US9270793B2 - Enhanced data protection for message volumes - Google Patents
Enhanced data protection for message volumes Download PDFInfo
- Publication number
- US9270793B2 US9270793B2 US13/526,993 US201213526993A US9270793B2 US 9270793 B2 US9270793 B2 US 9270793B2 US 201213526993 A US201213526993 A US 201213526993A US 9270793 B2 US9270793 B2 US 9270793B2
- Authority
- US
- United States
- Prior art keywords
- message
- level
- protection
- instances
- volume
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/40—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2113—Multi-level security, e.g. mandatory access control
Definitions
- aspects of the disclosure are related to computing and communications, and in particular to protecting data in message services.
- Message services are increasingly depended upon by users to handle their vital communications, such as email, telephony, and video communications.
- Many different data protection solutions are employed to protect data in message environments, including data replication solutions.
- Data replication typically involves creating copies of data volumes and updating the copies as modifications are made to the source data volumes.
- active databases in email systems can be replicated to redundant, passive databases.
- Data protection solutions can be monitored to ensure that they are operating properly.
- alerts are generated when systems or process failures place data at risk.
- a computing system that hosts a message database in an email system may generate an alert upon the failure of physical or logical elements within the system, such as failed memory, stalled processes, or the like.
- Personnel can then be dispatched or automated repair solutions initiated to fix or compensate for the failure.
- the failure of an element within a data protection solution prevents the element from reporting its failed state to a monitoring system.
- a failure may trigger an alert that is treated with substantial urgency even though the data is well protected by sufficient redundancy in the data protection solution. In either case, the effectiveness of the data protection is inhibited. In the first case, the failure may reduce redundancy, while in the second case the urgency required by the alert may waste resources and eventually erode the urgency given to future alerts.
- instances of a message volume are hosted by message systems.
- Each message system exchanges condition information with the other message systems indicative of the health of the volume instance hosted by the message system.
- Each message system determines independently from the other message systems whether or not the message volume is sufficiently protected. In the event that the message volume is insufficiently protected, a protection action can be initiated.
- FIG. 1 illustrates a data protection environment in an implementation.
- FIG. 2 illustrates an enhanced protection process in an implementation.
- FIG. 3 illustrates a message system in an implementation.
- FIG. 4 illustrates a data protection environment in an implementation.
- FIG. 5 illustrates an enhanced protection process in an implementation.
- FIG. 6 illustrates several views of a decision matrix and several views of a graph describing the relationship between latency and risk of data loss and the relationship between redundancy and risk of data loss in an implementation.
- FIG. 7 illustrates a message system in an implementation.
- FIG. 8 illustrates a message system in an implementation.
- Implementations described herein provide for enhanced data protection of message volumes.
- message systems that host message volumes exchange condition information with each other indicative of the health of their respective message volumes.
- Each individual message system can then determine independent from the other message systems the level of protection provided by the message volumes. Should the level of protection be considered insufficient, protective actions can commence, such as alerting personnel, initiating repair processes, or otherwise taking steps to provide sufficient data protection.
- the enhanced data protection is imbedded in or integrated with a replication process that is employed by each message server.
- the replication process may replicate a source volume to each message server, or may replicate a source volume hosted by the message server to other volumes.
- enhanced data protection is provided by way of intercommunication between the various message servers to independently assess how sufficiently or insufficiently a message volume may be protected.
- duplicate alerts or other warnings may be generated in the event of an element failure or other similar impairment. While duplicate alerts may not be optimal, the risk of providing no alert at all is reduced. This may be especially helpful in the event that a failure prevents a message system from providing any alert at all.
- the message system can be assumed to have failed by other message system should the message system be unable to communicate health information, status, alerts, or other relevant information to the other message systems. The other message systems can then alert a monitoring system to the failure.
- the parameters by which the health of a message volume, or indeed the health of a protection solution overall, is measured may be user-definable, dependent upon business considerations, or otherwise configurable on a per-implementation basis.
- the enhanced data protection can be configured such that various health factors are balanced in accordance with any number of considerations. For example, redundancy and latency thresholds may be configured differently on a per-customer, region, data center, or application basis, as well as any combination of variation thereof.
- the specific architecture employed and the specific goals of a data protection solution can impact how parameters are set, and thus how enhanced data protection is implemented.
