Category Archives: Data Protection Manager

OMS and System Center: What's New in April 2018

Microsoft announces constantly news about Operations Management Suite (OMS) and System Center. Our community releases this summary monthly, allowing you to have a general overview of the main new features of the month, in order to stay up to date on these arguments and have the necessary references to conduct any insights.

Operations Management Suite (OMS)

Log Analytics

Microsoft has decided to extend the Alerts in Log Analytics from OMS to the Azure Portal, centralizing on Azure Monitor. This process will be done automatically starting from 14 May 2018 (the date has been postponed, Initially it was planned for 23 April), will not result in any change to the configuration of Alerts and related queries, and it does not foresee any downtime for its implementation. For further details please consult the specific article “The extension of Log Analytics Alerts in Azure Monitor“.

Figure 1 – Notification of alerts extension in the OMS portal

To avoid situations where, the resources managed in Log Analytics may send in an unexpected way a high volume of data to the OMS Workspace, is introduced the ability to set a Daily Volume cap. This allows you to limit the data ingestion for your workspace. You can configure the Data volume cap in all regions, accessing to the section Usage and estimated costs:

Figure 2 – Setting the Daily volume cap

The portal also shows the trend of the volume of data in the last 31 days and the total volume of data, grouped by solution:

Figure 3 – Data ingestion for solution (latest 31 days and total)

Log Search API usage, used by the old Log Analytics query language, has been deprecated since 30 April 2018. The Log Search API has been replaced with theAzure Log Analytics REST API, which supports the new query language and introduces greater scalability than the results you can return. For more details on this you can consult theofficial announcement.

Agent

This month the new version ofOMS agent for Linux systems resolves a significant number of bugs and introduces new versions of the various components. It also introduced support for Debian 9, AWS 2017 and Open SSL 1.1. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.6.0-42.

Figure 4 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

As for Azure Backup, have been announced the following improvements in service scalability:

  • Ability to create up to 500 recovery services vaults in every subscription for region (previously the limit was 25).
  • The number of virtual machines that can be registered in each vault is increased to 1000 (it was previously 200).

Azure Backup, for the protection of Azure Iaas VM, now supports the storage account secured using storage firewalls and Virtual Networks. More details about this can be found on Microsoft's official blog.

Figure 5 - Protection of Azure Iaas VM in storage protected scenarios

There are different rules to enable the long-term backup for Azure SQL Database . The procedure, to keep the backup of Azure SQL DB up to 10 years, expected saving in an Azure Recovery Vault Service. By introducing this new feature, you have the option to keep the long-term backup directly within an Azure Blob Storage and will terminate the need for a Recovery Vault Service. All this gives you more flexibility and greater control of costs. For more details about it you can see the article SQL Database: Long-term backup retention preview includes major updates.

System Center

System Center Configuration Manager

For System Center Configuration Manager has been released the version 1804 for the Technical Preview branch. In addition to general improvements in the solution this update introduce new features concerning the OSD, the Software Center and the Configuration Manager infrastructure. All the new features included in this update can be found in the article Update 1804 for Configuration Manager Technical Preview Branch. Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Microsoft has released theUpdate Rollup 5 (UR5) for System Center 2016 Long-Term Servicing Channel (LTSC). This update does not introduce new features, but fixes several bugs.

Following, are the references, about this update, for each System Center product:

There are no updates regarding Service Provider Foundation.

System Center Operations Manager 1801 introduces support for Kerberos authentication when the protocol WS-Management is used from the management server for the communication with UNIX and Linux systems. This allows you to have a higher level of security, eliminating the need to enable basic authentication for Windows Remote Management (WinRM).

Also in System Center Operations Manager 1801 introduces the following improvements on the management of the Linux log file monitor:

  • Support for Wild Card characters in the name and path of the log file.
  • Support for new match patterns that allow customized searches of log.
  • Support for pluging Fluentd published by fluentd community.

Below there are the news concerning the Management Pack of SCOM:

  • MP for Windows Server Operating System 2016 and 1709 Plus 10.0.19.0
  • MP for SQL Server 2008-2012 7.0.4.0
  • MP for SQL Server 2014 7.0.4.0
  • MP for SQL Server 2016 7.0.4.0
  • MP for Microsoft SQL Azure Database 7.0.4.0
  • MP for SQL Server Dashboards 7.0.4.0
  • MP for UNIX and Linux 7.6.1085.0

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in February 2018

The month of February was full of news and there are different updates that affected Operations Management Suite (OMS) and System Center. This article summarizes in concise terms to have a global vision and it contains the necessary references to learn more about it.

