Virtualized Exchange Servers in Distributed Configurations
As previously described, Backup Exec supports modern image-level (“agentless”) protection of VMware and Hyper-V virtual machines, including virtual machines hosting applications such as Exchange. It’s important to note that Backup Exec does not currently support image-level backups of virtualized Exchange servers in a distributed configuration. Only virtual standalone Exchange servers are supported for image-level backup and granular recovery.
In order to achieve granular recovery support of virtualized Exchange servers in a distributed configuration, such as an Exchange 2010 Database Availability Group (DAG), the virtual machines must be protected using agent-based backups, which essentially treats each virtual machine as if it were a standalone, physical system.
Note: Backup Exec does not support granular recovery of Exchange 2013 mailbox objects. This functionality is planned for a later release of Backup Exec.
Protection of Physical Exchange Servers
For physical Exchange servers, the Agent for Windows is installed locally to the Exchange server. The Agent for Windows interacts with the physical Exchange server to prepare the Exchange databases for backup and to transmit backup data to the Backup Exec server over the NDMP protocol.
Backup of Physical Exchange Servers
VSS Integration and Physical Exchange Servers
Backups of physical Exchange servers that are captured by the Agent for Windows are snapshot backups performed using Microsoft’s VSS Writers (the only exception is Exchange 2003, which does not have a VSS writer). In most cases, Backup Exec uses a VSS full backup, which ensures that Exchange is placed into a consistent state at the time of backup and also truncates transaction logs, a key element of maintaining a healthy database application over time.
The Agent for Windows can only protect Exchange components of a server after the Agent for Applications and Databases has been licensed within Backup Exec.
Granular Application Recovery of Physical Exchange Servers
In addition to preparing physical Exchange servers for backup and transmitting Exchange backup data to the Backup Exec server for storage, the Agent for Windows also plays a key role during Exchange recovery. For example, the presence of the Agent for Windows locally installed to a physical Exchange server enables the Backup Exec server to directly transmit and restore granular Exchange objects back to the production Exchange environment of an organization.
Offhost Backups of Physical Exchange Servers
Backup Exec also supports offhost backups of physical Exchange servers. Offhost backups help alleviate the processing overhead of backup operations from the physical Exchange server and transfer them to the Backup Exec server.
For more information on Backup Exec and configuring offhost backups of physical Exchange servers, refer to the Backup Exec Administrator’s Guide and the following technote: http://www.symantec.com/docs/HOWTO12231.
Uniquely Named Mailbox
To enable key features related to the protection and recovery of Exchange servers, such as granular recovery of Exchange objects, Backup Exec must have access to a uniquely named mailbox within the Exchange infrastructure. Access to this mailbox enables Backup Exec to interact with Exchange and important components within the Exchange Information Store. In order to enable granular recovery of Exchange objects, you must use the appropriate Exchange Server management utility to assign the user account to the Exchange Organization Administrators role (Exchange 2007) or the Exchange Organization Management role (Exchange 2010/2013).
The uniquely named mailbox cannot be hidden in the Exchange Global Address List.
For more information about this mailbox and associated requirements, refer to the Backup Exec Administrator’s Guide or the following technote:
- Ensuring Exchange mailbox name is unique http://www.symantec.com/docs/TECH24691.
Exchange Management Tools
You must install the Exchange Management Tools on the Backup Exec server. The management tools on the Backup Exec server must be the same version or later as the management tools that are on the Exchange Server. For more information about installing the Exchange Management Tools, refer to your Microsoft Exchange documentation.
Protection of Virtualized Exchange Servers
For virtualized Exchange servers, Backup Exec interacts with the Exchange server through the virtual host, either through software APIs provided by the virtual infrastructure (VMware), or through the Agent for Windows installed to the virtual host (Hyper-V). For virtualized Exchange servers, Backup Exec fully supports what is generally known as “agentless” backup, both for VMware as well as Hyper-V environments.