- FIGS. 1-3 illustrate one implementation of enhanced data protection.
- FIG. 1 illustrates a data protection environment in which an enhanced data protection process illustrated in FIG. 2 may be employed.
- FIG. 3 illustrates an exemplary computing system for implementing the data protection process.
- message replication environment 100 includes message system 101 , message system 103 , and message system 105 .
- Message system 101 hosts message volume 111
- message system 103 hosts message volume 113
- message system 105 hosts message volume 115 .
- Message replication environment 100 may include additional message systems or volumes and is not limited merely to those described herein.
- Message systems 101 , 103 , and 105 are each representative of any system or collection of systems capable of hosting a message volume or volumes, exchanging condition information with other message systems, and performing an enhanced protection process to provide enhanced data protection for the message volume.
- Message systems 101 , 103 , and 105 may each be capable of performing other processes and functions and should not be limited to just those capabilities described herein. It should be understood that message systems 101 , 103 , and 105 may perform similar functions as one another, or may perform different functions relative to one another.
- Message system 300 described in more detail below with respect to FIG. 3 , is an example of a computer system suitable for implementing message systems 101 , 103 , and 105 .
- Message volumes 111 , 113 , and 115 are each representative of any data volume capable of having messages stored therein.
- message volumes 111 , 113 , and 115 may each be representative of any data volume capable of being written to with message data and capable of having message data read therefrom.
- Messages volumes 111 , 113 , and 115 may be stored on storage systems, an example of which is provided by storage system 303 below with respect to FIG. 3 .
- Message volumes 111 , 113 , and 115 are each an instance of a message volume for which data protection is employed.
- message volumes 111 , 113 , and 115 may be copies or replicas of a source data volume (not shown) made for purposes of data protection.
- any of message volumes 111 , 113 , and 115 may itself be the source data volume from which copies are derived for purposes of data protection.
- message volumes 111 , 113 , and 115 are each instances of a message volume, they may vary from one another in some respects. For example, one or another message volume may be more current than the other message volumes, may have a different format than the other message volumes, or may vary in other ways.
- each message system in message replication environment 100 may implement enhanced protection process 200 .
- message systems 101 , 103 , and 105 each receive condition information from each other message system indicative of the health of the message volume hosted by the message system (step 201 ).
- message system 101 provides condition information related to the health of message volume 111 to message systems 103 and 105 ;
- message system 105 provides condition information related to the health of message volume 113 to message systems 101 and 105 ;
- message system 105 provides condition information on the health of message volume 115 to message systems 101 and 103 .
- condition information may itself me considered condition information.
- message system 105 should message system 105 fail to provide condition information to either or both of message systems 101 and 103 , then message systems 101 and 103 may interpret that lack of condition information as indicative of the failure of or otherwise unhealthy state of message system 105 or message volume 115 .
- Each message system in message replication environment 100 can then determine independently from the other message systems whether or not the message volume, of which message volumes 111 , 113 , and 115 are instances, is sufficiently protected (step 203 ). This determination may be made based on the condition information provided by the other message systems and protection criteria against which the condition information may be analyzed. However, the determination may also be made based on the health of the message volume hosted by each respective message system.
- message system 101 would determine the sufficiency of the data protection based on the condition information provided by message systems 103 and 105 , but also based on the health of message volume 111 .
- message system 103 would determine the sufficiency of the data protection based on the condition information provided by message systems 101 and 105 , but also based on the health of message volume 113 .
- message system 105 would determine the sufficiency of the data protection based on the condition information provided by message systems 101 and 103 , but also based on the health of message volume 115 .
- the sufficiency of the data protection assessed by message systems 101 , 103 , and 105 may be based on a number of factors included in the protection criteria. For example, an actual level of redundancy provided by the message systems may be compared to a threshold level of redundancy. When the actual level of redundancy fails to satisfy the threshold level, the level of data protection may be considered insufficient. Whether or not a particular message volume provides redundancy can be determined from the condition information provided by its associated message system. The health of the message volume, or even the health of the message system, can be considered when determining whether or not the message volume contributes to redundancy. For instance, processing loads placed on the message systems, operating performance of the message system, or actual latency of the message volume relative to the source message volume are aspects or factors considered when assessing redundancy.
