Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
1Acronis Training and Certification – Authorized Use Only
UNDERSTANDINGACRONIS BACKUPFundamental concepts in Acronis Backup and Acronis Backup Cloud
2Acronis Training and Certification – Authorized Use Only
Module Outline
1. Components & Implementations
2. Storing Backups
3. Acronis Backup Cloud 3rd Party Integrations
4. Navigating The Backup Console
5. Backup, Recovery and Other Operations
3Acronis Training and Certification – Authorized Use Only
Components & Implementations
Installable software components and types of deployment and
implementations
4Acronis Training and Certification – Authorized Use Only
1. 3-Tier Architecture
On-premise | Cloud
StorageLocal, Network, Cloud,
Tape, Storage Node
On-premise | Cloud
ManagementBackup Console &
Management Server
Physical | Virtual | Cloud
Applications | UsersData Source Agents
5Acronis Training and Certification – Authorized Use Only
1. List of Components
Type Components
Data Source
Install on machine or device to be backed up. Supports
physical, virtual, cloud, applications and user devices
(PC, Mac, iOS, Android)
‒ Agent for Windows
‒ Agent for Linux
‒ Agent for Mac
‒ Agent for VMware (Windows)
‒ Agent for VMware (Virtual Appliance)
‒ Agent for Hyper-V
‒ Agent for Virtuozzo
‒ Agent for Office 365
‒ Agent for Exchange
‒ Agent for SQL
‒ Agent for Active Directory
‒ Agent for Oracle
‒ Mobile app for iOS
‒ Mobile app for Android
Management
Install on-premise or use cloud-based management
hosted in Acronis or partner datacenter
‒ Web-based Backup Console
‒ Management Server
Storage
Store data on-premise or on cloud storage provided by
Acronis or Service Provider
Acronis Backup
‒ Local, Network, Cloud, SFTP, Tape
‒ Acronis Storage Node (ASN)
Acronis Backup Cloud
‒ Acronis Storage Gateway
‒ Acronis Storage 2.x
6Acronis Training and Certification – Authorized Use Only
1. List of Components
Type Components
Ancillary
Additional components to enable additional features
‒ Bootable Media
‒ Bootable Media Builder
‒ Backup Monitor
‒ Command-Line Tool
‒ Acronis SharePoint Explorer
‒ Components for Remote Installation
‒ Catalog Service
‒ PXE Service
‒ Acronis Monitoring Service
Management Server Database
Database for storing management data
‒ SQLite (built-in, by default)
‒ Microsoft SQL Server 2012 or later (external, customize install settings)
9Acronis Training and Certification – Authorized Use Only
1. Acronis Backup Cloud
End-User Site
Network
Storage
Web-Based
Console
Physical
Server
Virtual
Host
PC
Mac
Agents
Data CenterManagement
Servers
Cloud Management
& Storage
Service Provider
Cloud Storage
Cloud | Local | Network
Store backups on Acronis or Service Provider
cloud storage, local disks and network
storage
Storage
Agents
Perform backup, recovery and migration on
local, remote, cloud machines, applications
and mobile devices
Data Source
Management Server | Web-Based Console
Connect using a browser to the cloud-based
Management Server to configure and
manage backups for all devices
Management
10Acronis Training and Certification – Authorized Use Only
1. Acronis Backup Cloud Implementations
Acronis HostedManagement
Servers
Cloud Management
& Storage
End-User Site
Network
Storage
Physical
Server
Virtual
Host
PC
Mac
Agents
HybridManagement
Servers
Cloud Management
& Storage
Service Provider
Cloud Storage
End-User Site
Network
Storage
Physical
Server
Virtual
Host
PC
Mac
Agents
SP HostedManagement
Servers
Service Provider
Cloud Management
&Storage
End-User Site
Network
Storage
Physical
Server
Virtual
Host
PC
Mac
Agents
11Acronis Training and Certification – Authorized Use Only
Storing Backups
Supported backup locations for local and cloud backup
12Acronis Training and Certification – Authorized Use Only
2. Storing Backups
‒ Backups can be stored on the following locations:
▪ Cloud Storage: Acronis datacenter or Service Provider cloud storage (Acronis Backup
Cloud only)
▪ Local folder: Local disks and removable media such as USB HDD
▪ Secure Zone: Secure partition on a local disk accessible by Acronis software only
▪ Network folder: SMB/CIFS/DFS shares, NFS folders (Linux and Mac OS X only)
▪ SFTP: Secure FTP
▪ Storage Node: Storage location managed by an Acronis Storage Node, can be local
disks, network folder or tape
▪ Tape: Tape device directly connected to the local machine or managed by Acronis
Storage Node
13Acronis Training and Certification – Authorized Use Only
2. Supported File Systems
File System*Supported By
LimitationsAgents Linux-based Win-PE based Mac
FAT16/32
All agents
‒ No limitationsNTFS
ext2/ext3/ext4
HFS+ Agent for Mac
JFS
Agent for Linux
‒ Files cannot be excluded from a
disk backupResierFS3
ResierFS4 ‒ Files cannot be excluded from a
disk backup
‒ Volumes cannot be resized during
a recovery
ReFSAll Agents
XFS
Linux Swap Agent for Linux ‒ No limitations
