DOCSLIB.ORG

Open File Manager White Paper

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Open File Manager White Paper Preventing Data Loss During Backups Due to Open Files A White Paper For IT Managers, CTOs, and Security Administrators Concerned About Corrupt Files and the Loss Of Data During Backup St. Bernard Software - 16882 W. Bernardo Drive - San Diego CA 92127 - Toll Free: 1-800-782-3762 www.stbernard.com Table of Contents Executive Summary....................................................................................................................... 1 The Explosion in Data = Increased Potential for Data Loss...................................................... 2 The Open File Problem: Skipped, Corrupt, or Unsynchronized Files ..................................... 2 Conventional Solutions to the Open File Dilemma .................................................................... 3 Application Agents ........................................................................................................................... 3 Generic Open File Tools .................................................................................................................. 4 Weighing the Alternatives: Compatibility Issues ...................................................................... 4 Weighing the Alternatives: Synchronization Methods ............................................................. 5 The Importance of System-Wide Synchronization in Ensuring Transactional Integrity................... 5 Partial Synchronization Methods ..................................................................................................... 5 Limitations of File-by-File Synchronization.............................................................................. 6 Limitations of Volume-by-Volume Synchronization................................................................. 6 Limitations of Manually Grouping Files ................................................................................... 7 St. Bernard Software and Open File Manager: Bringing Closure to the Open File Problem ........................................................................................................... 7 Open File Manager Works with All Applications and Backup Software........................................... 8 Open File Manager Provides Transactional Integrity Via System-Wide Synchronization............... 8 How Open File Manager and the Backup Application Work Together ............................................ 8 Backup Verify Pass ................................................................................................................. 9 Write Inactivity Period............................................................................................................ 10 Open File Manager’s Copy Feature............................................................................................... 10 Summary of Open File Manager’s Advantages ........................................................................ 10 i 16882 W. Bernardo Drive - San Diego CA 92127 - Toll Free: 1-800-782-3762 www.stbernard.com Benefits of Using Open File Manager ........................................................................................ 12 Conclusion.................................................................................................................................... 13 Appendix: Backup Software Supported by Open File Manager ............................................ 14 NT/2000/XP.................................................................................................................................... 14 NetWare......................................................................................................................................... 14 ii 16882 W. Bernardo Drive - San Diego CA 92127 - Toll Free: 1-800-782-3762 www.stbernard.com Executive Summary Data integrity and redundancy have always been vital to the success of a business. But, against the backdrop of the events of 2001 and today’s 24x7x365 business environment, IT decision makers are looking at backup strategies and disaster recovery plans with an even keener eye. With global networks, huge storage systems that maintain ever-increasing amounts of data, and a universal time zone of “now,” IT administrators can no longer schedule backup after hours, when the system is not in use. Nor can they afford to adopt backup strategies that are not trustworthy. In short, enterprises today require backup and recovery solutions that offer maximum reliability while also supporting full productivity and efficiency. But, in order to achieve both of these goals, companies must look for tools that address an age-old dilemma – preventing data loss during backup due to open files. Disaster recovery plans are only as good as the backup strategies that underlie them. Without an open file backup solution, organizations are at risk of losing significant amounts of data. In the end, companies must identify software that can reliably back up data while files are in use and while internal and external transactions are still in progress. When selecting an open file solution, there are three main issues to consider: • Application support • Backup software compatibility • Synchronization methods, which will determine the level of transactional integrity 1 16882 W. Bernardo Drive - San Diego CA 92127 - Toll Free: 1-800-782-3762 www.stbernard.com Open File Manager White Paper The Explosion in Data = Increased Potential for Data Loss The quantity of mission-critical information that organizations are storing, managing, and