- each message system is capable of initiating a protection action in the event that the data protection is determined to be insufficient (step 205 ).
- the protection action include generating an alert indicative of the insufficient state of the data protection or launching a repair process, as well other types of protection actions.
- each message system is capable of independently determining whether or not the message volume is sufficiently protected, situations may be avoided where the failure of a system or sub-system is under-reported or not reported at all.
- each message system independently analyzing the health of the message volumes hosted by the other message systems, a more comprehensive view of the level of protection provided by the message volumes can be determined.
- message system 300 and the associated discussion are intended to provide a brief, general description of a computing system suitable for implementing enhanced protection process 200 .
- Many other configurations of computing devices and software computing systems may be employed to implement enhanced protection process 200 .
- message system 300 may be representative of message systems 101 , 103 , and 105 .
- Message system 300 may be any type of computing system capable of determining if data protection is insufficient and initiating a protection action accordingly, such as a server computer, client computer, internet appliance, or any combination or variation thereof. Indeed, message system 300 may be implemented as a single computing system, but may also be implemented in a distributed manner across multiple computing systems. Message system 300 is provided as an example of a general purpose computing system that, when implementing enhanced protection process 200 , becomes a specialized system capable of supporting enhanced data protection in message services.
- Message system 300 includes processing system 301 , storage system 303 , and software 305 .
- Processing system 301 is communicatively coupled with storage system 303 .
- Storage system 303 stores software 305 which, when executed by processing system 301 , directs message system 300 to operate as described for enhanced protection process 200 .
- processing system 301 may comprise a microprocessor and other circuitry that retrieves and executes software 305 from storage system 303 .
- Processing system 301 may be implemented within a single processing device but may also be distributed across multiple processing devices or sub-systems that cooperate in executing program instructions. Examples of processing system 301 include general purpose central processing units, application specific processors, and logic devices, as well as any other type of processing device.
- Storage system 303 may comprise any storage media readable by processing system 301 and capable of storing software 305 .
- Storage system 303 may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data.
- Storage system 303 may be implemented as a single storage device but may also be implemented across multiple storage devices or sub-systems.
- Storage system 303 may comprise additional elements, such as a controller, capable of communicating with processing system 301 .
- storage media examples include random access memory, read only memory, magnetic disks, optical disks, and flash memory, as well as any combination or variation thereof, or any other type of storage media.
- the storage media may be a non-transitory storage media.
- at least a portion of the storage media may be transitory. It should be understood that in no case is the storage media a propagated signal.
- Software 305 comprises computer program instructions, firmware, or some other form of machine-readable processing instructions having enhanced protection process 200 embodied therein.
- Software 305 may be implemented as a single application but also as multiple applications.
- Software 305 may be a stand-alone application but may also be implemented within other applications distributed on multiple devices.
- software 305 may, when loaded into processing system 301 and executed, transform processing system 301 , and message system 300 overall, from a general-purpose computing system into a special-purpose computing system customized to receive condition information related to the health of instances of a message volume, determine if a level of protection provided for the message volume is sufficient, and initiate a protection action when the protection is insufficient, as described for enhanced protection process 200 and its associated discussion.
- the physical structure of storage system 303 may also be transformed as software 305 is encoded thereon.
- the specific transformation of the physical structure may depend on various factors in different implementations of this description. Examples of such factors may include, but are not limited to: the technology used to implement the storage media of storage system 303 , whether the computer-storage media are characterized as primary or secondary storage, and the like.
- software 305 may transform the physical state of the semiconductor memory when the software is encoded therein.
- Software 305 may transform the state of transistors, capacitors, or other discrete circuit elements constituting the semiconductor memory.
- transformations may be performed in message replication environment 100 .
- any of message systems 101 , 103 , and 105 could be considered transformed from one state to another when triggered to initiate a protection action in response to detecting an insufficient level of protection in message replication environment 100 .
- Message system 300 may have additional devices, features, or functionality.
- Message system 300 may optionally have input devices such as a keyboard, a mouse, a voice input device, or a touch input device, and comparable input devices.
- Output devices such as a display, speakers, printer, and other types of output devices may also be included.
- Message system 300 may also contain communication connections and devices that allow message system 300 to communicate with other devices, such as over a wired or wireless network in a distributed computing and communication environment. These devices are well known in the art and need not be discussed at length here.
