices, however, does not ensure complete data protection since copy functions can propagate corrupted data along with the good data.
• Security--There is a growing realization that masking and zoning techniques do not go far enough in protecting networked storage-based data. Networked storage security will become more robust over time, but an understanding of storage-based security techniques is essential even now.

Data management--the management of data contained within the storage domain through the use of storage-based file systems and copy functions.

This discipline area really serves as a foundation for the other two and will become more important over time as file management capabilities move into the storage domain. Storage-based file management systems can protect shared data--accessed by multiple applications, servers, or users--from loss or corruption, while maintaining a high degree of data availability for all authorized applications or users.

Copy functions are essential to the storage domain’s risk management capabilities, enable new Web-facing applications, and can be used to address performance-related issues.

Conclusion
We believe that the storage management plan outlined above can be implemented within an existing enterprise IT department with minimal disruption. Core competencies related to backup and recovery, performance, security, and networking have existed for years in the data center. This plan gives these traditional core competencies a networked storage focus while adding others that help align an enterprise storage management group with the present and future needs of the business. The real challenge will be filling in the expertise “holes” this plan helps to identify. However, we welcome your comments and can be reached at www.datamobilitygroup.com.

John Webster (jwebster@datamobilitygroup.com) is senior analyst and founder, and Perry Harris (pharris@datamobilitygroup.com) is senior analyst and co-founder of the Data Mobility Group (www.datamobilitygroup.com), a storage market research and analysis firm, in Nashua, NH.

Thank you for reading ISIC Quarterly. All articles included this issue are copyright of their respective owners. You have received the ISIC Quarterly because you subscribed via our web site at http://isic.ucsd.edu.