maintaining on computers is growing at an exponential rate. According to the Hurwitz Group, by the year 2003, the average large company will store over 150 terabytes of data – which is equivalent to the storage capacity of approximately 240,000 compact discs. With the explosion in data comes an increased potential for data loss. Because an organization’s data must be available around the clock, and its applications – its email, Web servers and transaction servers – must be up and running regardless of the time of day, a solid backup and recovery plan is more critical than ever. Companies must ensure that data is backed up in a reliable manner, yet many backup strategies are missing one fundamental piece: The ability to ensure a full system backup without skipped, corrupt or unsynchronized files. In fact, file corruption and data loss are becoming much more common than in the past (7th Annual ICSA Lab’s Virus Prevalence Survey, March 2002). The impact of this problem is enormous, with annual costs due to lost data estimated at more than $12 billion (The Cost of Lost Data, September 1999, Pepperdine University). The bottom line: Most organizations have a costly backup infrastructure in place to protect their critical data, but all too often these backup strategies ultimately fail. What is needed is an open file solution that consistently captures open and in-use files without interrupting applications or continuous system operation. The Open File Problem: Skipped, Corrupt, or Unsynchronized Files Open files have historically been a backup administrator’s biggest challenge, as they are often skipped or corrupted during the backup process. The alternative – forcing open files closed or asking users to log out so applications can be shut down – is no longer viable. When high availability demands 24x7 uptime on a global basis, the “backup window” – the amount of time when a system can be shut down to back it up, not only shrinks – it disappears. For most companies, there is no such thing as a clear backup window. Backups must be done when systems are up and running. But this leads to several problems – problems that result in incomplete backups and corrupted files that compromise an organization’s most vital processes. During a backup, files that are open or in use get skipped. Some backup programs will try to access them again at the end of backup, but if the files are still open, they will be ignored, and critical data will not be backed up. 2 16882 W. Bernardo Drive - San Diego CA 92127 - Toll Free: 1-800-782-3762 www.stbernard.com Open File Manager White Paper And, even if the backup software backs up previously open files during a later attempt, synchronization problems can occur. In particular, groups of open files that contain related data at the beginning of a backup will lose relational integrity if they are changed after backup has commenced. For example, consider a company whose customer relationship management (CRM) system is linked to the enterprise’s accounting database. As transactions occur within the CRM database – such as new customer information being added – modifications are automatically written to the accounting database. In this way, data from one system is always present and current in the other. If these integrated databases are backed up while files are open and transactions are still going on, the backup may capture a transaction that occurred in the CRM database but, because of timing issues, it may be forced to skip the related open or locked file on the accounting database side. If there is a subsequent system failure and the files need to be restored, they will no longer match up. Alternatively, backup software may lock users out of applications or force a backup of open files, creating a corrupt image on tape. Each of these scenarios can have staggering financial, legal, and productivity ramifications on an organization. Conventional Solutions to the Open File Dilemma There are two conventional ways to deal with the open file dilemma.
Load more

Recommended publications
  • System Calls System Calls
    System calls We will investigate several issues related to system calls. Read chapter 12 of the book Linux system call categories file management process management error handling note that these categories are loosely defined and much is behind included, e.g. communication. Why? 1 System calls File management system call hierarchy you may not see some topics as part of “file management”, e.g., sockets 2 System calls Process management system call hierarchy 3 System calls Error handling hierarchy 4 Error Handling Anything can fail! System calls are no exception Try to read a file that does not exist! Error number: errno every process contains a global variable errno errno is set to 0 when process is created when error occurs errno is set to a specific code associated with the error cause trying to open file that does not exist sets errno to 2 5 Error Handling error constants are defined in errno.h here are the first few of errno.h on OS X 10.6.4 #define EPERM 1 /* Operation not permitted */ #define ENOENT 2 /* No such file or directory */ #define ESRCH 3 /* No such process */ #define EINTR 4 /* Interrupted system call */ #define EIO 5 /* Input/output error */ #define ENXIO 6 /* Device not configured */ #define E2BIG 7 /* Argument list too long */ #define ENOEXEC 8 /* Exec format error */ #define EBADF 9 /* Bad file descriptor */ #define ECHILD 10 /* No child processes */ #define EDEADLK 11 /* Resource deadlock avoided */ 6 Error Handling common mistake for displaying errno from Linux errno man page: 7 Error Handling Description of the perror () system call.