- FIGS. 4-8 illustrated is another implementation of enhanced data protection.
- FIG. 4 illustrates a data protection environment in which a data protection process illustrated in FIG. 5 may be employed.
- FIG. 6 illustrates how redundancy and latency information may be utilized for implementing the data protection process of FIG. 5 .
- FIG. 7 and FIG. 8 illustrate variations of an exemplary message system that provides the enhanced data protection.
- data protection environment 400 includes client 401 in communication with message system 411 by way of any of access systems 403 , 405 , and 407 .
- client 401 exchanges service communications with message system 411 via access system 405 , although client 401 may be directed to either of access system 403 or access system 407 .
- the service communications are exchanged in order to facilitate the provisioning and delivery of a message service, such as email, to user 402 .
- client 401 may communicate with message system 411 to send and receive email on behalf of user 402 .
- An example of an email service is Microsoft® Exchange.
- Client 401 may communicate with message system 411 over a communication link using any of a variety of messaging protocols, such as Post Office Protocol (POP), Internet Message Access Protocol (IMAP), Outlook® Web App (OWA), Exchange Control Panel (ECP), or ActiveSync, to provide user 402 with access to messages and messaging functionality.
- the communication link may be any link or collection of links capable of carrying or otherwise facilitating communication between client 401 and message system 411 , including physical links, logical links, or any combination or variation thereof.
- message system 411 hosts active volume 412 .
- Messages associated with user 402 , as well as other users, are written to and retrieved from active volume 412 .
- active volume 412 is replicated by to passive volumes 414 , 416 , and 418 , hosted by message systems 413 , 415 , and 417 respectively. This may be accomplished by way of a replication service well known in the art that need not be discussed at length here.
- Message systems 411 , 413 , 415 , and 417 are each representative of any system or collection of systems capable of hosting a message volume or volumes, exchanging condition information with other message systems, and performing an enhanced protection process to provide enhanced data protection for the message volume.
- Message systems 411 , 413 , 415 , and 417 may each be capable of performing other processes and functions and should not be limited to just those capabilities described herein. It should be understood that message systems 411 , 413 , 415 , and 417 may perform similar functions as one another, or may perform different functions relative to one another.
- Message system 700 described in more detail below with respect to FIG. 7 , is an example of a computer system suitable for implementing message systems 411 , 413 , 415 , and 417 .
- Active volume 412 and passive volumes 414 , 416 , and 418 are each representative of any data volume capable of having messages stored therein.
- Active volume 412 and passive volumes 414 , 416 , and 418 may each be representative of any data volume capable of being written to with message data and capable of having message data read therefrom.
- Active volume 412 and passive volumes 414 , 416 , and 418 may be stored on storage systems, an example of which is provided by storage system 703 below with respect to FIG. 7 . Examples of such volumes include active email database, passive email databases, and unified messaging databases, as well as any other type of suitable message volume.
- active volume 412 may be designated as the active volume, but at any time one of passive volumes 414 , 416 , and 418 may be designated as the active volume. Active and passive designations may be controlled by availability solutions that track the availability of the components of data protection environment 400 . Should one component be rendered unavailable, a failover can occur to a backup component. For example, in the event that active volume 412 is rendered unavailable, one of passive volumes 414 , 416 , and 418 can be designated as the new active volume. In this example, client 401 would then be directed to communicate with the proper message system of message systems 413 , 415 , and 417 that hosts the newly designated active volume.
- each message system 411 , 413 , 415 , and 415 exchanges health information with each other of the message systems.
- message system 411 provides health information to message systems 413 , 415 , and 417 , while at the same time receiving health information from message systems 413 , 415 , and 417 .
- Each message system 411 , 413 , 415 , and 417 can then determine, independently from the other message systems, if a message volume is sufficiently protected.
- the source message volume is active volume 412 , which is replicated to passive volumes 414 , 416 , and 418 as discussed above.
- each message system 411 , 413 , 415 , and 417 processes the health information to determine if active volume 412 is sufficiently protected.
- receiving no information at all from any other message system can be considered to be representative of a failure of that message system. For instance, should message system 411 fail to receive health information from message system 413 , then message system 411 can consider message volume 414 as unhealthy. Message system 411 can then factor that information into its assessment of how well active volume 412 is protected.
