Geographically remote recovery differs from an operational recovery in that it assumes the primary processing environment is no longer operational or no longer accessible. In that situation, the only alternative is to cease processing until the primary environment is available or to move the processing to an alternate location. The following entries/offerings will deal with DISA offerings associated with that remote recovery strategy.
Remote Recovery - Combination 1
Recovery Time Objective (RTO) = 5 Days
Recovery Point Objective (RPO) = 7 Days
This level of continuity provides a secure processing environment with sufficient storage infrastructure in place to allow a remote recovery with an RTO of five days and an RPO of seven days. The RTO timeline is driven by the use of tape-based backups to restore all required backup data to storage capacity pre-positioned at the recovery site. The RPO is driven by the frequency of backups stored off-site from the primary processing facility.
For this level of recovery to be effective, a corresponding hardware and software infrastructure needs to be available and operational at the remote recovery site. This approach is also referred to in some areas as “hot site failover” and is designed to use shared resources at a single site to provide continuity for production requirements.
Because the shared resources are designed to be used by multiple sites running various applications for multiple partners, the resources are installed in a fairly “vanilla” configuration. Upon notification that an outage has occurred, DISA personnel will begin customizing and configuring the infrastructure to accommodate the incoming processing.
Upon the restoration of the primary production facility, the processing will be removed from the remote recovery site and returned to the primary site. At that point, the shared resources will be returned to their default configuration.
Remote Recovery - Combination 2
RTO = 24 Hours
RPO = 24 Hours
This level of continuity provides a secure processing environment with sufficient storage infrastructure in place to allow a remote recovery with an RTO and an RPO of 24 hours. The timeline is driven by the use of data backups stored at the remote recovery site in combination with dedicated and pre-configured server resources available there. For this option to be effective, it requires the partner to select not only the appropriate storage option, but also the appropriate remote dedicated processor offering. By having dedicated and pre-configured equipment in place, the required RTO and RPO targets are achievable.
Remote Recovery - Combination 3
RTO = 8 Hours
RPO = 8 Hours
This level of continuity provides a secure processing environment with sufficient storage infrastructure in place to allow a remote recovery with an RTO and an RPO of eight hours. The timeline is driven by the use of data backups that are taken more frequently and stored in an online status at the remote recovery site in combination with dedicated and pre-configured server resources available there. For this option to be effective, it requires the partner to select not only the appropriate storage option but also the appropriate remote dedicated processor offering. By having dedicated and preconfigured equipment in place, the required RTO and RPO targets are achievable.
Remote Recovery - Combination 4
RTO = 30 Minutes
RPO = 1 Second
This level of continuity provides a secure processing environment with sufficient storage infrastructure in place to allow a remote recovery with an RTO of 30 minutes and an RPO of less than one second. The timeline is driven by the use of data replication to create near-instantaneous backups stored in an online status at the remote recovery site. This approach, in combination with dedicated, pre-configured and operational server resources, can provide assurance of minimal processing interruption with virtually no data loss.
For this option to be effective, it requires the partner to select the appropriate storage option and an infrastructure to be resident at the recovery site that can be brought online in less than 30 minutes. Any hardware solution for recovery requirements this stringent will be developed as a customized solution.
RTO = 30 minutes
RPO = 1 second
Customized Fail-Over
It is possible that mission requirements for a particular application, or suite of applications, are not adequately addressed by any of the standard Remote Recovery Combinations defined above. For example, it may be that a workload balanced production environment is in place and the desired Continuity of Operations (COOP) solution is to have the environment sized and configured to absorb the loss of one or more elements of the environment. Assuming that the sites are geographically separate, that would be a feasible solution. If the partner does determine that a fail-over solution is desired and that the pre-defined approaches are not adequate or preferred, then a customized fail-over solution can be developed and implemented. Any solution of this type must be identified within the relevant SLA and supporting documentation must be appended to or referenced within that SLA.
Test and Development (T&D) Solutions
This approach is used in some instances where DISA provides and supports both a production environment and an associated T&D environment for a specific application. For this approach to be a valid solution the two environments MUST be in geographically separate locations and the T&D environment must be appropriately sized to serve as a COOP solution for the production site. Any solution of this type must be identified within the relevant SLA and supporting documentation must be appended to or referenced within that SLA.