Azure Data Protection

John

The following is from Azure Administrator Training lab for AZ-103

Replication Options

The data in your Azure storage account is always replicated to ensuredurability and high availability. Azure Storage replication copies your data sothat it is protected from planned and unplanned events ranging from transienthardware failures, network or power outages, massive natural disasters, andso on. You can choose to replicate your data within the same data center,across zonal data centers within the same region, and even across regions.Replication ensures that your storage account meets the Service-LevelAgreement (SLA) for Storage even in the face of failures. See the SLA forinformation about Azure Storage guarantees for durability and availability.

When you create a Standard storage account there are four replicationsschemes:

Locally-redundant storage (LRS),

Geo-redundant storage (GRS),

Read-access geo-redundant storage (RA-GRS), and

Zone-redundantstorage (ZRS).

 

Are there any costs to changing my account’s replication strategy?

It depends on your conversion path. Ordering from cheapest to the mostexpensive redundancy offering we have LRS, ZRS, GRS, and RA-GRS. Forexample, going from LRS to anything will incur additional charges becauseyou are going to a more sophisticated redundancy level. Going to GRS or RA-GRS will incur an egress bandwidth charge because your data (in yourprimary region) is being replicated to your remote secondary region. This is aone-time charge at initial setup. After the data is copied, there are no furtherconversion charges. You will only be charged for replicating any new orupdates to existing data. For details on bandwidth charges, see Azure StoragePricing page.

If you change from GRS to LRS, there is no additional cost, but yourreplicated data is deleted from the secondary location.

✔️ If you select Premium performance only LRS replication will be available.

✔️ If you create availability sets for your virtual machines, then Azure usesZone-redundant Storage (ZRS).

For more information, you can see:

Azure storage replication – https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy

 

Locally-redundant Storage

Replication Copies Strategy
Locally redundantstorage (LRS) Maintains three copiesof your data. Data is replicatedthree time within asingle facility in asingle region.

Locally redundant storage (LRS) provides at least 99.999999999% (11 nines)durability of objects over a given year. LRS provides this object durability byreplicating your data to a storage scale unit. A datacenter, located in theregion where you created your storage account, hosts the storage scale unit.A write request to an LRS storage account returns successfully only after thedata is written to all replicas. Each replica resides in separate fault domainsand upgrade domains within a storage scale unit. A storage scale unit is acollection of racks of storage nodes. A fault domain (FD) is a group of nodesthat represent a physical unit of failure. Think of a fault domain as nodesbelonging to the same physical rack. An upgrade domain (UD) is a group ofnodes that are upgraded together during the process of a service upgrade (rollout). The replicas are spread across UDs and FDs within one storagescale unit. This architecture ensures your data is available if a hardwarefailure affects a single rack or when nodes are upgraded during a serviceupgrade.

LRS is the lowest-cost replication option and offers the least durabilitycompared to other options. If a datacenter-level disaster (for example, fire orflooding) occurs, all replicas may be lost or unrecoverable. To mitigate thisrisk, Microsoft recommends using either zone-redundant storage (ZRS) orgeo-redundant storage (GRS).

If your application stores data that can be easily reconstructed if data lossoccurs, you may opt for LRS. Some applications are restricted to replicatingdata only within a country due to data governance requirements. In somecases, the paired regions across which the data is replicated for GRSaccounts may be in another country. For more information on paired regions,see Azure regions.

LRS is a low-cost option for protecting your data from local hardwarefailures. If a datacenter-level disaster (for example, fire or flooding) occurs,all replicas may be lost or unrecoverable. To mitigate this risk, Microsoftrecommends using either zone-redundant storage (ZRS) or geo-redundantstorage (GRS).

However, LRS may be appropriate in these scenarios:

  • If your application stores data that can be easily reconstructed if dataloss occurs, you may opt for LRS.
  • Some applications are restricted to replicating data only within acountry due to data governance requirements.

✔️ Do you think LRS is a good choice for your organization?

 

Zone-redundant Storage

Replication Copies Strategy
Zone-redundantstorage (ZRS) Maintains three copiesof your data. Data is replicatedthree times across twoto three facilities,either within a singleregion or across tworegions.

Zone Redundant Storage (ZRS) synchronously replicates your data acrossthree (3) storage clusters in a single region. Each storage cluster is physicallyseparated from the others and resides in its own availability zone. Eachavailability zone, and the ZRS cluster within it, is autonomous, with separateutilities and networking capabilities.

