Back to Blog
.png?width=754&height=251&name=Johns%201st%20blog_header%20(1).png)
I have always loved LEGO; it appeals to my technical nature. Some of my earliest memories are of sitting on the floor, surrounded by LEGO blocks, completely absorbed in building something that existed only in my head. What stuck with me wasn’t just the creativity, but the process, the discipline. I learned that skipping steps almost always meant I ended up with something very different from what I intended. The pieces fit, but the result wasn’t right, so I would pull them apart and rebuild them properly. That experience feels very familiar in SQL Server Disaster Recovery. Cutting corners early almost always means rework later, usually at the worst possible time.
When I talk to DBAs and IT managers about SQL Server disaster recovery (DR), I’m still surprised by how many teams are running with poorly implemented solutions, or sometimes no DR at all for truly business-critical databases. That’s risky, and it’s usually fixable. I’ve always been passionate about disaster recovery, and that’s why I’m partnering with Dbvisit as their ambassador to help promote better DR practices.
This post kicks off a new series where I’ll share practical lessons and deep dives into HA/DR technologies for SQL Server. In this post, we’ll start with the core concepts of SQL Server DR, then in upcoming posts we’ll get hands-on with Log Shipping, run through live demos, and look at what really works (and what doesn’t) in the field.
Regardless of whether you are managing a single SQL Server instance or a large enterprise with hundreds of databases or instances, planning for the “what if” scenarios is essential. You need to be prepared; problems will crop up, such as hardware failures, software bugs, malicious actors (hackers), natural disasters, or even human errors.
The key to surviving these challenges is having a solid disaster recovery strategy. But let’s be honest, most articles stop at the theory. In this one, I’ll cover the fundamentals like HA vs DR, but I’ll also share what I’ve learned from more than 20 years in the trenches with SQL Server disaster recovery. You’ll see which tools companies are actually using, what limitations to watch for, and the real-world gotchas that can cost you time (and sleep). If you’re serious about DR, this blog saves you hours of trial and error.
Think of this series as the instruction booklet you wish came with your environment, the one that shows how the blocks really fit together.
High Availability vs. Disaster Recovery
Quite frequently, people use the terms high availability (HA) and disaster recovery (DR) interchangeably, but in fact, they are not the same thing. Understanding the distinction is critical when designing a resilient SQL Server environment.
In LEGO terms, HA keeps the build stable and standing on the table if there is an incident and it gets bumped, while DR makes sure you have another build ready to quickly snap together when the table gets completely overturned.
High Availability (HA)
HA focuses on minimizing downtime within a single data center, or if you are in the cloud, potentially within a single region. The goal is to ensure SQL Server continues running - even in the event of hardware, software, or OS failures. Think of HA as your “everyday armor”: it protects you against local crashes, patch reboots, or a single server failure.
Disaster Recovery (DR)
DR, on the other hand, is about surviving a larger-scale event, such as a site-wide outage, power failure, or natural disaster. Your DR strategy enables you to recover databases to a secondary location. The secondary location, ideally, is located far enough away from the primary site to avoid the impact of natural disasters.
Another way to think about these concepts is that high availability is about technologies that keep things running, while DR focuses on recoverability when things stop running.
So now that we’ve clarified the difference between HA and DR, the next question is: how do you measure whether your plan is actually good enough? That’s where two key metrics, RTO and RPO, come in. These are the yardsticks every DBA (and every manager) should understand before making decisions.
Defining RTO and RPO
Two metrics should guide every DR plan: Recovery Time Objective (RTO) and Recovery Point Objective (RPO). Organizations typically express these two metrics as an aspect of time, either in seconds, minutes, hours, or even days in some scenarios.
RTO (Recovery Time Objective)
RTO defines how quickly you need to be back online after a failure. If your RTO is two hours, your DR solution must enable SQL Server to be functional within the specified timeframe.
RPO (Recovery Point Objective)
RPO measures how much data loss your organization can tolerate. For example, an RPO of 15 minutes means you may lose up to 15 minutes of data in a worst-case scenario.
- Gotcha: I’ve often seen teams declare an RPO of “5 minutes,” only to find their log backups are scheduled every 30. Always validate your actual backup schedule against your stated RPO.
- Gotcha: Many people have unrealistic expectations. Everyone wants zero data loss and instant recovery, but for most businesses, that level of protection is costly and complex. Be realistic, accepting a few minutes of data loss or a few minutes of downtime can save a lot of money and stress.
Keep in mind that if your RTO and RPO requirements are smaller, the more advanced (and often more costly) your solution will need to be.
Once you’ve defined your RTO and RPO targets, the natural next question is: how do you actually achieve them? Microsoft gives you a few built-in options, each with strengths, weaknesses, and trade-offs. Let’s walk through the main ones.
Native SQL Server disaster recovery options
Microsoft SQL Server offers several built-in technologies that can be leveraged for disaster recovery.
