IT Policy- System Database Backup Procedures and Guidelines

Tata Power Co. Ltd.

IT Policy- System Database Backup Procedures and Guidelines

System Backup Policy and Procedures Guidelines

Tata Power Company. Ltd.

Rev. 0.

October 2005

Corporate Information Technology

Approval History

Rev. 0October, 2005.

Signature
Created By / SHA/FKT/CPS / October, 2005
Checked By / E. R. Batliwala / October, 2005
Approved By / VP

SAP System Database Backup Policy and Procedures Guidelines

1Systems Requiring backup

Production Landscape consists of Production Server, Quality Assurance Server and Development server.

At Present, size of Production Server Database is about 150 GB, Quality Assurance is about 146 GB, and Development around 100 GB.

2Backup Equipment and Facilities

The following backup facilities are available for SAP Systems:

At Dharavi, for Production and Quality Servers:

The MSL 6000 Tape Library.

At Carnac, for Development Server:

The local SDLT tape drive (110/220 GB capacity)

3Backup Schedule

Backup of Production Server shall consist of following levels:

1. Production and Quality Assurance Server are in cluster. If Production instance fails, Quality takes over as the primary instance.
2. Dev/DR Server at Carnac is to be kept in sync with Production Server and thus serves as the DR server.
3. Database and Redo Log backups of Production System are to be taken daily. Details are as below:

Database Backup cycle of Production Server shall be of 3 weeks. Online Database backup with redo logs is to be taken at 1 AM at night from Tuesday to Saturday. Also a second copy of Offline Redo Logs is to be taken every day in the morning. Offline Database backup with verification is to be taken at 1 am every Monday.

Backup Cartridges are required to be sent to remote site storage at Carnac for storage in fire Proof safe twice every week.

1. Backup of Quality and Development Servers: Online Database Backup of Quality Server and Development Servers are to be taken once every week

Exchange System Backup Policy and Procedures Guidelines

1. Systems Requiring backup

Exchange- Exchange 2000 database consisting of totally 10 data base files.

(Carnac-bh.edb, Carnac-bh.stm, Hydro.edb, Hydro.stm, priv1.edb, priv1.stm, t&d.edb, t&d.stm, vsat.edb, esat.stm, gold.edb, gold.stm, infotech.edb, infotec.stm, others.edb, others.stm, public-folders.edb, public-folders.stm, trombay.edb, trombay.stm) of the size 33 GB all put together.

Backup of the following server are taken in backup folder of “Anant” server

• Proxy-Configuration of ISA Server 2000.
• Proxy-Configuration of ISA Server 2004.
• Firewall- fwrules.
• Incoming mails- aliases
• Cisco and network device configuration.
• Domain controller
• Netscreen VPN

1. Backup Equipment and Facilities

The following backup facilities are available for Exchange and backup folder in Anant Server which will have the backup of above mentioned servers.

• The MSL 6000 Tape Library (Data Protector).
• HP Ultrium 200GB Data Cartridge

1. Backup Schedule

Exchange: Data Protector Auto Tape Library (MSL 6000) dual backup scheduled from Mon- Sat at 11:00 PM in the night. Register entry to be made in the backup log register entering the tape number, date, and operators’ name into the register, The success or failure of the backup should be recorded and ensure that the tapes are in good condition. The tapes are kept in the fire proof safe. After the backup is over the date of the last backup should be entered on the cover of the tape.If the write cycles have exceeded the limit of the maximum permissible limit, the tape is to be replaced with a new tape. If a change in tapes is to be done, use a fresh tape from Facility Management storage area in Ground Floor. New tape entry to be made in the register and the new tape to be used for backup. The old tapes are required to be marked for end of life and to be preserved for at least 60 days in the FM group safe keeping office at the designated location for old tapes.

The work tapes are now to be loaded into the tape library holder.Total two backup copies are to be taken one to be kept in the safe and one in the remote site.The DR site Second copy tape is put in Server room in a lockable briefcase to be kept atthe DR site twice a week under lock and key.

