Modern databases use journaling, such as redo-logs, to allow reconstruction of a logical data set to a particular point in time. Users of file systems and non-Oracle applications are not similarly protected. For example, Journaled File System (JFS) Technology from IBM only has a temporary “intent” log and not a lasting redo log. A virus or worm, such as W32.Nimda.A, may destroy random critical sectors within the operating system and datasets on disk storage without regard to logical objects, for example files and transactions, that immediately invalidate operating system and data set data consistency. An attack results in a system that cannot be rebooted, cannot access a file without corrupting the file, and cannot mount or access the database.
Even a database with a redo log cannot typically repair the damage by backing out a thread of logged transactions because unauthorized sector deletes did not take place as a file/record transaction. In addition, some deletes can be inside the area represented by a file and some can be in other areas of a logical unit (LUN), such as the LUN identification (ID) area. Accordingly, a customer typically has no choice other than to either format the LUN and reload from a logical object backup or retreat to the last full and intact raw copy of the affected disk LUNs. Customers can lose as many as 900,000 of their most recent and thus valuable transactions per LUN for every hour of activity that is not replaceable by on-line or off-line backup. Thus, even the most diligent type of file system customer that replicates a mirror of a disk LUN every hour, can lose nearly a million customer transactions.
Synchronous on-line mirroring does not help, because corrupted portions are faithfully copied to the disk mirror. Journaled databases can only redo newer transactions to an old, unrestored copy of the database if the control file is manually altered, an error-prone and risky operation. Users without journaled databases are completely unprotected and can lose all transactions that occurred after the latest backup. For even the most demanding and affluent of financial services customers, no current solution to the problem is available, at any price.