Storing your data in a ZRS account ensures that you will be able access andmanage your data if a zone becomes unavailable. ZRS provides excellentperformance and extremely low latency.

Here are a few of more things to know about ZRS:

  • ZRS is not yet available in all regions.
  • Changing to ZRS from another data replication option requires thephysical data movement from a single storage stamp to multiple stampswithin a region.
  • ZRS may not protect your data against a regional disaster wheremultiple zones are permanently affected. Instead, ZRS offers resiliencyfor your data in the case of unavailability.

Support coverage and regional availability ZRS currently supports standardgeneral-purpose v2 account types. ZRS is available for block blobs, non-diskpage blobs, files, tables, and queues.

What happens when a zone becomes unavailable? Your data is stillaccessible for both read and write operations even if a zone becomesunavailable. Microsoft recommends that you continue to follow practices fortransient fault handling. These practices include implementing retry policieswith exponential back-off.

When a zone is unavailable, Azure undertakes networking updates, such asDNS repointing. These updates may affect your application if you areaccessing your data before the updates have completed.

ZRS may not protect your data against a regional disaster where multiplezones are permanently affected. Instead, ZRS offers resiliency for your data ifit becomes temporarily unavailable. For protection against regionaldisasters, Microsoft recommends using geo-redundant storage (GRS).

✔️Consider ZRS for scenarios that require strong consistency, strongdurability, and high availability even if an outage or natural disaster rendersa zonal data center unavailable.

 

Geo-redundant storage

Replication Copies Strategy
Geo-redundantstorage (GRS) Maintains six copies ofyour data. Data is replicatedthree times within theprimary region and isalso replicated threetimes in a secondaryregion hundreds ofmiles away from theprimary region.
Read access geo-redundant storage (RA-GRS) Maintains six copies ofyour data. Data is replicated to asecondary geographiclocation and providesread access to yourdata in the secondarylocation.

Geo-redundant storage (GRS) is the default and recommended replicationoption and is sometimes called cross-regional replication. GRS replicatesyour data to a secondary region (hundreds of miles away from the primarylocation of the source data). GRS costs more than LRS, but GRS provides ahigher level of durability for your data, even if there is a regional outage.Geo-redundant storage (GRS) is designed to provide at least99.99999999999999% (16 9’s) durability of objects over a given year byreplicating your data to a secondary region that is hundreds of miles awayfrom the primary region. If your storage account has GRS enabled, then yourdata is durable even in the case of a complete regional outage or a disaster inwhich the primary region isn’t recoverable.

For a storage account with GRS or RA-GRS enabled, all data is firstreplicated with locally redundant storage (LRS). An update is first committedto the primary location and replicated using LRS. The update is thenreplicated asynchronously to the secondary region using GRS. When data iswritten to the secondary location, it’s also replicated within that locationusing LRS. Both the primary and secondary regions manage replicas acrossseparate fault domains and upgrade domains within a storage scale unit. Thestorage scale unit is the basic replication unit within the datacenter.Replication at this level is provided by LRS; for more information, see Locallyredundant storage (LRS): Low-cost data redundancy for Azure Storage.

If you opt for GRS, you have two related options to choose from:

  • GRS replicates your data to another data center in a secondary region,but that data is available to be read only if Microsoft initiates a failoverfrom the primary to secondary region.
  • Read-access geo-redundant storage (RA-GRS) is based on GRS. RA-GRS replicates your data to another data center in a secondary region,and also provides you with the option to read from the secondary region.With RA-GRS, you can read from the secondary regardless of whetherMicrosoft initiates a failover from the primary to the secondary.

 

What is the RPO and RTO with GRS?

Recovery Point Objective (RPO): In GRS and RA-GRS, the storage serviceasynchronously geo-replicates the data from the primary to the secondarylocation. In the event that the primary region becomes unavailable, you canperform an account failover (preview) to the secondary region. When youinitiate a failover, recent changes that haven’t yet been geo-replicated may belost. The number of minutes of potential data that’s lost is known as the RPO.The RPO indicates the point in time to which data can be recovered. AzureStorage typically has an RPO of less than 15 minutes, although there’scurrently no SLA on how long geo-replication takes.

Recovery Time Objective (RTO): The RTO is a measure of how long it takesto perform the failover and get the storage account back online. The time toperform the failover includes the following actions:

  • The time until the customer initiates the failover of the storage accountfrom the primary to the secondary region.
  • The time required by Azure to perform the failover by changing theprimary DNS entries to point to the secondary location.