- monitoring system 419 is representative of any logical or physical elements, or combinations thereof, capable of monitoring the performance and health of message systems 411 , 413 , 415 , and 417 . Monitoring system 419 is illustrated as a stand-alone element, but may also be distributed across many different elements.
- monitoring system 419 is capable of taking protective action to resolve an incidence of insufficient data protection. For example, monitoring system 419 may generate and transfer alert messages to responsible personnel indicative of the insufficient state of data protection.
- monitoring system 419 may communicate the insufficient state to other systems, such as an availability system, so that the other systems can take protective action. In the case of an availability system, the availability system may initiate a failover from an element contributing to the insufficient state to a backup element.
- configuration information may be provided to message systems 411 , 413 , 415 , and 417 pertaining to parameters for determining when data protection is sufficient or insufficient.
- actual latency and actual redundancy are at least two factors that may be considered when determining the state of a data protection solution.
- Message systems 411 , 413 , 415 , and 417 may be configured in a number of ways, including by way of client management computers included within monitoring system 419 .
- message systems 411 , 413 , 415 , and 417 may be accessible by way of a web interface from any computer, regardless of the presence of a specific management client. It should be understood that many well-known technologies exist for configuring message systems 411 , 413 , 415 , and 417 that need not be discussed at length here.
- data protection process 500 describes the operation of message systems 411 , 413 , 415 , and 417 .
- each message system may implement data protection process 500 independent of the other message systems when determining the state of the data protection.
- the threshold for triggering an alert may be increased by considering both the health of an instance of a volume and redundancy provided to a subject volume
- by implementing data protection process 500 in each message system a dependence upon just one particular message system is avoided. In other words, fewer alerts may be triggered by each individual message system relative to a data protection process that considers only the health of each instance or redundancy.
- the likelihood that a protection failure goes undetected is reduced since data protection process 500 is widely implemented.
- message system 415 receives health information provided by the other message systems, along with its own health information pertaining to the health of passive volume 416 .
- Message system 415 processes the health information to determine the health of each instance of active volume 412 , possibly including analyzing the health of active volume 412 itself. In other words, message system 415 determines whether or not each of passive volumes 414 , 416 , and 418 is healthy and capable of providing data protection.
- message systems 411 , 413 , 415 , and 417 exchange health information indicative of the respective health of the message volume hosted by each message volume.
- the health information may indicate factors, statistics, or measurements, as well as any other data that provides a view of the health of each respective message volume.
- message system 415 receives health information from message systems 411 , 413 , and 417 indicative of the health of message volumes 412 , 414 , and 418 respectively.
- message system 415 determines for each instance if the data is at risk based on the individual health of each instance. Using latency as an example, should any of passive volumes 414 or 418 exhibit unusually high latency relative to active volume 412 , message system 415 may consider that instance of active volume 412 to be at risk of data loss. Other characteristics may also be considered, such as simple availability. For example, if either of passive volumes 414 and 418 is entirely unavailable, then the data stored thereon would be considered at risk. Similarly, health information indicative of problematic processing characteristics, such as high processor utilization, full disk capacity, or other health-related characteristics may also be considered when assessing whether or not a particular instance of a volume is at risk of data loss.
- the message system 415 In the event that no volume instance is considered at risk of data loss, the message system 415 returns to step 501 to continue analyzing the health of the volume instances. However, should one or more instances be at risk of data loss, then message system 415 proceeds to step 505 to analyze redundancy provided by the message volumes.
- message system 415 analyzes how many copies of active volume 412 are healthy and compares this quantity to threshold amounts specified by configuration parameters. While a volume instance may be considered at risk of data loss, the volume can still be available. Thus, the redundancy analysis provided in step 505 whether or the volume instances are available at a basic level, even if performing at a level that may present some risk of data loss.
- message system 415 determines whether or not data protection environment 400 is in a state of sufficient or insufficient protection. In other words, message system 415 determines whether or not data is at risk due to insufficient redundancy. In the event that a state of insufficient data protection is detected, message system 415 generates and alert that is communicated to monitoring system 419 . Monitoring system 419 can then take appropriate action to remedy the insufficient protection. For example, personnel may be dispatched to fix an element, or automated repair process may be initiated, as well as many other appropriate actions.