Backup of Virtualized Exchange Servers
For additional information on requirements for protecting Exchange environments using Backup Exec, refer to the Backup Exec Administrator’s Guide and the following technotes:
- General Exchange protection requirements: http://www.symantec.com/business/support/index?page=content&id=HOWTO24128
- Exchange granular recovery requirements: http://www.symantec.com/docs/TECH51740
Note: “Licensing Backup Exec in Exchange Environments” provides more information about the Agent for Applications and Databases licensing.
Exchange Protection Methods and Technology
Backup Exec employs modern, highly advanced, and scalable technology to protect and recover Microsoft Exchange systems. While very easy-to-use, these sophisticated technologies ensure that Microsoft Exchange remains properly protected and ready for recovery events, allowing customers and partners to sleep easy at night, knowing they are prepared to handle any disaster that may befall their Exchange infrastructure.
Supported Exchange Versions
Backup Exec supports all major versions of Microsoft Exchange, including Exchange 2003/2007/2010/2013. Please note that for Exchange 2010/2013 systems, the Backup Exec server must be hosted on 64-bit hardware. For a complete list of supported software platforms and applications, please refer to the Backup Exec Software Compatibility List (SCL): http://entsupport.symantec.com/umi/V-269-1.
Components Used to Protect Exchange
The Backup Exec Server
The primary component used to protect and recover Microsoft Exchange is the Backup Exec server. The Backup Exec server interacts with the Exchange system to prepare the system for backup, to capture backup data selections, to store backup sets to the target storage device, and to perform recovery operations.
The Agent for Windows
For physical Exchange servers, the Backup Exec Agent for Windows is installed to the physical Exchange servers to identify, capture, and transmit Exchange backup data to the Backup Exec server for storage. For Exchange 2007 and later (Exchange 2003 does not have a VSS writer), Exchange backup data is captured through VSS snapshots and transmitted by the Agent for Windows to the Backup Exec server over the NDMP protocol, using a secure (TSL/SSL) and trusted connection.
For virtualized Exchange servers on the VMware vSphere or Microsoft Hyper-V platforms, the virtual machines hosting Exchange are protected using image-level backups through snapshot interactions with the virtual host. In these virtualized configurations, the Agent for Windows can be installed on the Exchange virtual machine to enable application discovery and metadata collection, allowing for granular application recovery features for virtualized Exchange servers. Protection of virtualized Exchange servers without the Agent for Windows installed is also supported, but virtual recovery options are limited to full virtual machine recovery and file/folder recovery.
Additional information on the differences in how Backup Exec can be used to protect physical and virtualized Exchange servers is provided in “The Agent for Applications and Databases.”
The Agent for Applications and Databases
When protecting either physical or virtualized Exchange servers with Backup Exec, a license for the Agent for Applications and Database is required before Backup Exec can perform backup and recovery operations of Exchange application data.
Enabling the Agent for Applications and Databases
Whether the Agent for Applications and Databases license is included or purchased separately depends on the Backup Exec version that is being used. For example, the standard Backup Exec 2012 product allows customers to pick and choose the different agents and options they need to protect their environment, while the Backup Exec 3600 Appliance includes unlimited use of the Agent for Applications and Databases in its core license.
It’s important to note that the Agent for Applications and Databases does not represent a true software agent that needs to be pushed or installed to a physical Exchange server in order to protect it; the license simply unlocks the ability for Backup Exec to interact with and protect Exchange components. The Agent for Applications and Databases also enables the use of Backup Exec’s VFF driver, which is used for advanced granular recovery operations.
We have become a species of information addicts – the “information explosion” is affecting the everyday lives of office workers. What is crystal clear is that we are all suffering from a 21st century ailment – Information Overload – and it is taking over our personal lives, working lives, and our businesses.
Businesses need to protect a broad range of information, generated in a plethora of ways, through multiple applications used by billions of individuals around the world. Organisations not only need to protect their information and IT infrastructure, but need to be aware of how the infrastructure facilitates the sharing and use of the information used by the organisation between, not just connections among colleagues, but linking businesses, from businesses to consumers, as well as between consumers themselves. In other words, all the collaborative environments, and the movement of data while in use.
Accessing work information out of hours, compulsively checking emails, texts and social media and hoarding endless emails and multiple versions of the same file are all symptoms of information overload. But the technology enabling us to be more productive (fantastic mobile devices and faster connectivity) together with the mismanagement of information is actually counter-productive.