✔️ If you enable RA-GRS and your primary endpoint for the Blob service ismyaccount.blob.core.windows.net, then your secondary endpoint ismyaccount-secondary.blob.core.windows.net. The access keys for yourstorage account are the same for both the primary and secondary endpoints.

 

Comparing Replication Strategies

Comparison of replication options

The following table provides a quick overview of the scope of durability andavailability that each replication strategy will provide you for a given type ofevent (or event of similar impact).

ReplicationOption LRS ZRS GRS RA-GRS
Nodeunavailabilitywithin a datacenter Yes Yes Yes Yes
An entiredata center (zonal ornon-zonal)becomesunavailable No Yes Yes Yes
A region-wide outage No No Yes Yes
Read accessto your data (in a remote,geo-replicatedregion) in theevent ofregion-wideunavailability No No No Yes
Available in storage account types GPv1, GPv2, Blob Standard,GPv2 GPv1, GPv2, Blob GPv1, GPv2, Blob

Backup

Azure Backup

Azure Backup is the Azure-based service you can use to back up (or protect)and restore your data in the Microsoft cloud. Azure Backup replaces yourexisting on-premises or off-site backup solution with a cloud-based solutionthat is reliable, secure, and cost-competitive.

Azure Backup offers multiple components that you download and deploy onthe appropriate computer, server, or in the cloud. The component, or agent,that you deploy depends on what you want to protect. All Azure Backupcomponents (no matter whether you’re protecting data on-premises or in thecloud) can be used to back up data to a Recovery Services vault in Azure.

 

Key benefits

  • Offload on-premises backup. Azure Backup offers a simple solution forbacking up your on-premises resources to the cloud. Get short and long-term backup without the need to deploy complex on-premises backupsolutions.
  • Back up Azure IaaS VMs. Azure Backup provides independent andisolated backups to guard against accidental destruction of originaldata. Backups are stored in a Recovery Services vault with built-inmanagement of recovery points. Configuration and scalability is simple,backups are optimized, and you can easily restore as needed.
  • Get unlimited data transfer. Azure Backup does not limit the amount ofinbound or outbound data you transfer, or charge for the data that istransferred. Outbound data refers to data transferred from a RecoveryServices vault during a restore operation. If you perform an offlineinitial backup using the Azure Import/Export service to import largeamounts of data, there is a cost associated with inbound data.
  • Keep data secure. Data encryption allows for secure transmission andstorage of your data in the public cloud. You store the encryptionpassphrase locally, and it is never transmitted or stored in Azure. If it isnecessary to restore any of the data, only you have encryptionpassphrase, or key.
  • Get app-consistent backups. An application-consistent backup means arecovery point has all required data to restore the backup copy. AzureBackup provides application-consistent backups, which ensureadditional fixes are not required to restore the data. Restoringapplication-consistent data reduces the restoration time, allowing you toquickly return to a running state.
  • Retain short and long-term data. You can use Recovery Services vaultsfor short-term and long-term data retention. Azure doesn’t limit thelength of time data can remain in a Recovery Services vault. You cankeep it for as long as you like. Azure Backup has a limit of 9999 recoverypoints per protected instance.
  • Automatic storage management. Hybrid environments often requireheterogeneous storage – some on-premises and some in the cloud. WithAzure Backup, there is no cost for using on-premises storage devices.Azure Backup automatically allocates and manages backup storage, andit uses a pay-as-you-use model, so that you only pay for the storage youconsume.
  • Multiple storage options. Azure Backup offers two types of replication tokeep your storage/data highly available.
    • Locally redundant storage (LRS) replicates your data three times (itcreates three copies of your data) in a storage scale unit in adatacenter. All copies of the data exist within the same region. LRSis a low-cost option for protecting your data from local hardwarefailures.
    • Geo-redundant storage (GRS) is the default and recommendedreplication option. GRS replicates your data to a secondary region (hundreds of miles away from the primary location of the sourcedata). GRS costs more than LRS, but GRS provides a higher level ofdurability for your data, even if there is a regional outage.

✔️ What are some of the reasons your organization might choose AzureBackup? Is your organization using Azure Backup?