Operations Management Suite (OMS)

Log Analytics

Everyone who uses Azure ExpressRoute will be glad to know that you can now monitor it by using the Network Performance Monitor (NPM). This feature has been in previews for a few months and has now passed in the state of general availability. Among the features of this monitor solution we find:

  • Ability to view interactively, using the topology view of NPM, the various components (network on-premises, circuit provider edge, circuit ExpressRoute, edge Microsoft, and the Azure VMs) and latency measured in each hop. This allows you to easily identify any performance issues in connectivity and quickly locate the problematic segment of communication.
  • Ability to view the bandwidth usage of primary and secondary ExpressRoute circuit . Thanks to drill-down is also possible to intercept the bandwidth usage for each vNet connected to the ExpressRoute circuit.
  • Ability to create queries and custom views thanks to the fact that all details of the solution are available in the repository of Log Analytics and therefore you can use the native search functionality and correlation to suit your needs.
  • Ability to diagnose various problems of connectivity present in ExpressRoute circuit .

Figure 1 – Azure ExpressRoute Monitoring

For more information about how to configure the ExpressRoute monitor with NPM please visit the Microsoft's official documentation.

Also in Network Performance Monitor (NPM) was introduced the Service Endpoint Monitor with the integration into the monitor and into the performance of your application also of the performance end-to-end of the network. This feature allows you to create different types of tests (HTTP, HTTPS, TCP and ICMP), that must be carried out in key points of the network infrastructure, so you can quickly identify whether the problem encountered is related to the network or is related to the application. Through the use of the network topology map the problem and its nature is easily locatable. This is a feature in public preview whose characteristics are described in detail in this article.

Agent

This month the new version ofOMS agent for Linux systems fixes some bugs and also introduces an updated version of the components SCX and OMI. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.4.4-210.

Figure 2 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

In this article is described how to build the solution of monitor in Log Analytics for Azure Backup. With this monitor solution, you can control the main aspects of Azure Backup as the backup and restore jobs, backup alert and use of cloud storage. You can do all cross Recovery Service vault and cross subscription, being able to take advantage of the features built into Log Analytics, such as the automated opening of ticket via webhooks or through integration with ITSM. It is a community solution, and each contributed is obviously welcome.

For Azure Backup was announced (in general availability) the possibility of creating consistent backups at the application layer for Linux virtual machines running on Azure. On Windows systems this is done using the VSS component, while for Linux VM it is made available one scripting framework through which you can run the pre-scripts and post-scripts to control the backup execution.

Figure 3 – Mechanism for realization of backup application consistent in VMs Linux on Azure

For more details on this you can consult theofficial announcement, while for more information about Linux virtual machine protection in Microsoft Azure, using Azure Backup, you can view the article: Azure Backup: the protection of Linux on Azure.

Azure Backup introduces the ability to protect natively Azure File Shares. This feature is currently in Public Preview and the main features are:

  • Chance, accessing Recovery Service vault, to make the discovery of storage acccount and detect files shares unprotected.
  • Large-scale protection: there is the possibility to back up multiple file shares contained in a storage account and apply a common security policy.
  • Instant and granular restore. The protection is based on file share snapshots and this allows you to quickly restore files selectively.
  • From the Azure portal you can explore the different restore point available to easily identify which files to restore.

Figure 4 – Backup of Azure File Shares

For further information you can consult theofficial announcement.

This month has been released a Mandatory Update for the Microsoft Azure Recovery Services agent (MARS). For all those who use Azure Backup you must install this update as soon as possible to avoid failures in backup and recovery tasks.

Azure Site Recovery

In Azure Site Recovery was made available a wait functionality, that allows to protect virtual machines having managed disk, in the replication scenario between different Azure regions, allowing greater flexibility for Disaster Recovery scenarios with systems in Azure.

Figure 5 – Enabling replication of a VM with Managed Disks

System Center

As announced in the last few months and as is already the case for the operating system and Configuration Manager, also the others System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). This month there was the first release with the version 1801 of System Center.

Figure 6 – Summary of what's new in version 1801 of System Center

To know the details of what is new in this release, please consult the official announcement. Please remember that for belonging to the semi-annual channel support is guaranteed 18 months.