    [Show full text]
  • System Calls and I/O
    System Calls and I/O CS 241 January 27, 2012 Copyright ©: University of Illinois CS 241 Staff 1 This lecture Goals Get you familiar with necessary basic system & I/O calls to do programming Things covered in this lecture Basic file system calls I/O calls Signals Note: we will come back later to discuss the above things at the concept level Copyright ©: University of Illinois CS 241 Staff 2 System Calls versus Function Calls? Copyright ©: University of Illinois CS 241 Staff 3 System Calls versus Function Calls Function Call Process fnCall() Caller and callee are in the same Process - Same user - Same “domain of trust” Copyright ©: University of Illinois CS 241 Staff 4 System Calls versus Function Calls Function Call System Call Process Process fnCall() sysCall() OS Caller and callee are in the same Process - Same user - OS is trusted; user is not. - Same “domain of trust” - OS has super-privileges; user does not - Must take measures to prevent abuse Copyright ©: University of Illinois CS 241 Staff 5 System Calls System Calls A request to the operating system to perform some activity System calls are expensive The system needs to perform many things before executing a system call The computer (hardware) saves its state The OS code takes control of the CPU, privileges are updated. The OS examines the call parameters The OS performs the requested function The OS saves its state (and call results) The OS returns control of the CPU to the caller Copyright ©: University of Illinois CS 241 Staff 6 Steps for Making a System Call
    [Show full text]
  • The Power Supply Subsystem
    The Power Supply Subsystem Sebastian Reichel Collabora October 24, 2018 Open First Sebastian Reichel I Embedded Linux engineer at Collabora I Open Source Consultancy I Based in Oldenburg, Germany I Open Source contributor I Debian Developer I HSI and power-supply subsystem maintainer I Cofounder of Oldenburg's Hack(er)/Makerspace Open First The power-supply subsystem I batteries / fuel gauges I chargers I (board level poweroff/reset) I Originally written and maintained by Anton Vorontsov (2007-2014) Created by Blink@design from the Noun Project Created by Jenie Tomboc I Temporarily maintained by Dmitry from the Noun Project Eremin-Solenikov (2014) Open First Userspace Interface root@localhost# ls /sys/class/power_supply/ AC BAT0 BAT1 root@localhost# ls /sys/class/power_supply/BAT0 alarm energy_full_design status capacity energy_now subsystem capacity_level manufacturer technology charge_start_threshold model_name type charge_stop_threshold power uevent cycle_count power_now voltage_min_design ... root@localhost# cat /sys/class/power_supply/BAT0/capacity 65 Open First Userspace Interface root@localhost# udevadm info /sys/class/power_supply/BAT0 E: POWER_SUPPLY_CAPACITY=79 E: POWER_SUPPLY_ENERGY_FULL=15200000 E: POWER_SUPPLY_ENERGY_FULL_DESIGN=23200000 E: POWER_SUPPLY_ENERGY_NOW=12010000 E: POWER_SUPPLY_POWER_NOW=5890000 E: POWER_SUPPLY_STATUS=Discharging E: POWER_SUPPLY_VOLTAGE_MIN_DESIGN=11100000 E: POWER_SUPPLY_VOLTAGE_NOW=11688000 ... Open First Userspace Interface I one power-supply device = one physical device I All values are in uV,
    [Show full text]
  • Ext4 File System and Crash Consistency
    1 Ext4 file system and crash consistency Changwoo Min 2 Summary of last lectures • Tools: building, exploring, and debugging Linux kernel • Core kernel infrastructure • Process management & scheduling • Interrupt & interrupt handler • Kernel synchronization • Memory management • Virtual file system • Page cache and page fault 3 Today: ext4 file system and crash consistency • File system in Linux kernel • Design considerations of a file system • History of file system • On-disk structure of Ext4 • File operations • Crash consistency 4 File system in Linux kernel User space application (ex: cp) User-space Syscalls: open, read, write, etc. Kernel-space VFS: Virtual File System Filesystems ext4 FAT32 JFFS2 Block layer Hardware Embedded Hard disk USB drive flash 5 What is a file system fundamentally? int main(int argc, char *argv[]) { int fd; char buffer[4096]; struct stat_buf; DIR *dir; struct dirent *entry; /* 1. Path name -> inode mapping */ fd = open("/home/lkp/hello.c" , O_RDONLY); /* 2. File offset -> disk block address mapping */ pread(fd, buffer, sizeof(buffer), 0); /* 3. File meta data operation */ fstat(fd, &stat_buf); printf("file size = %d\n", stat_buf.st_size); /* 4. Directory operation */ dir = opendir("/home"); entry = readdir(dir); printf("dir = %s\n", entry->d_name); return 0; } 6 Why do we care EXT4 file system? • Most widely-deployed file system • Default file system of major Linux distributions • File system used in Google data center • Default file system of Android kernel • Follows the traditional file system design 7 History of file system design 8 UFS (Unix File System) • The original UNIX file system • Design by Dennis Ritche and Ken Thompson (1974) • The first Linux file system (ext) and Minix FS has a similar layout 9 UFS (Unix File System) • Performance problem of UFS (and the first Linux file system) • Especially, long seek time between an inode and data block 10 FFS (Fast File System) • The file system of BSD UNIX • Designed by Marshall Kirk McKusick, et al.