- message system 415 may also determine that sufficient redundancy exists such that the risk of data loss presented by some relative unhealthy volumes is acceptable. In this case, message system 415 returns to step 501 and continues analyzing the health of each message volume. In this manner, the frequency of alerts providing to monitoring system from any single message system can be reduced, since both the individual health of each volume instance is analyzed, as well as the overall redundancy provided in the system.
- FIG. 6 illustrates several views 601 , 603 , and 605 of a decision matrix 600 representative of how data risk may be assessed based by message systems 411 , 413 , 415 , and 417 when implementing data protection process 500 .
- decision matrix 600 defines how a message system would view the risk present to data by various combinations of latency and redundancy exhibited in data protection environment 400 .
- FIG. 6 illustrates several views 611 , 613 , and 615 of a graph 610 describing the relationship 621 between latency and data risk and the relationship 623 between redundancy and data risk.
- Graph 610 informs the view of risk defined by decision matrix 600 .
- latency is provided as just one example of how the health of a message volume may be measured or indicated.
- latency information may be included in the health information exchanged between message systems.
- latency may be one factor considered in step 503 when assessing the risk of data loss presented by any given volume instance. It should be understood that other health factors in addition to or substituted for latency may be utilized and are considered within the scope of the present disclosure.
- decision matrix 600 generally, two levels of redundancy are described—high and low. Likewise, two levels of latency are described—high and low. Thus, four combinations of redundancy and latency are considered and their associated risk assessment defined.
- the risk presented by each combination is described by the relationships 621 and 623 between latency, risk, and redundancy illustrated by graph 610 .
- Per relationship 621 as latency increases, so too does the risk of data loss. Conversely, as latency decreases, the risk of data loss also decreases.
- Per relationship 623 as redundancy decreases, the risk of data loss increases. Conversely, as redundancy increases, the risk of data loss decreases.
- decision matrix 600 defines that the data protection provided by data protection environment 400 is insufficient and data is at risk.
- an alert or some other protection action can be taken by the message system, monitoring system 419 , or some other element.
- decision matrix 600 defines that the data protection provided by data protection environment 400 is insufficient and data is at risk.
- an alert or some other protection action can be taken by the message system, monitoring system 419 , or some other element.
- decision matrix 600 defines that the data protection provided by data protection environment 400 is sufficient and data is at not risk. Rather, conditions can be considered normal. This example illustrates that, even though latency exhibited is high, an alert or some other protective action need not be taken since redundancy is also high.
- FIG. 7 illustrates a message system 700 in an implementation.
- Message system 700 is exemplary of message systems 411 , 413 , 415 , and 417 .
- FIG. 8 illustrates an optional configuration involving message system 700 .
- Message system 700 includes processing system 701 , storage system 703 , and software 705 .
- Software 705 includes mailbox server 707 , transport server 709 , and protocol server 711 .
- Mailbox server 707 implements data protection process 500 and replication process 713 .
- transport server 709 and protocol server 711 may be excluded from message system 700 , and perhaps integrated in some other element, such as an access system.
- Message system 700 may be any type of computing system, such as a server computer, internet appliance, or any combination or variation thereof. Message system 700 may be implemented as a single computing system, but may also be implemented in a distributed manner across multiple computing systems.
- Processing system 701 is communicatively coupled with storage system 703 .
- Storage system 703 stores software 705 which, when executed by processing system 701 , directs message system 700 to operate as described for data protection process 500 . It should be understood that message system 700 may also be capable of operating as described for enhanced protection process 200 .
- processing system 701 may comprise a microprocessor and other circuitry that retrieves and executes software 705 from storage system 703 .
- Processing system 701 may be implemented within a single processing device but may also be distributed across multiple processing devices or sub-systems that cooperate in executing program instructions. Examples of processing system 701 include general purpose central processing units, application specific processors, and logic devices, as well as any other type of processing device.
- Storage system 703 may comprise any storage media readable by processing system 701 and capable of storing software 705 .
- Storage system 703 may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data.
- Storage system 703 may be implemented as a single storage device but may also be implemented across multiple storage devices or sub-systems.
- Storage system 703 may comprise additional elements, such as a controller, capable of communicating with processing system 701 .
