Microsoft’s End of Support of Windows Server 2003 later this year has been much publicised. However for many organisations the true meaning of the tasks at-hand and the decisions to be made are not yet fully understood. For those who migrate away from Windows 2003 the planning and execution cycles will be long and complex. Through backup and recovery Symantec helps to mitigate the risk associated with migration and supports the decision to move forward, whatever the outcome.
Q: So what is the risk associated with the Windows Server 2003 End of Support Life?
A: There are two main aspects to the risk as organisations look at options for the future. Firstly and immediately, the removal of access to Microsoft support and the end of product hotfixes and security patches will leave some feeling uneasy. As we have seen in the past, platforms reaching this point can become targets for attack. Ensuring that the data hosted on legacy systems is protected is paramount – data is the number one priority. The second aspect is related to the migration itself. The ability to protect that critical data before, during and after migration is critical both for historical purposes but also to protect against the risk of failure during the migration itself.
Q: Where should organisations start when they think about this migration?
A: Three things should go into the planning cycle to begin with. Firstly, understand specifically where the risk exists in the environment. Secondly, manage the risk with a multi-tier long-term plan. The risks and outcomes are unlikely to be the same across all systems. Plan to ensure that data can be recovered and kept available whatever the outcome and whatever the risk. Backup and recovery are an important consideration early-on to help mitigate the risks before, during and after migration. Whilst the compelling event here is around software, there is also a risk around out-of-maintenance hardware; likely given the length of time since Windows Server 2003 reached end of sale.
Q: What are the likely outcomes that customers will move towards?
A: Four outcomes seem likely. Firstly, for some organisations or perhaps some parts of some infrastructures, the answer will be to do nothing in terms of migration. Custom applications for instance that require Windows 2003 may leave an organisation with no option but to maintain the Windows 2003 platform. In this instance, ensuring those systems are locked-down to prevent unintended code from being run will be important as will tight security and a frequent, regular data protection routine. The second option will be to migrate servers like-for-like. Upgrade the hardware and Windows platform to mitigate the hardware and software risk, particularly with so many Windows Server 2003 licenses being tied to the server hardware. Thirdly, and possibly most likely, migration to virtual will see risk removed with new hardware and new, consolidated operating system platforms which also server to reduce total cost of ownership, but which may leave data protection incomplete. The fourth option sees more and more organisations electing to move data and systems to the cloud. Uptake remains relatively slow, but is being seen as attractive from a cost, complexity, management perspective. Cloud is not without its own complexities and risks however and it is important to bear in mind that data in the cloud is not the only copy of data required. With the second, third and fourth options, being able to protect before, during and after migration is fundamental. Data is priority one.
Q: What characteristics should organisations look for as they think about data protection and recovery?
A: The ability to define and meet Recovery Point and Recovery Time Objectives (RPO and RTO) should be front of mind. A simple-to-use, unified data protection product will help to drive consistent, reliable recoverability before, during and after migration. Breadth of platform and application support allows for protection of all data on Windows 2003 systems with recovery to Windows 2012 systems, whether physical or virtualized. These factors contribute to an organisation’s ability to protect frequently and recover quickly. Unifying data and system protection across physical and virtual can also present opportunities to support change: the ability to transform physical to virtual for testing or recovery purposes as new applications and updated operating systems need to be checked for compatibility and expected performance. Finally, throughout any operation of this magnitude and complexity visibility into and across all data and platforms is key not only in driving immediate recoverability but also to deliver greater granularity for recovery of data and systems with different levels of importance. Whilst all systems should be included in a simple licensing framework the all-encompassing nature of such a framework is important to allow for best use of product features. Not all systems require all features, so flexibility is important, remembering that data is priority one.
Q: So what should I do now in talking to my customers?
A: Three things:
Understand - What systems, applications and data to they have today?
- Where is the risk in their environment?
- What does the migration project lifecycle look like?
Manage - What migration outcome best suits your customer’s need?
- What migration skills and plans can you help them build?
- What is the customer’s timescale relative to risk?
Plan - Data is priority one – make sure it is protected throughout
- Help with a wise choice – protect today, recover tomorrow
- Understand and match characteristics to the right product features