The files pertaining to Proxy and firewall are also stored in the Anant server and the above process will also back up the data for the other systems mentioned above.

In case a tape encounters an error, the tape shall be marked with the type of error encountered, date and the operator’s name. In such a condition, a new tape shall be used to replace the defective tape, and the original backup process resumed after the procedure for deploying new tapes into backup sequence.

The verify switch should be set ON to ensure the integrity of backups taken.

4Exchange database restoration test

The exchange database that is backed up on the tape will be recovered at least once in three months to verify that the exchange backup procedure is working. For this two PC based servers will be used with all the required exchange software and recovery will be tested in a lab setup with no interconnection to the production environment and a record made after restoration. The restore operation will be done for the last backup taken.

Web based Systems Backup Policy and Procedures Guidelines

1. Systems Requiring backup

Web based applications database consisting of totally 60 data base files covering 26 applications and 57 users (database users). The list of applications and users is as below.

Backup of Production server and Development server is required to be done for Windows server and Linux server.

1. Backup Equipment and Facilities

The following backup facilities are available for Web based applications at Dharavi:

• ANANT (NAS) for disk based backup
• The MSL 6000 Tape Library.
• HP Ultrium 200GB Data Cartridge

1. Backup Schedule

Backup of Database and source code is taken at a predefined frequency. It is done in two phases.

Phase I

Disk based backup from Web application servers (namely Webappln, Webdb, Linuxdev and Windev) to NAS (ANANT). All the disk based backups are done through scripts which are executed through scheduler in server.

Database :

Following types of backup are taken

Archive Log

Database is configured in archive mode. This generates archive logs when redo logs are full. These archive logs are transferred to ANANT and stored in respective day’s directory.

The cycle of storing archive files are 7 days on ANANT and 12 days on Cartridges.

Export dump :

Export dump at user level is taken for all the users defined in Production database and transferred to local directory. Copy of the same is transferred to ANANT for disk based backup. The dump files are stored in application owner wise directory in local drive. Access to these directories has been provided to each application owner for downloading / uploading export dump. Export backups are taken twice a day scheduled at 0430 hrs and 1900 hrs. The morning export dumps are transferred to ANANT and stored day wise.

The cycle of storing these export dumps in local server is 1 day, in NAS is for 7 days and in cartridges is for 12 days.

Hot Physical Backup

Hot Physical backup of database is taken daily through script at 0530 hrs into the ANANT.

The cycle of storing these hot physical backup is 6 days (excl Saturday because of cold backup) in ANANT and 12 days in cartridges.

Cold Physical Backup

Cold Physical backup of database is taken once a week on Saturday through script at 0700 hrs into the ANANT.

The cycle of storing these cold physical backup is 1 day per week in ANANT and 6 days (1.5 month cycle) in cartridges.

Source Code (Production)

Backup of source code is taken once a week on Saturday through script at 0700 hrs into the ANANT.

The cycle of storing these Source code backup is 1 day per week in ANANT and 6 days (1.5 month cycle) in cartridges.

WEbdb (Linux)

Backup of source code and data is taken everyday on Webdev server under individual week days and FTPed to Anant in respective day’s folder.

The cycle of storing these source and file backup is 6 days in ANANT and 12 days in cartridges

Weekly cycle of data backup one day per week (Saturday) on ANANT and 6 days in cartridges.

Development Servers

Development servers follow sequence same as production and sends data on ANANT.

Phase II

Backup of data transferred on ANANT remains in directories created day wise. The entire backup namely Archive, export, hot, physical and source code are stored in respective day’s directory. Based on the schedule prepared these daily files are transferred into cartridges. As the total size of these files is much less compared to size of the cartridges, all these are stored in single cartridge only. With the help of Data Protector, data is saved onto cartridges.