    [Show full text]
  • System Calls and Standard I/O
    System Calls and Standard I/O Professor Jennifer Rexford http://www.cs.princeton.edu/~jrex 1 Goals of Today’s Class • System calls o How a user process contacts the Operating System o For advanced services that may require special privilege • Standard I/O library o Generic I/O support for C programs o A smart wrapper around I/O-related system calls o Stream concept, line-by-line input, formatted output, ... 2 1 System Calls 3 Communicating With the OS User Process signals systems calls Operating System • System call o Request to the operating system to perform a task o … that the process does not have permission to perform • Signal o Asynchronous notification sent to a process … to notify the process of an event that has occurred o 4 2 Processor Modes • The OS must restrict what a user process can do o What instructions can execute o What portions of the address space are accessible • Supervisor mode (or kernel mode) o Can execute any instructions in the instruction set – Including halting the processor, changing mode bit, initiating I/O o Can access any memory location in the system – Including code and data in the OS address space • User mode o Restricted capabilities – Cannot execute privileged instructions – Cannot directly reference code or data in OS address space o Any such attempt results in a fatal “protection fault” – Instead, access OS code and data indirectly via system calls 5 Main Categories of System Calls • File system o Low-level file I/O o E.g., creat, open, read, write, lseek, close • Multi-tasking mechanisms o Process
    [Show full text]
  • Your Performance Task Summary Explanation
    Lab Report: 11.2.5 Manage Files Your Performance Your Score: 0 of 3 (0%) Pass Status: Not Passed Elapsed Time: 6 seconds Required Score: 100% Task Summary Actions you were required to perform: In Compress the D:\Graphics folderHide Details Set the Compressed attribute Apply the changes to all folders and files In Hide the D:\Finances folder In Set Read-only on filesHide Details Set read-only on 2017report.xlsx Set read-only on 2018report.xlsx Do not set read-only for the 2019report.xlsx file Explanation In this lab, your task is to complete the following: Compress the D:\Graphics folder and all of its contents. Hide the D:\Finances folder. Make the following files Read-only: D:\Finances\2017report.xlsx D:\Finances\2018report.xlsx Complete this lab as follows: 1. Compress a folder as follows: a. From the taskbar, open File Explorer. b. Maximize the window for easier viewing. c. In the left pane, expand This PC. d. Select Data (D:). e. Right-click Graphics and select Properties. f. On the General tab, select Advanced. g. Select Compress contents to save disk space. h. Click OK. i. Click OK. j. Make sure Apply changes to this folder, subfolders and files is selected. k. Click OK. 2. Hide a folder as follows: a. Right-click Finances and select Properties. b. Select Hidden. c. Click OK. 3. Set files to Read-only as follows: a. Double-click Finances to view its contents. b. Right-click 2017report.xlsx and select Properties. c. Select Read-only. d. Click OK. e.