* Software will automatically switch to sector-by-sector backup when backing up drives with unrecognized or unsupported file systems
26Acronis Training and Certification – Authorized Use Only
2. Acronis Datacenters
14 Acronis Cloud
Data Centers now
More coming, it takes only 4
weeks to launch a new one
Strong presence in Asia-Pacific:
Singapore, Japan, Korea, Australia
27Acronis Training and Certification – Authorized Use Only
2. Cloud Storage Implementations
‒ Service Providers on Hybrid and SP Hosted implementation model can
setup their own cloud storage to store their customers’ backups
‒ Acronis provides proprietary storage software as part of the Acronis Backup
Cloud solution:
▪ Acronis Storage Gateway: lightweight gateway software for easy and rapid deployment
of cloud storage for Acronis Backup Cloud
▪ Acronis Storage 2.0: Software-defined-storage for transforming low-cost commodity
hardware into scalable fault-tolerant enterprise-grade storage
‒ Acronis Storage 2.0 can be used as a storage solution for storing data other
than Acronis Backup Cloud backups:
▪ Usage is free when used for storing Acronis Backup Cloud backups, pay-per-use (per
GB) when used for storing other types of data (block, object and file storage)
28Acronis Training and Certification – Authorized Use Only
2. Cloud Storage Implementations
Acronis Storage Gateway Acronis Storage 2.0
‒ Supports the following storage backends:
▪ Local directory or mounted NFS
▪ Amazon S3 & S3 API-compatible storage such as Swisscom,
IIJ GIO and Cleversafe
▪ Microsoft Azure
▪ Openstack Swift
‒ No fault-tolerance, redundancy dependent on storage, i.e., local or
mounted NFS must be on RAID 1/5/6; vendor SLA for S3, Azure
and Swift
‒ Each installation is limited to 1 storage backend connection with
multiple installations possible
‒ Requires 1 x physical or virtual machine for installation:
▪ 2-4 (v)CPU, 4GB RAM or more, 100GB free disk space for
logs
▪ Installed as Linux package on x86_64 RHEL 7 or CentOS 7
‒ Serve up to 2Gbps of user traffic (50-100 simultaneous backups)
‒ Supports local disks as storage backend with option of using SSD
for caching to improve performance
‒ Can be configured as Acronis Backup Cloud cloud storage, block
(iSCSI), object (S3) or file* storage
‒ Fault-tolerance depends on chosen redundancy mode which uses
either replication or erasure coding to prevent data loss:
▪ 2 or 3 nodes: replication, 1 or 2 node failure with no loss
▪ 5 or more nodes: erasure coding, 2 node failure with no loss
‒ Typically only 1 installation of Acronis Storage 2.0 is needed –
multiple clusters and storage tiers can be configured to cater to
different usages
‒ Requires 2 or more physical servers with min. 3 disks each for
installation:
▪ Recommended: Intel Xeon E5-2620V2 or faster CPU with at
least 1 core per 8 HDD, 16GB ECC RAM + 0.5GB per HDD, 4
or more HDD/SSD (min. 1 DWPD, 10 DWPD recommended),
2 x 10Gbps NIC
▪ Installed as Acronis Storage software on bare metal
29Acronis Training and Certification – Authorized Use Only
Acronis Backup Cloud3rd Party Integrations
Supported Service Provider automation platforms
30Acronis Training and Certification – Authorized Use Only
3. Integration via RESTful API and APS
‒ Acronis Backup Cloud provides automation integration though packages and
plugins for various management platforms
‒ Integration packages and plugins are based on either RESTful API or APS
(Application Packaging Standard)
‒ Operations possible include but are not limited to:
▪ Selling customized backup-as-a-service based on Acronis Backup Cloud in addition to
other cloud services such as hosting, connectivity, SaaS and IaaS
▪ Automating billing, customer provisioning and endpoint backup management via existing
web portals and tenant webpages
31Acronis Training and Certification – Authorized Use Only
3. Supported Platforms
32Acronis Training and Certification – Authorized Use Only
Navigating the Backup Console
How to navigate the web-based backup and account management consoles
33Acronis Training and Certification – Authorized Use Only
4. Navigating Acronis Backup Cloud Consoles
Switch to Groups Menu Switch to Backup Management
Switch to Reports Menu
Switch between Groups
Usage summary
Group settings
34Acronis Training and Certification – Authorized Use Only
4. Navigating Acronis Backup Cloud Consoles
Switch to Account Management Switch Views
Selected machine
Add Agents
Main Menus
Actions available
36Acronis Training and Certification – Authorized Use Only
Backup, Recovery & Other Operations
Understanding backup, recovery, deduplication, Active Protection™, and
Acronis Notary™
37Acronis Training and Certification – Authorized Use Only
5. Backup Operation – Agent Based Backup
Backup
Managed Machine
Agent
Backup Plan 1
Task 1
Always Inc. (Single-File)
Task 2
Cleanup
Backup Plan 2
Task 1
Weekly Full, Daily Inc.