For more information, you can see:

What is Azure Backup – https://docs.microsoft.com/en-us/azure/backup/backup-overview#why-use-azure-backup

 

Recovery Service Vault Backup Options

The Recovery Services vault is a storage entity in Azure that houses data. Thedata is typically copies of data, or configuration information for virtualmachines (VMs), workloads, servers, or workstations. You can use RecoveryServices vaults to hold backup data for various Azure services such as IaaSVMs (Linux or Windows) and Azure SQL databases. Recovery Services vaultssupport System Center DPM, Windows Server, Azure Backup Server, andmore. Recovery Services vaults make it easy to organize your backup data,while minimizing management overhead.

  • The Recovery Services vault can be used to backup Azure file shares.
  • The Recovery Services vault can also be used to backup on-premisesfiles and folders.

✔️ Within an Azure subscription, you can create up to 25 Recovery Servicesvaults per region.

✔️ Notice your backup choices for virtual machines. This will be covered inanother lesson.

 

Implementing On-Premises File and FolderBackups

There are several steps to configuring Azure backup of on-premises files andfolders.

Note: The Backup agent can be deployed on any Windows Server VM orphysical machine.

  1. Create the recovery services vault. Within your Azure subscription youwill need to create a recovery services vault for the backups.
  2. Download the agent and credential file. The recovery services vaultprovides a link to download the Azure Backup Agent. The Backup Agentwill be installed on the local machine. There is also a credentials filethat is required during the installation of the agent. You must have thelatest version of the agent. Versions of the agent below 2.0.9083.0 mustbe upgraded by uninstalling and reinstalling the agent.
  3. Install and register agent. The installer provides a wizard to configurethe installation location, proxy server, and passphrase information. Thedownloaded credential file will be used to register the agent.
  4. Configure the backup. Use the agent to create a backup policyincluding when to backup, what to backup, how long to retain items, andsettings like network throttling.

 

MARS Agent

Azure Backup for files and folders relies on the Microsoft Azure RecoveryServices (MARS) agent to be installed on the Window client or server.

This is a full featured agent that has many features.

  • Backup files and folders on physical or virtual Windows OS (VMs can beon-premises or in Azure).
  • No separate backup server required.
  • Not application aware; file, folder, and volume-level restore only.
  • Backup and restore content.
  • No support for Linux.

 

Virtual Machine Backup

Azure Site Recovery Scenarios

You can use Azure Site Recovery to replicate on-premises physical or virtualmachines running Windows or Linux. Azure Site Recovery includes supportfor both Hyper-V and VMware virtual machines. You can replicate data fromyour on-premises datacenter to Azure or to a secondary site. Orchestration isbuilt in with Azure Site Recovery, which means that the management ofreplication, failover, and recovery is included. For example, should a virtualmachine or service fail in your datacenter, you can use Azure Site Recovery tofailover to the replicated resource in either Azure or your secondary site.

Azure Site Recovery works in the following three scenarios:

  • Hyper-V Virtual Machine Replication. When Virtual Machine Manager (VMM) is used to manage Hyper-V virtual machines, you can use AzureSite Recovery to replicate them to Azure or to a secondary datacenter. Ifyou do not use VMM to manage your virtual machines, you can useAzure Site Recovery to replicate them to Azure only.
  • VMware Virtual Machine Replication. You can perform the replicationof virtual machines by VMware to a secondary site that is also runningVMware. You also can replicate to Azure.
  • Physical Windows and Linux machines. You can replicate physicalmachines running either Windows or Linux to a secondary site or toAzure.

 

Azure Site Recovery Benefits

A migration to the cloud can result in significant business benefits. Here aresome reasons to use Azure Site Recovery.

  • Eliminate the need for disaster recovery sites. Your environment can beprotected by automating the replication of the virtual machines based onpolicies that you set and control. Site Recovery is heterogeneous and canprotect Hyper-V, VMware, and physical servers.
  • Reduce infrastructure costs. Lower your on-premises infrastructurecosts by using Azure as a secondary site for conducting business duringoutages. Or, eliminate datacenter costs altogether by moving to Azureand setting up disaster recovery between Azure regions. You can pre-assess network, storage, and compute resources needed to replicateapplications from on-premises to Azure—and pay only for compute andstorage resources needed to run apps in Azure during outages.
  • Automatically replicate to Azure. Automate the orderly recovery ofservices in the event of a site outage at the primary datacenter. Automatethe orderly recovery of services in the event of a site outage at theprimary datacenter.
  • Safeguard against outages of complex workloads. Protect applicationsin SQL Server, SharePoint, SAP, and Oracle.
  • Extend or boost capacity. Applications can be Migrated to Azure withjust a few clicks or burst to Azure temporarily when you encounter asurge in demand.
  • Continuous health monitoring. Site Recovery monitors the state of yourprotected instances continuously and remotely from Azure. Whenreplicating between two sites you control, your virtual machines’ dataand replication remains on your networks. All communication withAzure is encrypted.