    [Show full text]
  • File Permissions Do Not Restrict Root
    Filesystem Security 1 General Principles • Files and folders are managed • A file handle provides an by the operating system opaque identifier for a • Applications, including shells, file/folder access files through an API • File operations • Access control entry (ACE) – Open file: returns file handle – Allow/deny a certain type of – Read/write/execute file access to a file/folder by – Close file: invalidates file user/group handle • Access control list (ACL) • Hierarchical file organization – Collection of ACEs for a – Tree (Windows) file/folder – DAG (Linux) 2 Discretionary Access Control (DAC) • Users can protect what they own – The owner may grant access to others – The owner may define the type of access (read/write/execute) given to others • DAC is the standard model used in operating systems • Mandatory Access Control (MAC) – Alternative model not covered in this lecture – Multiple levels of security for users and documents – Read down and write up principles 3 Closed vs. Open Policy Closed policy Open Policy – Also called “default secure” • Deny Tom read access to “foo” • Give Tom read access to “foo” • Deny Bob r/w access to “bar” • Give Bob r/w access to “bar • Tom: I would like to read “foo” • Tom: I would like to read “foo” – Access denied – Access allowed • Tom: I would like to read “bar” • Tom: I would like to read “bar” – Access allowed – Access denied 4 Closed Policy with Negative Authorizations and Deny Priority • Give Tom r/w access to “bar” • Deny Tom write access to “bar” • Tom: I would like to read “bar” – Access
    [Show full text]
  • W4118: File Systems
    W4118: file systems Instructor: Junfeng Yang References: Modern Operating Systems (3rd edition), Operating Systems Concepts (8th edition), previous W4118, and OS at MIT, Stanford, and UWisc Outline File system concepts . What is a file? . What operations can be performed on files? . What is a directory and how is it organized? File implementation . How to allocate disk space to files? 1 What is a file User view . Named byte array • Types defined by user . Persistent across reboots and power failures OS view . Map bytes as collection of blocks on physical storage . Stored on nonvolatile storage device • Magnetic Disks 2 Role of file system Naming . How to “name” files . Translate “name” + offset logical block # Reliability . Must not lose file data Protection . Must mediate file access from different users Disk management . Fair, efficient use of disk space . Fast access to files 3 File metadata Name – only information kept in human-readable form Identifier – unique tag (number) identifies file within file system (inode number in UNIX) Location – pointer to file location on device Size – current file size Protection – controls who can do reading, writing, executing Time, date, and user identification – data for protection, security, and usage monitoring How is metadata stored? (inode in UNIX) 4 File operations int creat(const char* pathname, mode_t mode) int unlink(const char* pathname) int rename(const char* oldpath, const char* newpath) int open(const char* pathname, int flags, mode_t mode) int read(int fd, void* buf, size_t count); int write(int fd, const void* buf, size_t count) int lseek(int fd, offset_t offset, int whence) int truncate(const char* pathname, offset_t len) ..
    [Show full text]
  • Shared Folder Permissions
    Shared Folder Permissions Shared folder permissions are used to restrict access to a folder or file that is shared over a network. Folder sharing is normally used to grant remote users access to files and folders over a network. Web sharing grants remote users access to files from the Web if Internet Information Services (IIS) is installed. Members of the Administrators or Power Users group can share folders on a Windows member server. Users have to be members of the Administrators or Server Operators group to share folders on a domain’s domain controller. Users that have the Create Permanent Shared Objects user right are able to share folders as well. To share folders on NTFS volumes, users have to minimally have the Read permission. When folders are shared, it is important to keep in mind that only folders can be shared, not files. Sharedfolder permissions are irrelevant to users who are locally logged onto a computer. Shared folders that are moved are no longer shared. When shared folders are copied, the copy is not shared. The original shared folder however remains shared. A few disadvantages associated with share permissions are listed below: Shared folder permissions do not have as many permission options as NTFS permissions. The only shared folder permissions that can be assigned to users/groups are Read, Change, or Full Control. Share permissions are not inheritable. Users cannot back up or audit shared folder permissions. If the user moves or even renames a shared folder, the shared folder permissions for that particular folder no longer exist. Because of these disadvantages, shared folder permissions are typically utilized on drive volumes that are FAT or FAT32 volumes.