- storage media examples include random access memory, read only memory, magnetic disks, optical disks, and flash memory, as well as any combination or variation thereof, or any other type of storage media.
- the storage media may be a non-transitory storage media.
- at least a portion of the storage media may be transitory. It should be understood that in no case is the storage media a propagated signal.
- Software 705 comprises computer program instructions, firmware, or some other form of machine-readable processing instructions having data protection process 500 embodied therein.
- Software 705 may be implemented as a single application but also as multiple applications.
- Software 705 may be a stand-alone application but may also be implemented within other applications distributed on multiple devices.
- Message system 700 may have additional devices, features, or functionality.
- Message system 700 may optionally have input devices such as a keyboard, a mouse, a voice input device, or a touch input device, and comparable input devices.
- Output devices such as a display, speakers, printer, and other types of output devices may also be included.
- Message system 700 may also contain communication connections and devices that allow message system 700 to communicate with other devices, such as over a wired or wireless network in a distributed computing and communication environment. These devices are well known in the art and need not be discussed at length here.
Abstract
Description
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/526,993 US9270793B2 (en) | 2012-06-19 | 2012-06-19 | Enhanced data protection for message volumes |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/526,993 US9270793B2 (en) | 2012-06-19 | 2012-06-19 | Enhanced data protection for message volumes |
Publications (2)
Publication Number | Publication Date |
---|---|
US20130340075A1 US20130340075A1 (en) | 2013-12-19 |
US9270793B2 true US9270793B2 (en) | 2016-02-23 |
Family
ID=49757260
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/526,993 Active 2032-11-17 US9270793B2 (en) | 2012-06-19 | 2012-06-19 | Enhanced data protection for message volumes |
Country Status (1)
Country | Link |
---|---|
US (1) | US9270793B2 (en) |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050273653A1 (en) * | 2004-05-19 | 2005-12-08 | Honeywell International Inc. | Single fault tolerance in an architecture with redundant systems |
US20060041660A1 (en) | 2000-02-28 | 2006-02-23 | Microsoft Corporation | Enterprise management system |
US20060056305A1 (en) * | 2004-09-16 | 2006-03-16 | Vladimir Oksman | Adaptive communication systems and methods |
US20080091978A1 (en) * | 2006-10-13 | 2008-04-17 | Stephen Andrew Brodsky | Apparatus, system, and method for database management extensions |
US7487395B2 (en) | 2004-09-09 | 2009-02-03 | Microsoft Corporation | Method, system, and apparatus for creating an architectural model for generating robust and easy to manage data protection applications in a data protection system |
US20090113241A1 (en) * | 2004-09-09 | 2009-04-30 | Microsoft Corporation | Method, system, and apparatus for providing alert synthesis in a data protection system |
US7801912B2 (en) | 2005-12-29 | 2010-09-21 | Amazon Technologies, Inc. | Method and apparatus for a searchable data service |
US20100293112A1 (en) * | 2004-04-30 | 2010-11-18 | Anand Prahlad | Systems and methods for storage modeling and costing |
US20110040983A1 (en) * | 2006-11-09 | 2011-02-17 | Grzymala-Busse Withold J | System and method for providing identity theft security |
US20110099420A1 (en) | 2009-10-26 | 2011-04-28 | Macdonald Mcalister Grant Alexander | Failover and recovery for replicated data instances |
US20110270855A1 (en) | 2010-02-04 | 2011-11-03 | Network State, LLC | State operating system |
US20110295806A1 (en) | 2010-05-28 | 2011-12-01 | Commvault Systems, Inc. | Systems and methods for performing data replication |
-
2012
- 2012-06-19 US US13/526,993 patent/US9270793B2/en active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060041660A1 (en) | 2000-02-28 | 2006-02-23 | Microsoft Corporation | Enterprise management system |
US20100293112A1 (en) * | 2004-04-30 | 2010-11-18 | Anand Prahlad | Systems and methods for storage modeling and costing |
US20050273653A1 (en) * | 2004-05-19 | 2005-12-08 | Honeywell International Inc. | Single fault tolerance in an architecture with redundant systems |
US7487395B2 (en) | 2004-09-09 | 2009-02-03 | Microsoft Corporation | Method, system, and apparatus for creating an architectural model for generating robust and easy to manage data protection applications in a data protection system |