System Center Configuration Manager

Released the version 1802 for the branch Technical Preview of System Center Configuration Manager: Update 1802 for Configuration Manager Technical Preview Branch.

This release introduces a considerable number of innovations on different areas, including: OSD, Cloud Management Gateway, features of Windows 10 and Office 365, Software Center and Site Server High Availability.

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

The feature called "Updates and Recommendations", introduced in SCOM 2016 for Management Packs from Microsoft, is useful to facilitate the process of discovery of appropriate MPs to monitor different workloads present in your infrastructure and keep them updated. This feature is enabled by well over 110 Microsoft workloads. Microsoft announced that it is extending this feature also for MPs produced and offered by third parties. In release 1801 of Operations Manager are currently covered MPs of the following external partners:

Figure 7 – Feature Updates and Recommendations with MPs of partners

As a result of the release of version 1801 of System Center were also made available the following new SCOM Management Packs:

System Center Service Manager

Released a new version of Service Manager Authoring Tool.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and, after registering, you can start the trial period.

OMS and System Center: What's New in November 2017

In November there have been several announcements from Microsoft concerning Operations Management Suite (OMS) and System Center. This article will summarize briefly with the necessary references to be able to conduct further studies.

Operations Management Suite (OMS)

Log Analytics

As already announced since 30 October 2017 Microsoft has launched the upgrade process of the OMS workspaces not yet updated manually. In this regard has been released this useful document that shows the differences between a legacy OMS workspace and a updated OMS workspace, with references for further details.

Solutions

Those that use circuit ExpressRoute will be glad to know that Microsoft announced the ability to monitor it through Network Performance Monitor (NPM). This is a feature currently in preview that allows you to monitor connectivity and performance between the on-premises environment and vNet in Azure in the presence of ExpressRoute circuit. For more details about the features announced you can consult theofficial article.

Figure 1 – Network map showing details of ExpressRoute connectivity

Agent

As usual it was released a new version of the OMS Agent for Linux systems that now takes place on a monthly basis. This release fixes bugs related diagnostics during agents onboarding. Are not being introduced new features. To obtain the updated version please visit the official GitHub page OMS Agent for Linux Patch v 1.4.2-124.

Protection and Disaster Recovery

Azure Backup always protected backups from on-premises world toward Azure using encryption that takes place using the passphrase defined during the configuration of the solution. To protect VMs in Azure the recommendation for greater security in the backup was to use VMs with disk-encrypted. Now Azure Backup uses Storage Service Encryption (SSE) to do the encryption of backups of virtual machines on Azure, allowing to obtain in an integrated manner in the solution a mechanism for the implementation of the backup security. This also will happen to existing backup automatically and through a background task.

Microsoft, in order to bring more clarity with regard to pricing and licensing of Azure Site Recovery, updated the FAQ which you can see in the official page of pricing of the solution.

System Center

As is already the case for the operating system and System Center Configuration Manager, the other System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). The goal is to rapidly deliver new capabilities and to ensure a speedy integration with the cloud world, which is essential given the speed with which it evolves. In November was announced the System Center preview version 1711 which you can download at this address.

Figure 2 – Summary of what's new in System Center preview version 1711

To know the details of the new features in this release, please consult theofficial announcement.

System Center Configuration Manager

For System Center Configuration Manager current branch version 1706 was issued an important update rollup you should apply as it solves a lot of problems.

Released the version 1710 for the Current Branch (CB) of System Center Configuration Manager that introduces new features and major improvements in the product. Among the main innovations of this update definitely emerge the possibilities offered by the Co-management that expand the possibilities for device management using either System Center Configuration Manager and Microsoft Intune.

Figure 3 – Features and benefits of Co-management

For a complete list of new features introduced in this version of Configuration Manager, you can consult theofficial announcement.

Released the version 1711 for the Technical Preview branch of System Center Configuration Manager. The new features in this update are:

  • Improvements in the new Run Task Sequence step.
  • User interaction when installing applications in the System context even when running a task sequence.
  • New options, in the scenario of using Configuration Manager associated with Microsoft Intune, to manage compliance policy for devices Windows 10 related to Firewall, User Account Control, Windows Defender Antivirus, and OS build versioning.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

Released a updated version of the Configuration Manager Client Messaging SDK.

System Center Operations Manager

Released the new wave of the SQL Server Management Packs (version 7.0.0.0):

The Management Packs for SQL Server 2017 can be used for the monitor of SQL Server 2017 and subsequent releases (version agnostic), this allows you to avoid having to manage different MPs for each version of SQL Server. The controls for versions of SQL Server earlier than 2014 are included in the generic MP "Microsoft System Center Management Pack for SQL Server".

System Center Service Manager

Microsoft has published a series of tips and best practices to be followed during Authoring Management Pack of System Center Service Manager (SCSM).

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

OMS and System Center: What's New in October 2017

This article lists the main changes announced in October concerning Operations Management Suite (OMS) and System Center. This is a concise summary that contains the necessary references for further study.

Operations Management Suite (OMS)

Log Analytics

In Log Analytics in August was released a major update that introduces a number of changes, as the powerful new query language, the introduction of the new Advanced Analytics portal and greater integration with Power BI. For further information you can consult the specific article Log Analytics: a major update evolves the solution. During the month, Microsoft announced that from 30 October 2017 is started automatically the upgrade process of the OMS workspaces not yet updated manually. Everything will be done in a gradual way for region according to the schedule below:

Figure 1 - Scheduling for rollout of the upgrade of Log Analytics

Also starting from 16 October 2017 the new OMS workspaces are already build in the new mode and there is no possibility to create a legacy workspace. For further information you can consult the article Azure Log Analytics workspace upgrades are in progress.

Solutions

Thanks to the solution Azure Log Analytics Container Monitoring for the Service Fabric under Linux now you can:

  • Centralize and correlate logs that are related to containers.
  • For containers and nodes display in almost real-time metrics for CPU, memory, storage and network utilization.
  • Identify containers with excessive use of resources.
  • Control the use of process-wide resources (Docker container top).
  • See an inventory of the container node that contains information about the Orchestration.

Figure 2 – Container Monitoring solution for Linux Service Fabric

The presence of an Azure Resource Manager (ARM) template that lets you create a new Log Analytics Workspace and install during the deployment the OMS agent on all nodes of the Service Fabric cluster facilitates the activation of the monitor. At the end of the cluster deployment simply add to the workspace of Log Analytics the solution Container Monitoring available in Azure Marketplace, and in a few minutes will be available in Log Analytics information on the Service Fabric. For further information you can consult the article Azure Log Analytics Container Monitoring solution for Linux process Fabric.

By using the Azure Action Groups you can use the Log Analytics solution IT Service Management Connector Solution to automatically open incident in your product or service of IT Service Management (ITSM), if properly supported, against alert generated in the Azure environment. The steps to configure this new feature is documented in the ad Send your Azure alerts to ITSM tools using Action Groups.

Agent

Released a new version of the OMS agent for Linux systems that mainly has solved some bugs and introduced some useful improvements. For more details and to get the updated version please refer to the official GitHub page OMS Agent for Linux GA v 1.4.1-123

Figure 3 – Bug fixes and what's new for the OMS agent for Linux

Azure Automation

As for Azure Automation have been announced, currently in preview, exciting new features:

  • Update management: it allows you to have visibility on the updates compliance for both Windows and Linux systems, regardless of their location (Azure, on-premises or others cloud). It also allows you to schedule the deployment to install the updates within a specific maintenance window. Among the features offered is the ability to exclude specific updates from the deployment and retrieve logs for the deployment useful for troubleshooting.
  • Inventory: it allows you to retrieve inventory information about the installed applications within systems. All this can easily be accessed directly from the portal Azure.
  • Track changes: useful for monitoring changes made to systems for services, daemons, software, registry and files. This feature can be very useful to diagnose specific problems and to enable alerts against unexpected changes.

Figure 4 – New features in preview of Azure Automation

For further details please consult the specific article What's New in Azure Automation: Inventory, Change Tracking and Update Management.

Azure Automation also introduces the ability to implement runbook written in Python 2 and adds support for the role Hybrid Runbook Worker under Linux. These features are currently in public preview.

System Center

TheUpdate Rollup 4 for Microsoft System Center 2016 has been released.

These are the System Center products affected by the update that resolves several issues and introduces some improvements:

The Update rollup 4 introduces support for the security protocol TLS 1.2 for all encrypted communications. Earlier versions of TLS and SSL encryption mechanisms are not considered with a high level of security, for this reason Microsoft has decided to introduce for the following System Center products official support for the security protocol TLS 1.2:

  • System Center Operations Manager (SCOM)
  • System Center Virtual Machine Manager (SCVMM)
  • System Center Data Protection Manager (SCDPM)
  • System Center Orchestrator (SCO)
  • Service Management Automation (SMA)
  • Service Provider Foundation (SPF)
  • System Center Service Manager (SM)

Enabling TLS 1.2 requires that you follow the following macro step:

  1. Install security updates for Windows Server, .NET 4.6 and SQL Server.
  2. Install the Update Rollup 4 of System Center 2016 on the different components. Regarding Service Management Automation (SMA) and Service Provider Foundation (SPF) you still need to apply the latest Update Rollup available. In addition to SMA you need to update its Management Pack.
  3. Change the settings to enable TLS 1.2 in the Windows environment on all System Center components.
  4. Adapt the System Center component-specific settings that require it (SCOM, SCDPM and SCO).

For more details you can follow the specific deployment guide.

System Center Configuration Manager

Released version 1709 for the branch Technical Preview of System Center Configuration Manager: Update 1709 for Configuration Manager Technical Preview Branch – Available Now!

The new features in this update are:

  • Co-management: solution that allows the management of devices using either System Center Configuration Manager and Microsoft Intune. Thanks to Windows 10 Fall Creators Update there is the opportunity to join the device both to the Active Directory domain (AD) on-premises and to Azure AD in the cloud. This expands the possibilities for management of devices using the Configuration Manager client and the MDM agent of Intune.

Figure 5 – Co-Management from the SCCM console

  • Improvement regarding the use of SCCM connected to Intune for the management of the mobile devices with regard to the settings of VPN profiles. With this update, in fact while creating a new VPN profile shows only the appropriate settings for the platform that you intend to configure. More details about you can retrieve them in this article.

Also released version 1710 always for the branch Technical Preview of System Center Configuration Manager. The many innovations introduced with this update are available in the announcement Update 1710 for Configuration Manager Technical Preview Branch – Available Now!.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

System Center Operations Manager

In the table below the news about SCOM Management Pack 2016:

The changes introduced by these new MPs can be found in the article DHCP 2016 and 2012 R2 Management Pack release.

System Center Orchestrator

Released the latest version of’Integration Pack for System Center 2016.

To test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

Azure Backup Server v2 in Windows Server 2016

Azure Backup Server is a solution available on the market since October 2015 and in the spring of this year has been released the second version of the product, named Azure Backup Server v2 (MABS v2), that supports installation on Windows Server 2016. Actually Azure Backup Server has inherited the same capabilities of System Center Data Protection Manager, with the substantial difference that does not support backup to tape. Using Azure Backup Server v2 implemented on Windows Server 2016 allows the use of Modern Backup Storage that guarantees, thanks to the new technologies introduced in Windows Server 2016, to improve the performance of backups, to reduce the occupation of storage and to increase the resilience and safety with regard to the protection of virtual machines. This article describes how to implement Azure Backup Server v2 and contains the instructions to follow to take advantage of the benefits through native integration with Windows Server 2016.

Installation requirements

Deploy Azure Backup Server v2 (MABS v2) can be performed on a standalone physical server , on a virtual machine in VMWare or Hyper-V or on a virtual machine hosted on Azure.

The operating system can be Windows Server 2012 R2, but it is recommended Windows Server 2016 in order to benefit from the advantages of Modern Backup Storage. The machine must be joined to an Active Directory domain and should have the ability to access in Internet to Microsoft Azure even if you decide not to send the protected data to the cloud.

Regarding hardware specs Microsoft recommends the following.

Processor
Minimum: 1 GHz, dual-core CPU.
Recommended: 2.33 GHz, Quad-core CPU.

RAM
Minimum: 4 GB.
Recommended: 8 GB.

Disk space
Software installation: recommended about 8-10 GB.
Storage Pools: 1.5 times the data you wish to protect.
Scratch Location: at least the 5% of the total space of the protected data in the cloud.

With regard to the software requirements you must install Microsoft .Net 3.5 SP1, Microsoft .Net 4.6 and Hyper-V Powershell modules.

Finally you need to create on its own subscription Azure a Recovery Service Vault, which will be associated with the Azure Backup Server. The setup of Azure Backup Server will require the Vault credentials which can be downloaded by accessing the properties from the Azure Portal:

Figure 1 – Backup Download Credentials

 

Installation procedure

The download of the installation setup of Azure Backup Server v2 can be started directly by accessing this Microsoft page. After the download of different files you need to run the executable MicrosoftAzureBackupServerInstaller.exe to extract installer binaries in a single folder. Inside the chosen folder, you can run the Setup.exe file to start the installation process later documented.

Figure 2 – Select Install Microsoft Azure Backup Server

Figure 3 – Welcome page

Figure 4 – Check the prerequisites

azure backup server requires the presence of a microsoft sql server instance to host the related database. If you do not have an existing instance to use (required at least SQL Server 2014 SP1) the setup installs SQL Server 2016 Service Pack 1 (recommended by Microsoft). In this scenario you do not require the acquisition of a license for SQL Server as long as the instance is for the exclusive use of MABS v2.

Figure 5 - Choice relative to the SQL Server that hosts the DBs of MABS v2 anf check of the requirements

If you have not installed the Hyper-V Powershell module the setup will install it, but you will need to stop the installation setup to restart the system.

Figure 6 – Requirements not met and restart required for Hyper-V Powershell module installation

Figure 7 – Requirements met

Figure 8 – Choice of installation path

The setup of MABS v2 creates the account MICROSOFT$DPM$Acct local to the machine that will run SQL Server and SQL Server Agent services and the account DPMR$Servername used for the generation of reports.

Figure 9 – Choice of password for the MICROSOFT$DPM$Acct and DPMR$Servername

Figure 10 – Choice of deploying updates to MABS v2 via Windows Update

Figure 11 - Summary concerning the installation choices

At this point starts the setup of Microsoft Azure Recovery Services (MARS) Agent required to connect to the Recovery Service Vault in Microsoft Azure.

Figure 12 - Configuration of the proxy server if required for access to public services in Microsoft Azure

Figure 13 – Verification of the presence of the necessary requirements and installation of MARS

After installing the MARS, starts the registration process of the Azure Backup Server to the Azure Recovery Service Vault that requires the Backup Vault credentials (recoverable following the step documented in Figure 1) and the passphrase required to perform the encryption of stored data. You should save this key in a safe place as it is necessary during recovery operations and can not be recovered in any way by Microsoft staff.

Figure 14 -Choose Backup Vault Credentials

Figure 15 – Passphrase for encryption of backups

After completing these steps, you must wait the end of the installation process.

Figure 16 - MABS v2 installation completed successfully

Before proceeding with the configuration of MABS v2 it is recommended to apply the latest update available for Microsoft Azure Backup Server v2 which you can be downloaded from the Microsoft support site.

At this point, it is necessary to configure the SQL Server instance just installed according to their own needs, and it is recommended to apply thelatest Cumulative Update available for SQL Server 2016 Service Pack 1.

 

Features provided by the integration between MABS v2 and Windows Server 2016

Azure Backup Server v2 is natively integrates with the new technologies available in Windows Server 2016 so you can enjoy the following benefits:

  • Efficiency major in backups operations: using the technologies Refs Block Cloning, VHDX and Deduplication you can get a reduction of storage needed to protect data and improve performance in the execution of backup. The configuration of the Modern Backup Storage can be done by following the steps documented in official documentation, which although relating to DPM 2016 is identical for Azure Backup Server v2. Very interesting also the functionality Workload-Aware Storage that allows you to select which volumes use depending on the type of workloads are protected, having thus the opportunity to choose more efficient storage and dedicate it to more frequent backup tasks for which it is good to have high performance.
  • Reliability elevated in Hyper-V virtual machine protection, thanks to the integration with technology Resilient Change Tracking (RCT) can natively track changes made to VMs compared to backups, without the need to add filter drivers. This reduces the time-consuming tasks to perform consistency checks.
  • Safety: ability to backup and restore Shielded VMs.

 

Costs of the solution

As regards the cost of the solution is good to specify that it is obviously necessary to contemplate the license of the machine's operating system on which you are installing MABS v2. An interesting aspect is that in order to implement Azure Backup Server is not require any licence concerning System Center, but you must have an Azure subscription . In the cost of the solution you should consider a fee for each protected instance and any storage occupied in Microsoft Azure. For more details on the cost of the solution, please consult the Official Microsoft page on the Pricing.

 

Conclusions

Azure Backup Server v2, with its approach cloud-first and through the integration with certain features in Windows Server 2016 , is a complete and functional solution for the protection of different workloads. For those using the first release of Azure Backup Server you can upgrade to MABS v2 keeping all the settings. The advice is still to implement MABS v2 on Windows Server 2016 so that you have a solution that allows you to perform backups with speeds up to 3 times and to reduce up to 50% storage utilization.

System Center 2016: What's new in Data Protection Manager

With the release of System Center 2016 one of the components which saw the largest number of news is definitely Dpm. DPM 2016 introduces major improvements in terms of performance and changes regarding storage management and security. The whole is then further enhanced thanks to the support of the new Hyper-V feature in Windows Server 2016.

Modern Backup Storage

DPM 2016 introduces a new mechanism for managing storage defined Modern Backup Storage which uses a block-cloning technology based on Resilient File System (Refs).

Thanks to the use of Modern Backup Storage you can get the following benefits:

  • Disk space optimization: Modern Backup Storage saves approximately the 30-40% storage and have a high degree of flexibility in the management of the same by using volumes ReFS and save backups on VHDX. In DPM 2016 There is no need to allocate a priori the space to devote to protecting resources and is able to adapt employment of storage for backups dynamically based on the size of the source to be protected.
  • Performance improvement: DPM 2016 for saving data on volumes ReFS makes use of a technology block-method-based cloning allocate-on-write instead of copy-on-write (used by VolSnap in DPM 2012 R2). This change enables a performance increase up to the 70%.
  • Decrease in costs: Thanks to the functionality workload-aware storage DPM introduces a further flexibility in the choice of different protection storage workloads that we sconsente to reduce their costs. DPM is able to use high-performance storage and more expensive for workloads with very high I, which may be such as SQL or Sharepoint, and storage less performance for workloads with reduced I.

In order to use Modern Backup Storage requires that DPM is installed on Windows Server 2016.

For more details about the Modern Backup Stoarge you can see Introducing DPM 2016 Modern Backup Storage.

Hyper-V protection

The following changes affect virtual machine protection with DPM 2016.

  • Resilient change tracking (RCT) – DPM uses the new native change tracking mechanism introduced in Hyper-V called Resilient Change Tracking (RCT). RCT significantly increases the resilience of the data compared to the previous change tracking mechanism based on VSS technology and therefore reduces the need for consistency check and thus save time. DPM during differential backups is able to locate and transfer only the blocks that have changed and that are indicated by the change tracker.

The virtual machines that are created directly on Windows Server 2016 and protected by DPM 2016 use of default RCT and therefore you can enjoy the following benefits in terms of protection:

  • Increased reliability: We do not require consistency check after migration of virtual machines;
  • High scalability: You may have a higher number of backup jobs in parallel and a lower impact on storage utilization;
  • Superior performance: faster backups and a lower impact on fabric.

If you want to use the functionality of RCT for virtual machines created on older versions of the hypervisor is wants to update the configuration file version of VMs (For more details, see the upgrading virtual machine version to Windows Server 2016) and on the DPM server 2016 You must stop the protection of virtual machines by selecting the option Retain Data and create a new Protection Group.

  • Continued protection during cluster aware updates – Windows Server 2016 introduced the ability to add a node Windows Server 2016 to an existing Hyper-V cluster consisting of Windows Server nodes 2012 R2. This feature allows you to update the cluster systems without any downtime. DPM 2016 You can protect your virtual machine also during the update process thus continuing to adhere to the established SLAS.
  • Secure VM Backups – DPM 2016 supports backup and recovery of Shielded VMs while maintaining the same level of security. In this regard it is good to specify that in this scenario the capabilities of Item Level Recovery (ILR) and Alternate Recovery Location (ALR) to a location outside the "guarded fabric" are not allowed.
  • Hyper-V with ReFS SOFS Cluster – DPM 2016 cannot protect Hyper-V virtual machines that reside on cluster SOFS that use ReFS. Backup and recovery is also supported for virtual machines that do not use RCT.
  • Hyper-V with Storage Spaces Direct – DPM has the ability to detect and protect virtual machines that use Storage Space Direct in different scenarios, for example, in Hyper-converged scenario where is Hyper-V (compute) that Storage Space Direct (storage) reside on the same cluster. For more details about Storage Spaces Direct on Windows Server 2016 I refer you to this article.

Conclusions

Having regard to the important new features and the many benefits that can be gained by switching to Data Protection Manager 2016 all current users of the solution should seriously consider upgrading. For those who want to explore and evaluate DPM 2016 can Download the trial version from Microsoft System Center Evaluation Center.