✔️ Are you considering using Azure Site Recovery and are you interested inany of these specific features? Which one is most important to you?

For more information, you can see:

Azure Site Recovery documentation – https://azure.microsoft.com/en-us/services/site-recovery/

 

Virtual Machine Data Protection

You can protect your data by taking backups at regular intervals. There areseveral backup options available for VMs, depending on your use-case.

Azure Backup

For backing up Azure VMs running production workloads, use Azure Backup.Azure Backup supports application-consistent backups for both Windows andLinux VMs. Azure Backup creates recovery points that are stored in geo-redundant recovery vaults. When you restore from a recovery point, you canrestore the whole VM or just specific files. The topics in this lesson will focuson Azure Backup.

Azure Site Recovery

Azure Site Recovery protects your VMs from a major disaster scenario whena whole region experiences an outage due to major natural disaster orwidespread service interruption. You can configure Azure Site Recovery foryour VMs so that you can recover your application with a single click inmatter of minutes. You can replicate to an Azure region of your choice.

Managed disk snapshots

In development and test environments, snapshots provide a quick and simpleoption for backing up VMs that use Managed Disks. A managed disk snapshotis a read-only full copy of a managed disk that is stored as a standardmanaged disk by default. With snapshots, you can back up your manageddisks at any point in time. These snapshots exist independent of the sourcedisk and can be used to create new managed disks. They are billed based onthe used size. For example, if you create a snapshot of a managed disk withprovisioned capacity of 64 GiB and actual used data size of 10 GiB, thatsnapshot is billed only for the used data size of 10 GiB.

Images

Managed disks also support creating a managed custom image. You cancreate an image from your custom VHD in a storage account or directly froma generalized (sysprepped) VM. This process captures a single image. Thisimage contains all managed disks associated with a VM, including both theOS and data disks. This managed custom image enables creating hundreds ofVMs using your custom image without the need to copy or manage anystorage accounts.

Images versus snapshots

It’s important to understand the difference between images and snapshots.With managed disks, you can take an image of a generalized VM that hasbeen deallocated. This image includes all of the disks attached to the VM. Youcan use this image to create a VM, and it includes all of the disks.

  • A snapshot is a copy of a disk at the point in time the snapshot is taken.It applies only to one disk. If you have a VM that has one disk (the OSdisk), you can take a snapshot or an image of it and create a VM fromeither the snapshot or the image.
  • A snapshot doesn’t have awareness of any disk except the one it contains.This makes it problematic to use in scenarios that require thecoordination of multiple disks, such as striping. Snapshots would need tobe able to coordinate with each other and this is currently not supported.

✔️ Have you tried any of these backup methods? Do you have a backupplan?

 

Azure to Azure Architecture

When you enable replication for an Azure VM, the following happens:

  1. The Site Recovery Mobility service extension is automatically installedon the VM. The extension registers the VM with Site Recovery.Continuous replication begins for the VM. Disk writes are immediatelytransferred to the cache storage account in the source location.
  2. Site Recovery processes the data in the cache, and sends it to the targetstorage account, or to the replica managed disks.
  3. After the data is processed, crash-consistent recovery points aregenerated every five minutes. App-consistent recovery points aregenerated according to the setting specified in the replication policy.
  4. When you initiate a failover, the VMs are created in the target resourcegroup, target virtual network, target subnet, and in the target availabilityset. During a failover, you can use any recovery point.

 

Recovery Services Vault VM Backup Options

Recovery Services vault is a storage entity in Azure that houses data. Thedata is typically copies of data, or configuration information for virtualmachines (VMs), workloads, servers, or workstations. You can use RecoveryServices vaults to hold backup data for various Azure services such as IaaSVMs (Linux or Windows) and Azure SQL databases. Recovery Services vaultssupport System Center DPM, Windows Server, Azure Backup Server, andmore. Recovery Services vaults make it easy to organize your backup data,while minimizing management overhead.

  • The Recovery Services vault can be used to backup Azure virtualmachines.
  • The Recovery Services vault can be used to backup on-premises virtualmachines including: Hyper-V, VmWare, System State, and Bare MetalRecovery.

 

Implementing VM Backups

Backing up Azure virtual machines using Azure Backup is easy and follows asimple process.

