Select Page

What is Storage Snapshot Technology?

Ransomware Protection with Immutable Snapshots

What is Storage Snapshot Technology?

Storage Snapshot is an effective data protection feature that also supports data mining and data cloning use-cases. Most storage hardware and software vendors offer storage snapshot technology support, as it offers enables mission-critical data recovery and ransomware protection. The data protection feature facilitates zero-impact backups with minimal (or zero) application downtime using automated and frequent/continuous image-based snapshots. This capability helps reduce data recovery times (RTOs and RPOs) as it efficiently and quickly takes backups of large volumes.

While storage snapshots are a great asset, they way it’s integrated in a storage or backup solution varies from vendor-to-vendor. When evaluating the snapshot capabilities of a solution, one should ask the following questions:

  • Are the snapshots immutable (cannot be overwritten, deleted, or edited)?
  • Can the snapshots be scheduled and automated?
  • How frequently can the snapshots be scheduled?
  • Does the system take delta-based snapshots or does it take snapshots of the entire volume each time?
  • In the event of a disaster, how quickly can the snapshots be mounted to recover critical data and restore operations?

The aim of this section is to provide an overview of storage snapshot technology, so that you can choose the right capabilities for your projects.

What is a Snapshot?

A storage snapshot is an image or reference point created at a particular point in time which preserves the “state” of a system, server, or volume. In the event of a disaster (ransomware, human error, natural disaster, etc.), snapshots provide the ability to go back in time and restore the system “state” in turn restoring data and limiting data loss.

Traditionally, snapshots are instantly available to applications involved in data analysis, data protection and data replication. The lifespan of a snapshot varies depending on the application. For instance, when used for data replication, the snapshot is deleted after the data is hydrated on the target site. A good example of this is Veeam’s native replication feature.

In addition to facilitating data protection and replication, snapshots also efficiently consume storage capacity. As opposed to backup copies or replicas, snapshots are compressed and take-up less space. This implies that they consume less bandwidth and can be quickly transferred over the wire to cloud storage or secondary server(s).

Implementation of Snapshot

The implementation of storage snapshot technology varies from vendor-to-vendor. In this section, we’ll go over the popular techniques used to create and integrate snapshots, and the pros and cons of each.

Copy-on-Write Snapshots

Here’s how the copy-on-write snapshots are created:

  • Before the snapshot is created, the system stores the metadata of the original block.
  • When the system executes a write command to a protected block, it triggers three IOs:
    • The snapshot utility reads the original block before it’s written.
    • A snapshot of the original block is created/written on the reserved snapshot storage.
    • The new data overwrites the original data.

Pro: As copy-on-write snapshots do not create copies of the metadata, they are quicker and nearly-instant.

Con: However, they are performance intensive as each snapshot requires one read and two writes.

What is metadata?

Metadata provides information about the data stored in the disk such as location/address, date of creation, last date of modification, etc.

Redirect-on-Write Snapshots

Redirect-on-write snapshots use pointers to refer to snapshot-protected blocks. Here’s how read-on-write snapshots are created:

  • The system executes write command to make changes to a snapshot-protected block.
  • The snapshot utility redirects the writes to a new block and the relevant pointer is updated.
  • The old data remains in place as a point in time reference of the original block.

Pro: As opposed to copy-on-write, read-on-write snapshots consume less performance resources as each modified block generates a single write IO.

Con: Redirect-on-write snapshots rely on the original block. Additional modifications create new blocks. In the event, a snapshot is deleted, reconciliation between multiple new blocks and the original block becomes complicated.

Split-Mirror Snapshots

Split-mirror snapshots create a complete copy of the original storage volume as opposed to creating snapshots for only the modified blocks. With split-mirror snapshots, you can create snapshots for entire file systems, Logical unit numbers (LUNs) , or object storage volumes.

Pro: Data recovery, duplicating, and archiving are simpler. The entire volume remains available even if the primary/original copy is lost.

Con: As the snapshot utility creates snapshots for the entire volume each time, this is a slower process and doubles the required storage space.   

Copy-on-Write with background copy

Copy-on-write with a background copy is a hybrid of copy-on-write and split-mirror snapshots. In this case, the snapshot utility instantly creates snapshots using copy-on-write snapshots. Then, a copy of the snapshot is created at the snapshot storage using a background process.

This storage snapshot combines the benefits of copy-on-write and split-mirror snapshots while minizing the downsides.

Continuous data protection (CDP)

CDP creates frequent snapshots of the original data triggered by set policies. Ideally, CDP snapshots are created in real-time. This implies each time a change is made, the snapshot of the original copy is updated.

Pro: Reduce recovery point objectives (RPOs) to nearly-zero.

Con: Frequent snapshots creation and updates consume performance and bandwidth (if stored over the wire).

Snapshot and Storage Stack

The term storage snapshot refers to the hardware and software components that provide physical storage media to  applications running on the host operating system. Snapshot solutions can be implemented to each individual layer in the storage stack.

Typically, snapshots can be created in software and hardware based layers and can also be categorized as controller based snapshots or host based snapshots.

Usually, controller based snapshots are supervised by hardware vendors and can be integrated into disk arrays. As these snapshots are created at block level, they are not dependent on the operating systems or file systems.

The host based snapshots do not rely on  hardware resources rather they depends on the file system and the volume manager software.

Storage Snapshots in StoneFly Solutions

All StoneFly physical, virtual, and cloud storage, hyperconverged, and backup and disaster recovery solutions come preconfigured with immutable delta-based snapshot features.

Looking to secure your workloads with enterprise solutions that offer storage snapshots? Start a conversation in the live chat or contact us to discuss your projects.

Zero Trust: Enterprise Security for Ransomware Protection

Zero Trust: Enterprise Security for Ransomware Protection

Zero Trust is a fundamental shift in cybersecurity, challenging conventional notions of trust within organizational networks. As ransomware attacks and cyber threats evolve in complexity and scope, the Zero Trust model emerges as a critical strategy to ensure...

Malvertising: The Dark Side of Online Advertising

Malvertising: The Dark Side of Online Advertising

Malvertising—once a shadowy threat lurking on the fringes of cybersecurity discourse—has emerged as a formidable adversary, directly targeting enterprises in the digital arena. As businesses increasingly rely on online advertising to connect with their audience,...

Conti Ransomware: In-Depth Technical Breakdown

Conti Ransomware: In-Depth Technical Breakdown

Conti ransomware has earned notoriety, notably for its involvement in the Costa Rican government hack. Operating as a ransomware-as-a-service (RaaS) group, Conti specializes in infiltrating networks, encrypting crucial data, and extorting exorbitant sums of money. In...

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply chain attacks have emerged as a formidable threat vector in the landscape of cybercrime, posing significant risks to enterprises of all sizes and industries. Among the various tactics employed by threat actors, ransomware attacks leveraging supply chain...

How to Set Up S3 Object Storage for Veeam Data Platform

How to Set Up S3 Object Storage for Veeam Data Platform

Veeam v12 introduced Direct-to-Object storage, enabling S3 object storage as the primary backup repository. Prior to this, S3 object storage integration relied on Veeam's Scale-Out Backup Repository (SOBR), using a performance tier and a capacity tier, which extended...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email