Email is Business Critical
Email has become an indispensable way of communicating and transferring data in the modern electronic age. In the year 2010, it was estimated that almost 300 billion emails were sent each day, and around 90 trillion emails were sent every year. Considering the rate at which data continues to increase year-over-year, the number of emails sent today is likely significantly greater. Email is used for many forms of communication, including business critical communications for companies of all sizes.
Companies rely heavily upon email systems to conduct day-to-day business operations, and any significant period where access to email is lost is considered to be highly intolerable.
All email solutions used by modern businesses are based upon a server infrastructure hosting an email software system. Whether hosted locally on physical or virtualized servers, hosted by a partner, or hosted in the cloud, these email software systems support the incredible amount of email transmissions that happen every day, and can be implemented in many different sizes and configurations. Perhaps the most common and popular email system used in the industry today is Microsoft Exchange.
Because Microsoft Exchange plays such a critical role in the ability for organizations to conduct day-to-day business, it’s equally critical that companies employ protection solutions that enable them to quickly and easily recover their Exchange system should a data loss or disaster event occur. Backup and recovery solutions of the highest value will offer features that enable the following:
- Functionality designed specifically for Microsoft Exchange
- Protection of Exchange while it remains online and functional
- Ability to protect physical Exchange servers as well as virtualized Exchange systems
- Support for highly available Exchange configurations
- Adherence to Microsoft best practices for Exchange backup and recovery
- Optimization of secondary (backup) storage using data deduplication technology
- Support for local as well as offsite storage of backup data
- Multiple levels of recovery from a single-pass backup
Symantec Backup Exec
For many years, the Symantec Backup Exec product family has offered market-leading solutions for the protection of Microsoft Exchange, and solves each of the key problems mentioned above. The Agent for Applications and Databases offers purpose-built functionality to ensure Microsoft Exchange is properly protected against disaster and to help partners and customers quickly and easily perform any level of Exchange recovery, whether it’s bare metal recovery of a physical Exchange server, granular recovery of an individual Exchange email, or anything in between.
Key benefits of Backup Exec include the ability to:
- Reduce business downtime
- Eliminate complexity
- Spend less time managing backups
- Ensure critical information on virtual or physical systems is always protected
- Restore data in seconds
- Reduce storage and management costs
- Optimise network utilisation
- Eliminate redundant additional backup jobs
- Provide granular recovery of data for applications and databases
Client-side deduplication uses a process whereby deduplication calculations, meaning the identification of unique and non-unique blocks and the skipping of non-unique blocks, is driven by the local Backup Exec 2012 SP2 agent locally installed to the protected server. The advantage of using this method is that only the unique blocks of data are transferred to the Backup Exec 2012 SP2 server, greatly reducing the data traffic impact on network or LAN.
Backup Exec Server-side Deduplication
The Backup Exec server-side deduplication method uses a process where all backup data is transferred to the Backup Exec 2012 SP2 server before deduplication calculations are made. After backup data has arrived at the Backup Exec 2012 SP2 server, blocks are fingerprinted and identified as unique or non-unique, and either kept or skipped respectively.
The appliance deduplication method leverages a 3rd party deduplication device to handle all aspects of deduplication. Backup data is transferred to the appliance device for storage, while catalog information is transferred to the Backup Exec 2012 SP2 server.
The Backup Exec 2012 Hardware Compatibility List (HCL) contains information about all 3rd party deduplication devices that have been certified with Backup Exec 2012 SP2.You can find a list of compatible operating systems, platforms, and applicationsat the following URL: http://entsupport.symantec.com/umi/V-269-1
Flexible Deduplication Choices
Different deduplication methods can be mixed and matched to better service the configuration needs of Backup Exec 2012 SP2 customers.
Integrated Block-level Deduplication for Backups
Configurations are not restricted to a single deduplication method for a particular environment. Some protected servers will be better matched for one type of deduplication or another, and Backup Exec 2012 SP2 administrators have the flexibility to mix and match deduplication methods in order to tailor protection to meet the specific needs of their environment.
Combining the SIS deduplication technology within the Exchange Mailbox Archiving Option with the Deduplication Option can offer additional storage savings for Backup Exec 2012 SP2 administrators, allowing them to reduce storage costs by getting the most out of the backup and archiving storage resources at their disposal.
Underlying Technical Principles
Exchange Mailbox Archiving Option Basic Architecture
The archiving technology imbedded within Backup Exec 2012 SP2 is based upon Enterprise Vault and uses the same core archiving storage components found in Enterprise Vault. So it’s pretty fine technology. The storage components in EV & BE include:
- Vault store
- Vault store partitions
- Fingerprint database (Single Instance Storage (SIS) Deduplication)
The Backup Exec 2012 SP2 server manages the vault store and vault store partitions as a storage device and writes data into archives from backup data sources according to the backup jobs configured by the administrator. So the Administrator defines the archiving policies for Exchange – 90 day/200 day whatever …
Figure 2: Archiving Storage Components Diagram
The vault store is the parent container for archived data. The vault store is managed as a storage device by the Backup Exec 2012 SP2 server. The vault store is separated into partitions which contain the actual archive data. Only one partition can be open at any given time to receive new archive data. However, Archives can span more than one partition.
Vault Store Partition
A vault store partition is a path to storage (e.g. ‘E:\Archive’). A vault store partition can be in one of two states: open or closed. The partition with the open state is the partition to which new archive data is written and stored. As mentioned previously, only one partition can be open at a time, so you can only write to one partition at any one time even though archives can span across partitions.
Vault store partitions with the closed state do not receive new archive data; however, closed partitions can still be read for data recovery purposes and can have data elements deleted according to archive expiration policies configured by the Backup Exec 2012 SP2 Administrator.
An archive is a collection of archived data. For the purposes of the Backup Exec 2012 SP2 Exchange Mailbox Archiving Option, one archive corresponds to one backed up user mailbox.
Archives can have new data added to them and can have old data deleted from them according to the settings configured by the Backup Exec 2012 SP2 administrator. An archive can span more than one vault store partitition, since the partition that was open at the time the archive was created may not be the same partition that is open and receives new data for the archive at a later time.
Although the data that’s been archived is deleted at source – thereby creating storage space on the Exchange Server – the end user can still locate the archive data in the same way that they could using Enterprise Vault – dead cool frankly!
Yes, it’s true – we are becoming a nation of information addicts – at least according to a survey Symantec recently carried out. Symantec wanted to find out more about how the so-called information explosion is affecting the everyday lives of British office workers. What was abundantly clear is that we are all suffering from this 21st century ailment – Information Overload – sounds like a Tom Cruise film, or AC/DC album – and it is overtaking not only our working lives, but our personal ones too.
Accessing work information out of hours, compulsively checking emails, texts and social media and hoarding endless emails and multiple versions of the same file are all symptoms of information overload experienced by those we surveyed. See the stats here.
But whereas the technology enabling us to do this (fantastic mobile devices and faster connectivity) all purport to make us more productive in the workplace, is our mismanagement of information actually counter-productive?
IDC has recently estimated that in 2011 over 1.8 Zetabytes of information was created and replicated (IDC, “The 2011 Digital Universe Study: Extracting Value from Chaos”) and if we go by Moore’s Law this will continue to grow almost immeasurably over the coming years. What does this mean for our state of mind and the systems we work with – will we reach a moment when we are essentially ‘drowning’ in information?
Not if the technologies that store and manage information also continue to improve. We are working very hard to make managing information easier, faster and more efficient for businesses of all sizes. This means making sure that what is actually useful and valuable is stored, archived and backed up correctly, while the rest is relegated to permanent deletion.
But technology can only go so far, some of the onus is still on businesses and individuals to moderate their work behaviour to take into account this new work paradigm.
Part II – What can we do about it?
- Unite Virtual and Physical: Powered by Symantec V-Ray technology, Backup Exec 2012 enables visibility across both virtual and physical environments for fast and efficient backup and recovery while eliminating the need for specialised point products.