General Media Handling, Storage and Security Guidelines

1. Backup Media Safe Keeping and Storage

The backup safe keeping designated areas are the Administrator’s seating place in Dharavi which is a lockable safe. The keys of this locker are to be kept with FM project manager.

1. Backup Security

The security of the tapes is to be ensured by means of transporting the tapes in lockable briefcase to the remote site. The storage security of the tapes shall be ensured by means of lockable steel/fireproof cupboards at the designated storage location areas.

1. Purchase of Media- Quality Assurance, Testing, and Certification

All media shall be purchased through reliable suppliers and made by reputed brands such as Fujitsu, Sony, HP, etc. The media shall be checked for any apparent physical damages. A test backup will be taken with verify switch on to check the integrity of the media before first use. A serial number will be assigned to the media which pass the media verification test. This number shall be entered into the register and clearly marked on the tape with date of first usage.

New Tapes shall be ordered as soon as the number of spare tapes falls below the reorder level i.e. 2~4.

1. Discarding the Media

All media at the end-of-life will be subject to discarding after a cycle of 30 usages (30 weeks) or with an upper limit as specified by the particular vendor. However the media on “end of life” shall be preserved for a period of at least 60 days before it is sent for erasure and destruction facility. The System Administrator shall ensure that the tapes are fully erased either by overwriting the tapes with blank data, before the tapes are sent for the destruction if the tape is still writeable. If a tape is known to be faulty, no attempt should be made to erase it by putting into the tape library in order to avoid possible damage to the tape mechanism. An entry in the log book shall be made recording the tape serial number, number of write cycles, and the reason for discarding the tape (physical damage, errors, or end of life)

1. Backup Responsibilities- Operation

The FM group shall perform the backup on a day to day basis. After the backup has been taken automatically by the data protector at previous night, the FM engineer shall check the log for success of the backup. If there is any backup failure, then the reason shall be investigated and resolved. The successful backup shall be kept at appropriate designated storage area after removing the tapes from the backup device.However in the event of any emergency situation wherein the regular FM engineer is not available, the System Administrator shall follow the above backup procedure.

1. Records, Logs Maintenance

A register shall be maintained at Dharavi for recording the backup logs. The register will have the details of the tapes being used for the backup and the tape number to be used for the day. It will record the success and failure of the tape number for the tapes used the previous night. It will record which tape is present at the remote site. If there was any failure of the backup during the last backup operation, the type of error and action taken shall be clearly be mentioned.

1. Transport procedure

A register shall be maintained at Dharavi for keeping the records of Offsite movement of Backup Tapes. The register will have the details of the Tapes which are sent offsite (Carnac) and received from offsite.

While the tapes are sent to offsite two copies of forms shallalso be sent which will have the information about the tapes which are going to Carnac and coming from Carnac.Verification of the form is to be done by the offsite backup supervisor, after examining the tapes the supervisor shall give one form back along with the tapes which is mentioned in the form.

For sending Tapes to Offsite storage facility, a proper gatepass shall be prepared duly signed and authorized by FM Engineer,FM Manager & TPC IT Manager respectively.

1. Disposal of Media

The table below describes the disposal method for various media types having high sensitivity:

S.N. / Media / Treatment / Comment
1. / Tapes (Faulty or Working) / Open case and cut the reel, or Direct Degauss / Safety to be exercise with cutting tools
2. / Floppies (Faulty or Working) / Cut or Direct Degauss / Safety to be exercised with cutting tools
3. / Hard Disks (working) / Full Format / Do not Degauss
4. / Hard Disks (Faulty) / Direct Degauss, Crush
5. / R/W CDROM (working) / Full Erase
6. / R/W, R CDROM / Cut / Safety to be exercised with cutting tools.
7. / Pen Drives, Flash, SDRAM etc / Crush

After the data sanitization exercise is complete, a record will be made in the media register maintained by the data/media owners and certified by the owner and at least one witness.

1