Monday, January 22, 2018

Diferenciar RPO de RTO - restauración en caso de desastres

Cuando hablamos de asegurar la disponibilidad o availability de un servicio, siempre hablamos de cuáles son las redundancias, cuál es el plan recuperación de desastres (Disaster Recovery Plan), y aparecen un par de conceptos que a veces se confunden: RPO y RTO. Hoy vamos a tratar de explicar su significado...

¿Cuál es la diferencia entre RPO y RTO?

Según el artículo de Understanding RPO and RTO:

RPO: Recovery Point Objective

Recovery Point Objective (RPO) describes the interval of time that might pass during a disruption before the quantity of data lost during that period exceeds the Business Continuity Plan’s maximum allowable threshold or “tolerance.”

Example: If the last available good copy of data upon an outage is from 18 hours ago, and the RPO for this business is 20 hours then we are still within the parameters of the Business Continuity Plan’s RPO. In other words it the answers the question – “Up to what point in time could the Business Process’s recovery proceed tolerably given the volume of data lost during that interval?”

RTO: Recovery Time Objective

The Recovery Time Objective (RTO) is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in continuity. In other words, the RTO is the answer to the question: “How much time did it take to recover after notification of business process disruption?“

RPO designates the variable amount of data that will be lost or will have to be re-entered during network downtime. RTO designates the amount of “real time” that can pass before the disruption begins to seriously and unacceptably impede the flow of normal business operations.

Según Wikipedia el Tiempo objetivo de recuperación o RTO es el tiempo definido dentro del nivel de servicio en el que un proceso de negocio debe ser recuperado después de un desastre o pérdida para así evitar consecuencias debido a la ruptura de continuidad de servicio. Puede incluir el tiempo requerido para resolver el problema sin la recuperación, la recuperación en si misma, pruebas y la comunicación con los usuarios.

Mientras que en Wikipedia también podemos encontrar la definición para Recovery Point objective or RPO is defined by business continuity planning. It is the maximum targeted period in which data might be lost from an IT service due to a major incident. The RPO gives systems designers a limit to work to. For instance, if the RPO is set to four hours, then in practice, off-site mirrored backups must be continuously maintained – a daily off-site backup on tape will not suffice. Care must be taken to avoid two common mistakes around the use and definition of RPO. Firstly, business continuity staff use business impact analysis to determine RPO for each service – RPO is not determined by the existent backup regime. Secondly, when any level of preparation of off-site data is required, rather than at the time the backups are offsited, the period during which data is lost very often starts near the time of the beginning of the work to prepare backups which are eventually offsited.

Para acabar, os dejo con una imagen que a veces vale más que mil palabras:

No comments: