Category Archives: Azure Backup & Disaster Recovery

Evolve Business Continuity and Disaster Recovery with Azure’s Business Continuity Center

In today’s context, where cybersecurity threats and the need for operational continuity are constantly increasing, companies must adopt modern solutions to ensure data protection and recovery. Azure’s Business Continuity Center (ABCC) offers an innovative response to these challenges, providing an integrated platform to manage business continuity and disaster recovery. With a range of advanced features, ABCC enables the identification and resolution of system protection gaps, simplifies backup and recovery operations, and enhances the overall security posture of the organization. In this article, we will explore the main features of Azure’s Business Continuity Center and how it can evolve the management of operational continuity in modern businesses.

Challenges in Managing Distributed Environments

Managing IT environments distributed between on-premises and cloud infrastructures can present numerous challenges, making it complex to protect and recover data consistently and efficiently. Key challenges include:

  • Distributed nature of data: Managing data across on-premises and cloud environments creates complexity.
  • Fragmented experiences: Inconsistent experiences between Azure solutions and services lead to management difficulties.
  • Monitoring and recovery: Ensuring compliance and recovering data across various solutions can be complicated.
  • Unified objectives: Maintaining unified objectives for entire applications, rather than individual workloads, is challenging.
  • Consolidation needs: Consolidating BCDR strategies from fragmented experiences for greater efficiency is sought.

Key Features of the Business Continuity Center

Azure’s Business Continuity Center is the advanced version of the previous BCDR Center, now offering a more powerful and sophisticated platform. This center provides a wide range of features designed to help customers meet their security and protection needs. Below is a summary of the main features and benefits offered by this advanced solution.

Centralized Management Interface

The Business Continuity Center provides a unified platform within the Azure portal to manage and monitor backup and disaster recovery processes, eliminating the need to switch between multiple dashboards.

  • Unified view: Provides a unified view of all resources, both on-premises and cloud, simplifying monitoring and management.
  • Holistic monitoring: Offers actionable insights and notifications to quickly detect issues and take corrective actions.

Automated and Simplified Operations

Onboarding is very simple, requiring no configuration or prerequisites; just search for Business Continuity Center in the Azure portal. ABCC uses Azure policies to automate the protection of new resources. Azure offers built-in policies that automatically configure backups for newly created resources. These policies can be assigned to specific scopes such as subscriptions, resource groups, or management groups, ensuring that any new resource within these scopes is automatically protected without manual intervention.

Improved Security Posture

ABCC assesses the security configurations of resources, providing a security level score (e.g., poor, fair, excellent) and guidance on how to improve security against ransomware and other threats. Key security settings highlighted to protect backup data include:

  • Soft delete: Ensures that even if backup data is deleted, it remains recoverable for a specified period, providing an additional layer of protection against accidental or malicious deletions.
  • Immutability: Ensures that backup data cannot be altered or deleted within a specified retention period, protecting it from tampering and ransomware attacks.
  • Multi-user authorization: Requires multiple users to authorize critical operations, reducing the risk of unauthorized changes or deletions.

Optimized Data Protection and Governance

ABCC includes a compliance view showing how many resources comply with assigned backup policies and how many do not. This helps administrators ensure that all necessary resources are protected according to desired policies. Administrators can use policies to automate backups based on specific tags assigned to resources. For example, a policy can be set to back up all virtual machines with a specific tag (e.g., “production”).

Additionally, it consolidates alerts and metrics for easier tracking of backup and disaster recovery operations.

Support for Hybrid Environments

ABCC allows users to manage both Azure and non-Azure resources, providing information on protection status and compliance for both environments. It also offers flexible protection strategies, including the use of multiple solutions (e.g., Azure Backup and Site Recovery) to ensure regional redundancy.

Conclusion

Azure’s Business Continuity Center represents a significant step forward in managing operational continuity and disaster recovery for organizations using Azure solutions. Integrated into the platform, this center simplifies backup and recovery operations through advanced features and a centralized management interface. It improves security posture, automates backup policies, and offers holistic management of hybrid resources, enabling companies to consolidate their business continuity and disaster recovery strategies. This reduces operational complexities and ensures optimal data protection. With Azure’s Business Continuity Center, organizations can address the challenges of data protection and recovery more efficiently and reliably, ensuring operational continuity even in critical situations. The product has recently been released, so further developments are expected. It will be interesting to see if Microsoft decides to integrate it with third-party solutions as well.

Effective Disaster Recovery plans with Azure

The core business of a company, in most cases, is deeply dependent on the IT solutions used, therefore it becomes important to structure your infrastructure to cope with accidents of any nature, even the most remote, which could cause damage, an interruption or loss of data. This article describes how, thanks to Azure and the solutions offered by Microsoft's public cloud, effective disaster recovery plans can be developed to better protect all environments, even non-homogeneous ones, providing the ability to easily orchestrate and test all scenarios.

Azure Site Recovery overview (ASR)

The solution Azure Site Recovery (ASR) allows you to implement disaster recovery strategies that, in case of necessity, can keep applications running and restore normal working conditions. In fact,, Azure Site Recovery favors the implementation of Disaster Recovery strategies in heterogeneous environments, orchestrating near real-time replicas of systems to Microsoft Azure and, within Azure, between regions or between different availability zones. This solution allows you to minimize downtime and recovery times, all in a safe way and through a simple and economically advantageous management.

Figure 1 - Main features of ASR

If there are outages in the primary data center with ASR, you can start a failover process to keep workloads accessible and available. Furthermore, when it will be possible to use the resources in the primary data center again, ASR will allow you to govern the failback process.

ASR is a complete solution that allows you to cover different protection scenarios:

Figure 2 - Possible scenarios for the adoption of ASR

To evaluate in detail all the features offered by ASR you can consult this official Microsoft document.

Main strengths of ASR and integration with other solutions

Among the main advantages that can be obtained with the adoption of this solution we find:

  • Cost optimization as only the virtual machine disks are replicated on Azure. The activation of VMs, with a consequent generation of consumption, occurs only during tests and in the case of DR.
  • Simplify the process of creating disaster recovery plans. In fact, in the recovery plans is possible to include scripts and runbooks present in Azure Automation so that you can model and customize the DR procedures for applications with complex architectures.
  • High flexibility thanks to the potential of the solution that allows you to orchestrate replicas of virtual machines running in different environments.
  • Thanks to the ability to replicate workloads directly on Azure, you can consider completely eliminating a secondary data center built only for disaster recovery purposes.
  • Periodic execution of failover tests to validate the effectiveness of the recovery plans implemented, without giving any impact to production application environment.

ASR is strongly integrated with various native solutions and technologies of the Azure platform, thus being able to guarantee a complete and secure solution, as shown in the following image:

Figure 3 - Main Azure functionalities that can be used in ASR

Furthermore, ASR can also be easily integrated with other BCDR technologies (Business Continuity and Disaster Recovery) already existing in the company, in order to guarantee a complete and effective DR strategy.

When dealing with the issue of Disaster Recovery, in the presence of VMware environments, it is also possible to evaluate theadoption of the Azure VMware solution (AVS), in particular considering the integration with VMware Site Recovery Manager (SRM), as described in this article.

Furthermore, in the presence of Azure Stack HCI it is possible to take advantage of the disaster recovery features inherent in the solution and, starting with version 21H2 of Azure Stack HCI, there is also official support for Azure Site Recovery.

The business value of Azure Site Recovery

To analyze the return on investment (ROI) associated with the adoption of Azure Site Recovery and Azure Backup, you can consult this IDC white paper sponsored by Microsoft. The paper highlights how Azure is being used by various companies across various industries for:

  • Optimize overall performance, the speed and reliability of operations related to backups and disaster recovery.
  • Reduce unplanned downtime and consequently business risks, increasing productivity up to 93%.
  • Achieve an estimated five-year ROI up to 370%, with higher levels of team efficiency, faster application development and greater savings on personnel and infrastructure costs.

Other important aspects

To make the Disaster Recovery strategy effective and functional, the following aspects must also be taken into consideration:

  • The data protection policies in place to implement an appropriate synergy. In fact, backups can be an integral part of the DR strategy.
  • Enabling a monitor system useful for identifying problems, their impact and causes. Useful aspects for evaluating the need for activation of the DR strategy.
  • Periodic tests, updating of documentation and training on the staff involved.

Conclusions

Often we are faced with a challenging activity aimed at determining which solution is most appropriate to meet your needs in the activation of disater recovery plans. Microsoft, as a proprietary provider of Data protection as a service solutions (DPaaS) on the Azure platform, can accurately meet various corporate data protection requirements. In particular, with Azure Site Recovery it is possible to contemplate different protection scenarios in an effective and flexible way, ensuring high standards regarding the security of data and sensitive information.

The evolution of a traditional file server thanks to the potential offered by Azure

The file server continues to be a strategic and heavily used component in our customers' datacenters. Often we are looking for modern solutions that allow you to effectively and functionally centralize the network folders of your infrastructure, while maintaining characteristics in terms of performance, compatibility and flexibility. This article explores the features of the Azure File Sync solution, which allows you to benefit from the potential offered by the Microsoft Azure public cloud as regards synchronization, the provision and protection of file server contents.

The challenges of traditional file servers

Using file servers in traditional mode to provide users with a repository to store content, we often find ourselves in the conditions of:

  • adopt legacy solutions that are inflexible and inefficient
  • having to host a large number of rarely accessed archive folders in their data centers
  • deliver content in an ineffective way in multi-site contexts
  • have difficulty in quickly restoring the provision of the service in the event of faults, security issues or major outages

The principles of operation of Azure File Sync

Azure File Sync is a solution that allows you to centralize the network folders of your infrastructure in Azure Files, maintaining flexibility, the performance and compatibility of a traditional Windows file server. Although there is the possibility to choose to keep a complete copy of your data in an on-premises environment, Azure File Sync allows you to transform Windows Server into a "cache" to quickly access the content on a given Azure file share: in this case all the files are present in the cloud, while the most recent files are also present on the on-premises file server.

Figure 1 – Azure File Sync architecture

Local access to data can occur with any protocol available in Windows Server, such as SMB and NFS. Furthermore, you have the possibility of having multiple "cache" servers located in different geographic locations. Finally, is allowed to directly access content on the File Share from other Azure resources (IaaS and PaaS).

Figure 2 - Access to content in Azure File share

Benefits of Azure File Sync

Among the benefits that can be obtained by adopting the Azure File Sync solution we find:

  • Cloud tiering: are maintained locally only recently accessed data. This allows you to control the amount of disk space used on-premises for storing content. Consequently, cost savings for local storage are achieved, as only part of the data will be stored locally. Files in the cloud can always be quickly retrieved on demand, without interruptions for the user, thus ensuring an optimal experience.
  • Synchronization and multi-site access: you have the option to sync between different sites, allowing to write access to the same data between different Windows Server and Azure Files.
  • Disaster recovery and business continuity: you have the possibility to immediately restore the file metadata and to recall only the necessary data, for faster service reactivation in Disaster Recovery scenarios. Furthermore, Azure File offers several possibilities when it comes to data redundancy.
  • Backup cloud-side: becomes invalid the need to back up data on premises. Content protection can be done directly in the cloud, as described in the following paragraph. This means that it is possible to obtain a reduction in costs with regard to the hardware and software used to perform the on-premises backup.

Azure File share protection

The ability to enable the Cloud Tiering makes Azure File Sync a particularly interesting solution, but this aspect in particular requires making the necessary considerations as regards the data protection strategy. As well as antivirus solutions, backup solutions may cause files stored in the cloud to be recalled through the Cloud Tiering feature. Microsoft recommends a cloud backup solution to back up Azure File share instead of an on-premises backup solution. Among the various workloads supported by Azure Backup, Azure Files is also included:

Figure 3 - Overview of Azure Backup and its features

Azure Backup uses different backup technologies for each workload it can protect. Going into detail, the protection of the Azure File shares used by Azure File Sync can be done using Azure Backup, according to the following architecture:

Figure 4 – Architecture for the protection of Azure File shares

For more details please visit the Microsoft's official documentation.

Advantages of protecting Azure File shares with Azure Backup

The Azure File share protection process using Azure Backup offers the following benefits:

  • Zero infrastructure: no infrastructure is required to enable environmental protection.
  • Security: Azure Backup ensures that backup data is stored securely by leveraging the Azure platform's built-in security features such as RBAC and encryption. Furthermore, with the soft-delete functionality you get advanced protection from any accidental and harmful attempts to delete backups.
  • Customizing retention policies: backups can be configured with data retention policies daily, weekly, monthly and yearly, based on your needs.
  • Built-in management capabilities: you can schedule your backups and specify the retention period you want in a way that is fully integrated into the platform.
  • Instant Restore: Azure File Share backup uses snapshots, this allows you to select only the files you want to restore instantly.
  • Alerts and reports: you can configure alerts for backup and restore operations that present errors. You can also use the reporting solution provided by Azure Backup to get detailed information about backup jobs.

Conclusions

Thanks to the adoption of Azure File Sync, it is possible to evolve traditional file servers with modern and functional features such as cloud tiering, synchronization between multiple sites, the quick DR, direct access in the cloud environment and integration with cloud backup.

Azure VMware Solution: Disaster Recovery scenarios using VMware Site Recovery Manager

The corporate business is heavily dependent on IT solutions and often these are not properly structured to deal with incidents of any kind, even the most remote, which could cause damage, an interruption or loss of data. VMware Site Recovery Manager (SRM) is a disaster recovery solution that allows you to minimize the downtime of workloads in the VMware environment in the event of a disaster. SRM is very popular for customers who use VMware at on-premises datacenters and recently the possibility of using the same solution with Azure VMware Solution was announced (AVS). This article describes how SRM for AVS can simplify the management of Disaster Recovery strategies, ensuring rapid and predictable recovery times.

What is VMware Site Recovery Manager (SRM)?

VMware Site Recovery Manager is an automation solution, which integrates with underlying replication technology, able to offer:

  • Recovery test without service interruptions
  • Workflow able to guarantee the orchestration of DR plans in an automated way
  • Automatic reset of network and security settings (integration with VMware NSX)

The solution offers the possibility to insure in a simple and reliable way, restore and move virtual machines between multiple VMware sites with little or no downtime.

Site Recovery Manager allows you to natively take advantage of VMware vSphere and use the SDDC architecture (Software-Defined Data Center) integrating with other VMware solutions, such as VMware NSX (network virtualization) and VMware vSAN.

Site Recovery Manager requires one of the following underlying replication technologies to orchestrate virtual machine recovery operations:

  • VMware vSphere Replication: replication focused on VMs and based on the hypervisor. It is the solution natively integrated with Site Recovery Manager and included in most versions of vSphere.
  • Third party solutions: Site Recovery Manager uses plug-in SRA (Storage Replication Adapter) developed by storage partners for integration with third-party systems.

How to purchase SRM

Site Recovery Manager is available in two versions: Standard ed Enterpirse. Both versions of Site Recovery Manager are licensed “per protected virtual machine”.

  SRM STANDARD SRM ENTERPRISE
Licenses As far as 75 Protected VMs per site No license limit on the number of protected VMs
Exclusive features   –          Integration with VMware NSX

–          VMotion orchestrated movement between multiple vCenter instances

–          Extended storage support

–          Policy-based storage management

 

What is Azure VMware Solution (AVS)?

Azure VMware Solution (AVS) is a service that allows the provisioning and execution of an environmentVMware Cloud Foundationfull in Azure.VMware Cloud Foundation is VMware's hybrid cloud platform for managing virtual machines and orchestrating containers, where the entire stack is based on a hyperconverged infrastructure (HCI). This architecture model ensures consistent infrastructure and operation across any private and public cloud, including Microsoft Azure.

Figure 1 – Azure VMware Solution overview

The solutionAVS allows customers to adopt a full set of VMware features, with the guarantee of holding the validation "VMware Cloud Verified". At the same time the platform is maintained by Microsoft and automatic and regular updates are guaranteed, that allow you to take advantage of the latest feature sets, as well as obtaining high security and stability.

Thanks to this solution it is therefore possible to have consistency, performance and interoperability for existing VMware workloads, without sacrificing speed, the scalability and availability of the global Azure infrastructure.

An Azure VMware Solution Private Cloud includes:

  • vCenter server for managing ESXi and vSAN
  • Dedicated bare-metal servers provided with ESXi VMware hypervisor
  • VMware vSAN datastore for vSphere vMs
  • VMware NSX-T software defined networking for vSphere vMs
  • VMware HCX for workload mobility management

Figure 2 - Azure VMware Solution interconnection with the on-premises and Azure environment

Azure Private Cloud infrastructure contains vSphere clusters on dedicated bare metal systems, able to scale from 3 to 16 host. It also provides the ability to have multiple clusters in a single Azure Private Cloud. The hosts are high-end and equipped with two Intel processors 18 core, 2,3 GHz and 576 GB RAM.

VMware Site Recovery Manager (SRM) with Azure VMware Solution (AVS)

Site Recovery Manager (SRM) for Azure VMware Solution (AVS) is able to automate and orchestrate failover and failback processes in the following Disaster Recovery scenarios:

  • On-premise VMware to Azure VMware Solution private cloud disaster recovery
  • Primary Azure VMware Solution to a secondary disaster recovery Azure VMware Solution private cloud

Furthermore, thanks to the ability to perform failover tests without generating disruption to the production environment, it is possible to periodically guarantee the achievement of the recovery time objectives required for the disaster recovery plans.

Figure 3 - Diagram of a DR scenario between two Azure VMware Solution environments

Also in this scenario SRM is licensed and supported directly by VMware. Customers cannot reuse SRM licenses from the on-premises environment even in AVS environments, but new SRM licenses must be available for AVS environments.

Azure VMware Solution also provides a mechanism to simplify the installation and management of the SRM life cycle. In fact,, by accessing the navigation menu in the AVS private cloud it is possible to install VMware SRM with vSphere Replication as an additional service. To do this, simply select “VMware Site Recovery Manager (SRM) - vSphere Replication ”from the Disaster Recovery Solution menu and follow the relevant instructions.

Figure 4 - Enabling of “VMware Site Recovery Manager (SRM) – vSphere Replication” from Disaster Recovery Solution menu of AVS

Use cases

This integration between Azure VMware Solution and Site Recovery Manager can be activated to implement the following types of recovery scenarios:

  • Planned migration. This is an orderly migration of virtual machines from the protected site to the recovery site where no data loss is expected during the guided migration of workloads.
  • Disaster Recovery. SRM activates the DR plan when the primary site unexpectedly goes offline. Site Recovery Manager orchestrates the recovery process with replication mechanisms, to minimize data loss and environment downtime.
  • Bidirectional protection. Bi-directional protection uses a single set of paired SRM sites to protect virtual machines in both directions. Each site can be a protected site and a recovery site at the same time, but for a different set of virtual machines.

Conclusions

Thanks to the introduction of this feature in AVS, starting from the automation functionality of VMware Site Recovery Manager recovery plans and the hypervisor-based replication capabilities of vSphere Replication, you can take advantage of an end-to-end Disaster Recovery solution, able to accelerate the enabling of the protection, as well as simplifying the operations necessary to implement DR plans. In this way, you can make the most of the agility and convenience of this solution in an Azure environment.