  1. Create a recovery services vault. To back up your files and folders, youneed to create a Recovery Services vault in the region where you want tostore the data. You also need to determine how you want your storagereplicated, either geo-redundant (default) or locally redundant. Bydefault, your vault has geo-redundant storage. If you are using Azure asa primary backup storage endpoint, use the default geo-redundantstorage. If you are using Azure as a non-primary backup storageendpoint, then choose locally redundant storage, which will reduce thecost of storing data in Azure.
  2. Use the Portal to define the backup. Protect your data by takingsnapshots of your data at defined intervals. These snapshots are knownas recovery points, and they are stored in recovery services vaults. If orwhen it is necessary to repair or rebuild a VM, you can restore the VMfrom any of the saved recovery points. A backup policy defines a matrixof when the data snapshots are taken, and how long those snapshots areretained. When defining a policy for backing up a VM, you can trigger abackup job once a day.
  3. Backup the virtual machine. The Azure VM Agent must be installed onthe Azure virtual machine for the Backup extension to work. However, ifyour VM was created from the Azure gallery, then the VM Agent isalready present on the virtual machine. VMs that are migrated from on-premises data centers would not have the VM Agent installed. In such acase, the VM Agent needs to be installed.

For more information, you can see:

Plan your VM backup infrastructure in Azure – https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-introduction

 

Implementing VM Restore

Once your virtual machine snapshots are safely in the recovery services vaultit is easy to recover them.

Once you trigger the restore operation, the Backup service creates a job fortracking the restore operation. The Backup service also creates andtemporarily displays notifications, so you monitor how the backup isproceeding.

 

Azure Backup Server

Another method of backing up virtual machines is using a Data ProtectionManager (DPM) or Microsoft Azure Backup Server (MABS) server. Thismethod can be used for specialized workloads, virtual machines, or files,folders, and volumes. Specialized workloads can include SharePoint,Exchange, and SQL Server.

Advantages

The advantages of backing up machines and apps to MABS/DPM storage,and then backing up DPM/MABS storage to a vault are as follows:

  • Backing up to MABS/DPM provides app-aware backups optimized forcommon apps such as SQL Server, Exchange, and SharePoint, inadditional to file/folder/volume backups, and machine state backups (bare-metal, system state).
  • For on-premises machines, you don’t need to install the MARS agent oneach machine you want to back up. Each machine runs the DPM/MABSprotection agent, and the MARS agent runs on the MABS/DPM only.
  • You have more flexibility and granular scheduling options for runningbackups.
  • You can manage backups for multiple machines that you gather intoprotection groups in a single console. This is particularly useful whenapps are tiered over multiple machines and you want to back them uptogether.

Backup steps

  1. Install the DPM or MABS protection agent on machines you want toprotect. You then add the machines to a DPM protection group.
  2. To protect on-premises machines, the DPM or MABS server must belocated on-premises.
  3. To protect Azure VMs, the MABS server must be located in Azure,running as an Azure VM.
  4. With DPM/MABS, you can protect backup volumes, shares, files, andfolders. You can also protect a machine’s system state (bare metal), andyou can protect specific apps with app-aware backup settings.
  5. When you set up protection for a machine or app in DPM/MABS, youselect to back up to the MABS/DPM local disk for short-term storageand to Azure for online protection. You also specify when the backup tolocal DPM/MABS storage should run and when the online backup toAzure should run.
  6. The disk of the protected workload is backed up to the local MABS/DPMdisks, according to the schedule you specified.
  7. The DPM/MABS disks are backed up to the vault by the MARS agentthat’s running on the DPM/MABS server.

 

Backup Component Comparison

This table summarizes the Azure Backup (MARS) agent and the AzureBackup Server usage cases.

Component Benefits Limits What isprotected? Where arebackupsstored?
AzureBackup (MARS)agent Backup filesand folderson physicalor virtualWindowsOS; noseparatebackupserverrequired Backup 3xper day; notapplicationaware; file,folder, andvolume-level restoreonly; nosupport forLinux Files andfolders Recoveryservicesvault
AzureBackupServer App awaresnapshots;full flex forwhen tobackups; recovery granularity; linux support on Hyper-V and VMware VMs; backup and restore VMware VMs, doesn’t require a System Center license Cannot backup Oracle workloads; always requires live Azure subscription; no support for tape backup Files, folders, volumes, VMs, applications, and workloads Recovery services vault, locally attached disk