- Eliminate Backup Complexity with a New Administration Console: A newly redesigned administration console will provide users with fast, concise management and monitoring capabilities.
- Integrated Disaster Recovery: With bare-metal disaster recovery and Backup Exec’s “no hardware DR” built in, organizations will be able to easily recover a failed system to a physical server, or to a Hyper-V or VMware guest.
- Capacity Licensing: New capacity licensing model for Managed Service Providers (MSPs), mid-sized and lower enterprise organizations will provide easier purchasing and maintenance by capacity as an alternative to existing a la carte pricing.
- Small Business Edition: In less than 10 minutes and with just three simple steps, Backup Exec 2012 Small Business Edition will install and configure backups so small businesses with limited IT experience can protect their data with ease. The new Backup Exec Small Business Edition will bundle Symantec’s data and system recovery technology into one affordable solution with a single license that’s designed specifically for a growing business.
Microsoft Windows 7 Backup is getting trashed in a Microsoft forum for being unbelievably bad and slow.
Like this comes as such a surprise … Windows Backup? “It is an insult.” Jon Hell on a Microsoft Forum: http://social.technet.microsoft.com/Forums/en-US/windowsbackup/thread/3e08fc65-52f5-48ca-ae13-321cdfc44fbd … “Windows Backup is an embarrassment.” Said another.
Why everyone isn’t using Backup Exec System Recovery Desktop Edition 2010 (BESR 2010) for their desktops and laptops beats me. Really simple to use as either a backup or disaster recovery tool, BESR 2010 is a cost-effective solution that helps minimise downtime and avoid disaster – it’s like Zero to DR in 10 minutes. You can recover individual data files/folders or complete Windows desktops or laptops in minutes.
I use it on my machine and mount the backups on a 500 GB USB drive (no power required) and take an off-site copy to our file servers at the same time. I never see any system impact – there is a slider that allows you to reduce the impact if you do see some degradation. It’s really simple to install, licence and set up. In fact, to be honest it’s easier to schedule your backups with BESR than it is to set up a meeting in Outlook, and recovery is just as simple.
With an off-site copy I can ensure that even if I lose my external drive I can get my data or systems back and backing up to a USB drive means I can restore data from anywhere even if I’m not connected to the Symantec network. Easy, simple, effective. New machine with Windows 7 O/S, no problem restoring data to different hardware … you can store your backups in a virtual environment which makes sense.
It’s a standalone solution as well as a 1+1=3 component of a larger data protection strategy, in fact I know of NetBackup customers who use BESR Server Edition to give themselves DR capabilities for their Windows Servers as well as using BESR Desktop to backup their employees laptops and desktops.
So, there’s no need to rely on Windows 7 Backup … given that Symantec has just won Best of Tech Ed Award fBackup and Reco.very
Full article in The Register can be found at:
Questions to ask yourself:
- How long does it take you to recover a desktop or laptop?
- How long does it take you to recover a Windows system?
- Can you recover a system to dissimilar hardware?
- Can you recover a complete system?
- How easily can you recover a virtual system?
I’ve been pretty busy in the last couple of days demonstrating outside Olympia (http://www.computerweekly.com/Articles/2009/10/14/238126/anti-upgrade-demonstration-at-storage-expo.htm); on a couple of speaker panels (one on Data Centre trends and the other on Thin Provisioning); speaking to customers and partners and generally not getting enough sleep.
Although it seems that there were fewer attendees than previous years the quality was so much better. Frankly, for the first time ever, no one asked me how to configure their Norton 360 home PC product (for which I am eternally grateful because I know as much about Norton as most home users). No, this year every conversation I had was pretty specific about how to get more out of IT assets, which was handy as that’s what we do at Symantec.
The hardware vendors had a tough time – storage infrastructures desperately need to be optimised and consolidated. Backups need to be architected around the business requirements and specific infrastructures with centralised management and automated processes.
Backup Exec System Recovery was a hot topic. Virtually every conversation I had came back to: “How do I get a simple, cost effective DR process for my servers and desktops and laptops?” The answer is, of course, BESR. Actually, when it comes to backup, whatever the question, the answer is invariably The Backup Exec Family.