    [Show full text]
  • File Open Handle Using filename ,  Read | Write | Read Write
    Title stata.com file — Read and write ASCII text and binary files Syntax Description Options Remarks and examples Stored results Reference Also see Syntax Open file file open handle using filename , read j write j read write text j binary replace j append all Read file file read handle specs Write to file file write handle specs Change current location in file file seek handle query j tof j eof j # Set byte order of binary file file set handle byteorder hilo j lohi j 1 j 2 Close file file close handle j all List file type, status, and name of handle file query where specs for ASCII text output is "string" or `"string"' (exp) (parentheses are required) % fmt(exp) (see[ D] format about % fmt) skip(#) column(#) newline(#) char(#) (0 ≤ # ≤ 255) tab(#) page(#) dup(#) 1 2 file — Read and write ASCII text and binary files specs for ASCII text input is localmacroname, specs for binary output is %f8j4gz (exp) %f4j2j1gbsju (exp) %#s "text" (1 ≤ # ≤ max macrolen) %#s `"text"' %#s (exp) and specs for binary input is %f8j4gz scalarname %f4j2j1gbsju scalarname %#s localmacroname (1 ≤ # ≤ max macrolen) Description file is a programmer’s command and should not be confused with import delimited (see [D] import delimited), infile (see[ D] infile (free format) or[ D] infile (fixed format)), and infix (see[ D] infix (fixed format)), which are the usual ways that data are brought into Stata. file allows programmers to read and write both ASCII text and binary files, so file could be used to write a program to input data in some complicated situation, but that would be an arduous undertaking.
    [Show full text]
  • File System Permissions Stealthaudit®
    2021 StealthAUDIT® File System Permissions StealthAUDIT® TOC File System Permissions & Configuration Overview 5 Supported File System Platforms 5 Supported Windows Platforms 5 Supported Network Attached Storage Devices 6 Supported Unix Platforms 6 StealthAUDIT Console Server Permissions 8 File System Applet Deployment Permissions 9 File System Proxy Service Permissions 10 StealthAUDIT File System Scan Options 11 StealthAUDIT File Activity Auditing 14 Local Mode Scans 14 Firewall Rules for Local Mode Scans 15 Additional Firewall Rules for NetApp Data ONTAP Devices 15 Additional Firewall Rules for Windows File Servers 16 Applet Mode Scans 16 Firewall Rules for Applet Mode Scans 17 Proxy Mode with Applet Scans 18 Firewall Rules for Proxy Mode with Applet Scans 19 Additional Firewall Rules for NetApp Data ONTAP Devices 20 Additional Firewall Rules for Windows File Servers 21 Proxy Mode as a Service Scans: with RPC or Secure RPC 21 Firewall Rules for Proxy Mode as a Service Scans 23 Additional Firewall Rules for NetApp Data ONTAP Devices 24 Additional Consideration for Windows File Servers 25 Activity Monitor Configuration 26 Firewall Rules for Activity Monitoring 26 Doc_ID 354 2 Copyright 2021 STEALTHBITS, NOW PART OF NETWRIX, ALL RIGHTS RESERVED StealthAUDIT® Additional Firewall Rules for Dell EMC Unity, EMC Celerra, & EMC VNX Devices 26 Additional Firewall Rules for EMC Isilon Devices 27 Additional Firewall Rules for Nasuni Edge Appliances 27 Additional Firewall Rules for NetApp Data ONTAP 7-Mode Devices 27 Additional Firewall Rules for
    [Show full text]
  • Lecture 24 Systems Programming in C
    Lecture 24 Systems Programming in C A process is a currently executing instance of a program. All programs by default execute in the user mode. A C program can invoke UNIX system calls directly. A system call can be defined as a request to the operating system to do something on behalf of the program. During the execution of a system call , the mode is change from user mode to kernel mode (or system mode) to allow the execution of the system call. The kernel, the core of the operating system program in fact has control over everything. All OS software is trusted and executed without any further verification. All other software needs to request kernel mode using specific system calls to create new processes and manage I/O. A high level programmer does not have to worry about the mode change from user-mode to kernel-mode as it is handled by a predefined library of system calls. Unlike processes in user mode, which can be replaced by another process at any time, a process in kernel mode cannot be arbitrarily replaced by another process. A process in kernel mode can only be suspended by an interrupt or exception. A C system call software instruction generates an OS interrupt commonly called the operating system trap . The system call interface handles these interruptions in a special way. The C library function passes a unique number corresponding to the system call to the kernel, so kernel can determine the specific system call user is invoking. After executing the kernel command the operating system trap is released and the system returns to user mode.
    [Show full text]