Task 2
Replicate Backup
Task 3
CleanupMaintain
Archive
Cloud Storage
F Backup 1
I Backup 2
I Backup 3
Disk 1
Backup
Disk 2 Local Storage
F Backup 1
I Backup 2
Manage
Web Browser
Management Server
Backup Management Console
38Acronis Training and Certification – Authorized Use Only
5. Backup Operation – Agentless Backup
Hypervisor
Manage
Web Browser
Management Server
Backup Management ConsoleAgent
(VMware/Hyper-V)
VM-n
Backup Plan 1
Task 1
Backup VM-1 to VM-n
Task 2
CleanupMaintain
Archive
Backup
Disk 1 Local/Cloud
F Backup 1
I Backup 2
VM-1
39Acronis Training and Certification – Authorized Use Only
5. Backup Operation – Off-Load Backup
Managed Machine
Agent(VMware)
Backup Plan 1
Task 1
Backup VM-1 to VM-2
Task 2
Cleanup
Backup Plan 2
Task 1
Backup VM-3 to VM-n
Task 2
Replicate Backup
Task 3
CleanupManage
Web Browser
Management Server
Backup Management Console
Hypervisor(ESXi Host)
VM-n
VM-1
VM-2
VM-3
Backup
Backup
40Acronis Training and Certification – Authorized Use Only
5. Recovery Operation – Online Recovery
Recover
Managed Machine
Agent
Recovery Task
Task 1
Validate Backup
Task 2
Restore Backup Select
Recovery
Point
Cloud Storage
F Backup 1
I Backup 2
I Backup 3
Disk 1
Disk 2 Local Storage
F Backup 1
I Backup 2
Manage
Web Browser
Management Server
Backup Management Console
41Acronis Training and Certification – Authorized Use Only
5. Recovery Operation – Bare Metal Recovery
Managed Machine
Agent(Bootable Media)
Recovery Task
Task 1
Validate Backup
Task 2
Restore Backup
Select
Recovery
Point
Cloud Storage
F Backup 1
I Backup 2
I Backup 3
Disk 1
Local Storage
F Backup 1
I Backup 2
Manage
Bare Metal
Bootable Media
Boot
Recovery Task
Task 1
Validate Backup
Task 2
Restore Backup
Task 3
Apply Universal Restore
43Acronis Training and Certification – Authorized Use Only
5. Snapshot Technologies
‒ Acronis Backup Agents performs disk imaging backup of physical and virtual
machines by leveraging on various snapshot technologies
‒ Hardware and software snapshot technologies are available and the
technology used depends on the backup source:
▪ Windows and Hyper-V: Microsoft VSS (Microsoft Shadow Copy Provider)
▪ Linux: Acronis SnapAPI (Acronis Snapshot Technology)
▪ VMware vSphere: VADP (VMware vStorage API for Data Protection) or SAN storage
snapshots (NetApp SAN only)
▪ Hardware storage devices that comes with Microsoft VSS enabled: Hardware
snapshots
44Acronis Training and Certification – Authorized Use Only
5. Backup ProcessI/O frozen I/O unfrozen
Pre
command*
START ENDPost
command*
Backup
Initiate
snapshot
technology
Pre data
capture
command*
Take
snapshot
Post data
capture
command*
Backup Plan
created
Agent(s) starts
backup process
as per script
Pre commands
are executed
Backup Plan
script deployed
to computer(s)
Pre data
capture
commands are
executed
Snapshot
technologies
are initiated
Post data
capture
commands are
executed
VSS-aware
applications are
quiesced**
Unfreeze all
disk I/O
Cataloging of
backed up data
Freeze all disk
I/O
Snapshot taken
of all disk
blocks to be
backed up
VSS-aware
applications are
unquiesced
Post commands
are executed
Backup starts
with reference
to snapshot
Agent(s)
finishes backup
process
Cataloging
Start
backup
Complete
backup
* Pre/Post commands and Pre/Post data capture commands are optional and can be configured in Backup options
**For non-VSS aware applications, depending on the snapshot technology, crash-consistent quiescing will be performed, i.e., write all valid data to disk to prepare for snapshot
45Acronis Training and Certification – Authorized Use Only
5. Snapshot Technologies
‒ Backups created with snapshot technologies will be crash-consistent, i.e.,
all data will be backed up consistently based on a single point-in-time and
individual files will be up-to-date
‒ Disk-level (including application-aware backups) and database-level
backups (for supported applications) of Windows machine with VSS-aware
databases will be application-consistent, i.e., VSS will checkpoint and
quiesce database prior to backup; results in database being usable
immediately upon recovery
‒ Non VSS-aware databases on Windows, Linux and Mac have to be
manually checkpoint or quiesced for application-consistent backup, if not
backup will be crash-consistent, i.e., after recovery, logs may have to be
applied to the database before it can be brought online and used
46Acronis Training and Certification – Authorized Use Only
5. Snapshot Technologies
‒ To manually quiesce non VSS-aware databases, use Backup option >
Pre/Post data capture command
‒ For VSS-aware databases on Windows and Hyper-V, Microsoft VSS have to
be functional, use vssadmin list writers to check status of writers of vss-
aware databases
‒ Recommend to have 20% or more free space per volume to be backed up
for storing snapshots and other meta-data during backup
50Acronis Training and Certification – Authorized Use Only
5. Acronis Active Protection™
‒ Actively protects a system from ransomware:
▪ Available for machines running Windows
Vista/Windows 2008 and later
▪ Monitor processes running on protected machines
▪ Uses behavioral heuristics to compare chain of
actions performed by a process against malicious
behavior patterns database
▪ When a 3rd party process tries to encrypt files,
Active Protection generates an alert and performs
additional actions if configured
▪ In addition, prevents unauthorized changes to
Acronis software processes, registry records,
executable and configuration files and MBR
51Acronis Training and Certification – Authorized Use Only
5. How Active Protection™ Works
‒ How Active Protection works:
▪ Active Protection Driver and Service will be installed together with Agent for Windows
▪ When Active Protection Plan is applied, Driver will be enabled and Service will be started
▪ Driver: Analyze file content and type before and after a change, if content type is
changed – suspect in-place encryption
▪ Service: 5 consequent suspicious changes – trigger alert, takes configured action in
Active Protection Plan such as check whitelist/blacklist, block process and recover
52Acronis Training and Certification – Authorized Use Only
5. Enabling Active Protection™
‒ Enabled via Active Protection Plan from
Management Server:
▪ Only 1 plan available currently, i.e., changes in the
Active Protection plan affects all machines with
Active Protection enabled, future updates will allow
multiple plans to be configured
▪ Enabling Active Protection on a machine starts the
Active Protection service
▪ Active Protection driver will then monitor file
changes performed by unsigned processes
▪ Self-protection allows only Acronis-signed
processes to modify backup archives (TIB/TIBX)
and backup configurations
53Acronis Training and Certification – Authorized Use Only
5. Active Protection™ Limitations
‒ Does not protect files from changes made via network sharing protocols:
▪ On local machine: Local files are not protected from changes made by remote machine
▪ On client machine: Files on network shares are not protected
‒ Processes spawned from executables with valid signatures are ignored
except when they try to modify resources protected with self-protection:
▪ When self-protection is enabled, Windows Explorer and other file management tools will
report errors when trying to modify protected resources
‒ Only files that meet the file size criteria will be cached (copy-on-write):
▪ Cache size = 10% of disk volume size, max file size = 10% of cache size
▪ Used for reverting files that have been encrypted when Revert using cache is selected
for the Active Protection Plan
59Acronis Training and Certification – Authorized Use Only
Questions?
60Acronis Training and Certification – Authorized Use Only
www.acronis.com
New Generation Data Protection
twitter.com/acronis blog.acronis.com facebook.com/acronis