US20090113241A1 (en) * | 2004-09-09 | 2009-04-30 | Microsoft Corporation | Method, system, and apparatus for providing alert synthesis in a data protection system |
US20060056305A1 (en) * | 2004-09-16 | 2006-03-16 | Vladimir Oksman | Adaptive communication systems and methods |
US7801912B2 (en) | 2005-12-29 | 2010-09-21 | Amazon Technologies, Inc. | Method and apparatus for a searchable data service |
US20080091978A1 (en) * | 2006-10-13 | 2008-04-17 | Stephen Andrew Brodsky | Apparatus, system, and method for database management extensions |
US20110040983A1 (en) * | 2006-11-09 | 2011-02-17 | Grzymala-Busse Withold J | System and method for providing identity theft security |
US20110099420A1 (en) | 2009-10-26 | 2011-04-28 | Macdonald Mcalister Grant Alexander | Failover and recovery for replicated data instances |
US20110270855A1 (en) | 2010-02-04 | 2011-11-03 | Network State, LLC | State operating system |
US20110295806A1 (en) | 2010-05-28 | 2011-12-01 | Commvault Systems, Inc. | Systems and methods for performing data replication |
Non-Patent Citations (3)
Title |
---|
Microsoft; "Overview of the Distributed File System Solution in Microsoft Windows Server 2003 R2;" TechNet; Aug. 22, 2005; pp. 1-12; Microsoft; http://technet.microsoft.com/en-us/library/cc787066(WS.10).aspx. |
Microsoft; "Understanding Database Availability Groups;" TechNet; Sep. 26, 2011; pp. 1-9; Microsoft; http://technet.microsoft.com/en-us/library/dd979799.aspx. |
Oracle; "Managing Server Startup and Shutdown;" Dec. 6, 2011; pp. 1-8; Oracle; http://docs.oracle.com/cd/E12840-01/wls/docs103/server-start/failures.html. |
Also Published As
Publication number | Publication date |
---|---|
US20130340075A1 (en) | 2013-12-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20190155677A1 (en) | Proactive failure handling in data processing systems | |
US9367379B1 (en) | Automated self-healing computer system | |
US7426554B2 (en) | System and method for determining availability of an arbitrary network configuration | |
US9917741B2 (en) | Method and system for processing network activity data | |
US8266474B2 (en) | Fast cluster failure detection | |
US9164864B1 (en) | Minimizing false negative and duplicate health monitoring alerts in a dual master shared nothing database appliance | |
US20070168201A1 (en) | Formula for automatic prioritization of the business impact based on a failure on a service in a loosely coupled application | |
US20160342459A1 (en) | Dynamic escalation of service conditions | |
US9626123B2 (en) | Ensuring health and compliance of devices | |
KR20170041715A (en) | Recovering usability of cloud based service from system failure | |
US11663094B2 (en) | Reducing recovery time of an application | |
US20210109735A1 (en) | Networking-device-based hyper-coverged infrastructure edge controller system | |
US10318911B1 (en) | Persistenceless business process management system and method | |
US8489721B1 (en) | Method and apparatus for providing high availabilty to service groups within a datacenter | |
WO2021213171A1 (en) | Server switching method and apparatus, management node and storage medium | |
US20170322832A1 (en) | Enhanced availability for message services | |
US9270793B2 (en) | Enhanced data protection for message volumes | |
JP2009252006A (en) | Log management system and method in computer system | |
US11171851B2 (en) | Group alert in server systems | |
JP2005056347A (en) | Method and program for succeeding server function | |
US20060143502A1 (en) | System and method for managing failures in a redundant memory subsystem | |
WO2014010021A1 (en) | Information processing device, information processing system, method for controlling information processing device, and program for controlling information processing device | |
US11838219B1 (en) | Event subscription for serviceability via bidirectional proxy | |
US8799926B1 (en) | Active node detection in a failover computing environment | |
CN114640572B (en) | Method, device and equipment for processing data disaster tolerance and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: MICROSOFT CORPORATION, WASHINGTON Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KHAN, SHUAB;KOZHEKIN, NIKITA;VENKATESWAR, RAVIKUMAR;AND OTHERS;REEL/FRAME:028402/0673 Effective date: 20120615 |
|
AS | Assignment |
Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034544/0541 Effective date: 20141014 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |