Organizations today are looking to make their IT infrastructure as resilient as possible, protecting against application failure, virtual machine failure, and site-level failure.
Best practice for data protection follows the 3-2-1 backup rule. This best practice methodology suggests having (3) copies of backups located on at least (2) different types of backup medium, with at least (1) backup stored offsite.
Most organizations today are utilizing the public cloud as part of their routine backup strategies when it comes to production workloads. Public cloud infrastructure allows organizations to offset the tremendous capital expense required to build out their own DR site and the infrastructure expense involved with such an undertaking.
Microsoft Azure provides a very cost-effective offering for organizations to backup their infrastructure to the Azure cloud using Azure Backup. With Microsoft Azure Backup Server Update 1, customers can now utilize Azure Backup Server to backup VMware virtual machines.
What capabilities do customers have to backup VMware virtual machines with Azure Backup Server?
How does this fit in an organization’s BCDR plan?
What is Microsoft Azure Backup Server (MABS)?
Azure Backup Server is a simple and robust solution that allows customers to integrate their backup methodology with the Azure public cloud. It provides an alternative to tape for organizations looking to backup their infrastructure using disk backups and cloud integration. Azure Backup Server provides data protection that is location agnostic.
With Azure Backup Server you can protect your business-critical applications including Microsoft Sharepoint, Microsoft Exchange, Microsoft SQL Server, and others. You can also backup Windows Servers and Azure VMs running in the Azure cloud. However, new with Update 1, organizations can start protecting virtual machines (VMs) that are also running on the VMware platform. Backup data can be replicated to the Recovery Services Vault in Azure.
What is a Recovery Services Vault?
A Recovery Services vault is an online storage entity in Azure used to hold data such as backup copies, recovery points, and backup policies. There is a limit of 25 of these per region.
Features and capabilities of a Microsoft Azure Backup Server:
- Cost-effective storage management – pay-as-you-go storage model for Azure storage and no cost for on-premise storage
- Integration into Azure – Azure Backup Server as you would expect is fully integrated with Azure
- Unlimited Scaling – Built on Azure Cloud, it has the potential for nearly unlimited scaling
- Multiple storage options – local storage and geo-redundant storage
- Unlimited data transfer – No charge for data that is transferred
- Data encryption – Secure transmit and store data in the Azure public cloud
- Built-in protection against ransomware – Often ransomware targets backup files. Azure Backup Server has protection to prevent that
- Application-consistent backups – Application consistent backups are needed for applications that need to be transactionally consistent such as Microsoft SQL Server
- Long-term retention capabilities
Microsoft Azure Backup Server Support for VMware Backup
Microsoft’s Azure Backup Server features the following capabilities for VMware backups:
- Agentless backup
- Integration with VMware vSphere Server so that virtual machines are detected automatically and backups happen from the centralized management plane
- Detection of virtual machines at the folder level and protecting those VM folders through vCenter Server
- Storage agnostic – Protection of virtual machines stored on cluster storage, NFS, or DAS
- Recovery of virtual machines includes granular recovery. Both complete virtual machines, as well as individual files and folders, can be recovered using the item-level recovery for Windows VMs
Microsoft Azure Backup Server – Protecting VMware Virtual Machines
The new feature of Azure Backup Server that allows protecting VMware virtual machine workloads allows organizations to now backup VMware virtual machines along with Hyper-V workloads. The steps to utilize Azure Backup Server for backing up vSphere virtual machine workloads are as follows.
- Enable a secure connection between Azure Backup Server and vCenter Server (SSL)
- This includes downloading the certificate bundle from the vCenter Server and importing the certificate into the certificate store on the Azure Backup Server
- Create a new user with the vCenter Server privilege set, via a special role, to enable successfully backing up VMware virtual machines to Azure Backup Server. The privileges needed are shown in the table below
- Add the vCenter Server connection to the Azure Backup Server
- Select the VMware virtual machines to protect with Azure Backup Server – This is done via the protection groups methodology that allows creating protection groups for protecting workloads. These can be configured to replicate to Azure storage
Microsoft Azure Backup Server – Good Features with Limitations
While Microsoft Azure Backup Server provides a good solution with great integration into the Azure public cloud, however, there are some limitations to note:
- Two backups per day to recovery services vault
- Can backup SQL Server every 15 minutes, other workloads only every 1 hour
- Limits to recovery points on disk (64 for file servers, 448 for application servers)
- No backup to tape support
- Limit of 25 recovery services vaults per region
- Linux support for granular file recovery is limited
For many, the above-mentioned limitations could be a deal breaker. Especially when thinking about the limitations of backups that are synchronized with the Azure public cloud, having limitations on the number of backups synchronized is certainly a limitation worth noting. Even though many are looking for the ability to send backup copies to cloud environments, having the ability to utilize tapes in data archiving is still very desirable. Also, the lack of lower RPOs for general workloads is a major limitation for many organizations who want lower RPOs for other servers besides Microsoft SQL Server.
More Powerful Data Protection
Some may find the use case for Microsoft Azure Backup Server fits their environment. However, there are more powerful solutions such as Vembu BDR Suite that overcome the limitations that are mentioned above with Microsoft Azure Backup Server.
- Vembu allows for continuous offsite copies to either the Vembu CloudDR Server or on-premise Offsite DR server
- All Vembu backups can be configured to run at 15-minutes intervals regardless of the application protected
- Vembu BDR Server provides tape backup support
- VembuHIVE file system allows for quickly transforming backups instantly into any format needed for use by the customer
Microsoft Azure Backup Server has certainly matured as a product, now including support for VMware backups. The integration with Microsoft Azure is of course very tight with the product and has many noteworthy features and functionality that many can make use of in their environments. However, as a primary data protection solution, Microsoft Azure Backup Server has many limitations as noted that organizations will want to consider before deploying in their environments. Vembu BDR Suite provides a modern solution to all limitations encountered in Microsoft Azure Backup Server and allows organizations to truly meet their 3-2-1 backup strategy head-on. This includes backup copies to cloud environments, on-premise servers, as well as tape backup support. It is a fully featured multi-hypervisor solution that allows organizations to provide data protection to their heterogeneous hypervisor environments and multi-cloud architectures.