Select Page

What is Storage Snapshot Technology?

Ransomware Protection with Immutable Snapshots

What is Storage Snapshot Technology?

Storage Snapshot is an effective data protection feature that also supports data mining and data cloning use-cases. Most storage hardware and software vendors offer storage snapshot technology support, as it offers enables mission-critical data recovery and ransomware protection. The data protection feature facilitates zero-impact backups with minimal (or zero) application downtime using automated and frequent/continuous image-based snapshots. This capability helps reduce data recovery times (RTOs and RPOs) as it efficiently and quickly takes backups of large volumes.

While storage snapshots are a great asset, they way it’s integrated in a storage or backup solution varies from vendor-to-vendor. When evaluating the snapshot capabilities of a solution, one should ask the following questions:

  • Are the snapshots immutable (cannot be overwritten, deleted, or edited)?
  • Can the snapshots be scheduled and automated?
  • How frequently can the snapshots be scheduled?
  • Does the system take delta-based snapshots or does it take snapshots of the entire volume each time?
  • In the event of a disaster, how quickly can the snapshots be mounted to recover critical data and restore operations?

The aim of this section is to provide an overview of storage snapshot technology, so that you can choose the right capabilities for your projects.

What is a Snapshot?

A storage snapshot is an image or reference point created at a particular point in time which preserves the “state” of a system, server, or volume. In the event of a disaster (ransomware, human error, natural disaster, etc.), snapshots provide the ability to go back in time and restore the system “state” in turn restoring data and limiting data loss.

Traditionally, snapshots are instantly available to applications involved in data analysis, data protection and data replication. The lifespan of a snapshot varies depending on the application. For instance, when used for data replication, the snapshot is deleted after the data is hydrated on the target site. A good example of this is Veeam’s native replication feature.

In addition to facilitating data protection and replication, snapshots also efficiently consume storage capacity. As opposed to backup copies or replicas, snapshots are compressed and take-up less space. This implies that they consume less bandwidth and can be quickly transferred over the wire to cloud storage or secondary server(s).

Implementation of Snapshot

The implementation of storage snapshot technology varies from vendor-to-vendor. In this section, we’ll go over the popular techniques used to create and integrate snapshots, and the pros and cons of each.

Copy-on-Write Snapshots

Here’s how the copy-on-write snapshots are created:

  • Before the snapshot is created, the system stores the metadata of the original block.
  • When the system executes a write command to a protected block, it triggers three IOs:
    • The snapshot utility reads the original block before it’s written.
    • A snapshot of the original block is created/written on the reserved snapshot storage.
    • The new data overwrites the original data.

Pro: As copy-on-write snapshots do not create copies of the metadata, they are quicker and nearly-instant.

Con: However, they are performance intensive as each snapshot requires one read and two writes.

What is metadata?

Metadata provides information about the data stored in the disk such as location/address, date of creation, last date of modification, etc.

Redirect-on-Write Snapshots

Redirect-on-write snapshots use pointers to refer to snapshot-protected blocks. Here’s how read-on-write snapshots are created:

  • The system executes write command to make changes to a snapshot-protected block.
  • The snapshot utility redirects the writes to a new block and the relevant pointer is updated.
  • The old data remains in place as a point in time reference of the original block.

Pro: As opposed to copy-on-write, read-on-write snapshots consume less performance resources as each modified block generates a single write IO.

Con: Redirect-on-write snapshots rely on the original block. Additional modifications create new blocks. In the event, a snapshot is deleted, reconciliation between multiple new blocks and the original block becomes complicated.

Split-Mirror Snapshots

Split-mirror snapshots create a complete copy of the original storage volume as opposed to creating snapshots for only the modified blocks. With split-mirror snapshots, you can create snapshots for entire file systems, Logical unit numbers (LUNs) , or object storage volumes.

Pro: Data recovery, duplicating, and archiving are simpler. The entire volume remains available even if the primary/original copy is lost.

Con: As the snapshot utility creates snapshots for the entire volume each time, this is a slower process and doubles the required storage space.   

Copy-on-Write with background copy

Copy-on-write with a background copy is a hybrid of copy-on-write and split-mirror snapshots. In this case, the snapshot utility instantly creates snapshots using copy-on-write snapshots. Then, a copy of the snapshot is created at the snapshot storage using a background process.

This storage snapshot combines the benefits of copy-on-write and split-mirror snapshots while minizing the downsides.

Continuous data protection (CDP)

CDP creates frequent snapshots of the original data triggered by set policies. Ideally, CDP snapshots are created in real-time. This implies each time a change is made, the snapshot of the original copy is updated.

Pro: Reduce recovery point objectives (RPOs) to nearly-zero.

Con: Frequent snapshots creation and updates consume performance and bandwidth (if stored over the wire).

Snapshot and Storage Stack

The term storage snapshot refers to the hardware and software components that provide physical storage media to  applications running on the host operating system. Snapshot solutions can be implemented to each individual layer in the storage stack.

Typically, snapshots can be created in software and hardware based layers and can also be categorized as controller based snapshots or host based snapshots.

Usually, controller based snapshots are supervised by hardware vendors and can be integrated into disk arrays. As these snapshots are created at block level, they are not dependent on the operating systems or file systems.

The host based snapshots do not rely on  hardware resources rather they depends on the file system and the volume manager software.

Storage Snapshots in StoneFly Solutions

All StoneFly physical, virtual, and cloud storage, hyperconverged, and backup and disaster recovery solutions come preconfigured with immutable delta-based snapshot features.

Looking to secure your workloads with enterprise solutions that offer storage snapshots? Start a conversation in the live chat or contact us to discuss your projects.

The Spear Phishing Survival Guide

The Spear Phishing Survival Guide

Spear phishing stands as the favored gateway for ransomware delivery and infiltrating corporate networks. Shockingly, 36% of data breaches in 2022 involved phishing, with 25% utilizing email as the ransomware attack vector. Guarding against cyber threats and...

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

In a digitally transformed landscape fraught with ever-evolving cyber threats, the acronyms EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), MDR (Managed Detection and Response), and NDR (Network Detection and Response) have become...

Trigona Ransomware: What is it and How to Defend Against it

Trigona Ransomware: What is it and How to Defend Against it

In an ever-evolving digital landscape, the specter of ransomware looms large, and Trigona stands as a significant player in the realm of cyber threats. This blog delves into the multifaceted world of Trigona ransomware, unraveling its origins, unique characteristics,...

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

In the constantly evolving arena of cybersecurity, the digital landscape is fraught with adversaries lurking in the shadows, ready to exploit vulnerabilities and disrupt the operations of organizations. Among these threats, LockBit ransomware has emerged as a...

What Defending Against Ransomware-as-a-Service (RaaS) Entails

What Defending Against Ransomware-as-a-Service (RaaS) Entails

Ransomware has evolved, becoming a thriving business model for cybercriminals. Ransomware-as-a-Service (RaaS) exemplifies this transformation—a lethal alliance between the creators and distributors of ransomware. It’s no longer a threat relegated to tech...

You May Also Like

WordPress PopUp Plugin

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email