Backups and Restores
Regular full, differential, and transaction log backups provide the foundation for almost every DR strategy. By retaining backups for a period and in a secondary location, you can restore them in the event of a disaster. This approach can be more straightforward and is often widely supported. It can, however, result in longer recovery times, and your RPO will depend heavily on the frequency of transaction log backups.
My take: Backups and restores are a tried-and-true method for implementing a minimum level of disaster recovery. When I speak to clients about disaster recovery, this method is always the first method we discuss. In many cases, it’s all they need. It’s simple, reliable, and if tested regularly, it can meet the requirements of a surprising number of organizations.
Backups are the baseline, but if you need faster recovery or tighter RPOs, you’ll probably look at replication-based solutions. That’s where solutions like Availability Groups, Failover Cluster Instances and Log Shipping come in.
👉 Further reading: Microsoft Docs – SQL Server Backup Strategies
Availability Groups (AGs)
AGs provide either synchronous or asynchronous database replication to one or more secondary replicas. Each availability group can be configured for automatic failover, so long as they are operating in the synchronous model. They can also provide some additional benefits, such as readable secondaries for offloading read-only workloads for reporting needs or even backups. AGs are usually one of the technologies my clients evaluate for the creation of a standby site.
👉 Further reading: Brent Ozar – Availability Group Guide
Failover Cluster Instances (FCIs)
Another built-in technology is Failover Cluster Instances (FCIs). Unlike AGs, which protect individual databases, FCIs operate at the instance level. In this case, the entire SQL Server instance (including system databases) can fail over to another node in the cluster. FCIs are effective at handling local hardware or OS failures but require shared storage, which can itself become a single point of failure unless stretched across sites.
My take: I honestly do not see FCI’s getting implemented that much anymore in the wild, but it is still a solid solution for an organization if they have the hardware for it. In my experience, AGs get deployed more frequently, but don’t let that think that FCI’s are a great solution, as it definitely can be!
Log Shipping
Finally, there is Log Shipping, a solution that is known to be solid and stable. Log Shipping works by taking transaction log backups on the primary database at a specified interval and then copying them to a secondary server. SQL Server agent jobs handle the copy process. After copying the backup files, SQL will restore the backups based on a pre-defined interval.
Log Shipping can be relatively easy to configure, although it can become cumbersome to manage with a higher number of databases. SQL Server Standard Edition also supports Log Shipping, which makes it cost-effective and attractive for organizations with a smaller SQL Server estate or a constrained budget.
My take: I love Log Shipping for its simplicity and robustness in providing DR. Years ago, I worked with a client who set up Log Shipping with a 12-hour delay, so any accidental or malicious changes (like dropping a table) could be caught before the log was restored on the secondary (standby). I have always thought that was an ingenious way to implement Log Shipping.
I also regularly use Log Shipping for migrations - it’s saved me hours of downtime compared to traditional backup/restore methods. I recently helped migrate a client using a form of Log Shipping and reduced their migration timeframe from 15 plus hours down to 1 hour or so. Don’t let its age scare you away; Log Shipping is a beast.
Each of these technologies has its place. The right one depends on your RTO/RPO goals, your budget, and your appetite for complexity. But whatever you choose, the most important step is to test it. Don’t wait for the real disaster to find out what doesn’t work.
👉 Further reading: Microsoft Docs – About Log Shipping (SQL Server)
Summary
DR planning for SQL Server doesn’t have to be overwhelming, but it does need to be intentional. Just like building something meaningful with LEGO, DR success comes from planning, testing, and making sure every piece fits where it should. Start by clearly defining your business requirements around RTO and RPO. From there, evaluate SQL Server’s tools (ranging from backups to log shipping to Availability Groups) and choose the option that balances cost, complexity, and protection for your environment.
Here’s my challenge to you: pick one DR strategy you’re currently relying on and run a DR test this month. You might be surprised by what you learn - and you’ll sleep better knowing the reality, not just the theory. Like a LEGO build, SQL Server disaster recovery works best when the fundamentals are clear, the components are chosen with intent, and the design is built to handle real-world conditions. When those pieces come together, the system behaves exactly as expected when it matters most. When they don’t, the gaps usually only reveal themselves under pressure.
This post is just the starting point. Coming up next in this series:
- A deep-dive video tutorial on setting up log shipping step-by-step, both using native tools and Dbvisit StandbyMP.
- An interactive webinar where we’ll explore what really works (and what doesn’t) for SQL Server disaster recovery in the real world.
If you’ve got questions or DR war stories of your own, I’d love to hear them! Connect with me on LinkedIn or send me an email.
Build it with understanding, use the right pieces, and test it properly. That’s what turns a disaster recovery plan from something that looks good on paper into something you can truly rely on. At the end of the day, disaster recovery isn’t just about technology; it’s about ensuring your business can keep moving forward, no matter what.
