Microsoft System Center Data Protection Manager Cookbook E-Book

Microsoft System Center Data Protection Manager Cookbook

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor: Rahul NairContent Development Editor: Abhishek JadhavTechnical Editor: Prachi SawantCopy Editor: SafisProject Coordinator: Jagdish PrabhuProofreader: Safis EditingIndexer: Tejal Daruwale SoniGraphics: Tom ScariaProduction Coordinator: Arvindkumar Gupta

First published: December 2018

Production reference: 1211218

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78728-928-4

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the authors

Charbel Nemnom is a Cloud Solutions Architect for itnetX (Switzerland) AG and a Microsoft Most Valuable Professional (MVP) for cloud and datacenter management. He has over 17 years of professional experience in IT. He works predominantly with the most recent versions of Windows Server, System Center, Microsoft Azure, and Azure Stack.

Charbel has previously contributed to several books, all of which were published by Packt. He is Microsoft-, Cisco-, and PMI- certified and holds the following credentials: MCP, MCSA, MCTS, MCITP, MCS, MCSE, CCNP, ITIL®, and PMP®. You can follow him on Twitter at @CharbelNemnom.

Patrick Lownds is a master-level solution architect working for Pointnext Advisory & Professional Services, in the Hybrid IT COE, for Hewlett Packard Enterprise (HPE), and is based in London, UK.

He currently works with the most recent versions of Windows Server and System Center and has participated in the Windows Server, System Center, and Microsoft Azure Stack Early Adoption Program.

He is a community blogger for HPE and tweets in his spare time. He can be found on Twitter as @patricklownds.

About the reviewer

Michael Seidl is a senior consultant and team leader in service management and automation, working for Base-IT, a Gold Partner in Systems Management, located in Austria. He is a three-time System Center Cloud and Datacenter Management MVP and a well certified Microsoft engineer with MCSA and MCSE. His experience as an IT consultant has been growing since 2001 and is mainly focused on SCDPM, SCO, SCSM, and PowerShell. Working with some of the biggest companies in Austria gives him the opportunity to work on exciting projects with complex requirements. Michael is also the founder of au2mator, a self service portal for Microsoft Automation. Follow Michael on Twitter at @techguyat or @au2mator.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Microsoft System Center Data Protection Manager Cookbook

Dedication

About Packt

Why subscribe?

Packt.com

Contributors

About the authors

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Sections

Getting ready

How to do it…

How it works…

There's more…

See also

Get in touch

Reviews

Installing and Upgrading DPM

Introduction

Planning your DPM deployment

Getting ready

How to do it...

How it works...

See also

Preparing your DPM deployment

Getting ready

How to do it...

How it works...

There's more...

See also

Installing SQL Server for the DPM database

Getting ready

How to do it...

Option 1 – local SQL Server instance

Option 2 – remote SQL Server instance

How it works...

Enabling the Transport Layer Security 1.2 protocol for DPM

Getting ready

How to do it...

How it works...

There's more...

Using certificate-based authentication to protect servers in a workgroup or untrusted domain

Protecting workloads on the cloud using DPM

See also

Installing DPM

Getting ready

How to do it...

Option 1 – installing DPM using a local SQL Server

Option 2 – installing DPM using a remote SQL Server

How it works...

There's more...

Automating the installation of DPM

Getting ready

How to do it...

How it works...

See also

Upgrading to the latest release of DPM

Getting ready

How to do it...

How it works...

There's more...

See also

Migrating legacy storage to Modern Backup Storage

Getting ready

How to do it...

How it works...

Installing the DPM agents

Getting ready

How to do it...

Option 1 – installing the agent from the DPM console

Option 2 – installing the agent manually

How it works...

There's more...

Upgrading the DPM agents

Getting ready

How to do it...

How it works...

There's more...

DPM Post-Installation and Management Tasks

Introduction

Using the DPM UI

How to do it...

How it works...

Enabling Modern Backup Storage (MBS)

Getting ready

How to do it...

How it works...

There's more...

See also

Configuring DPM agent throttling

Getting ready

How to do it...

How it works...

Optimizing the protection group

Getting ready

How to do it...

How it works...

Working with filters

Getting ready

How to do it...

How it works...

Configuring email notifications

Getting ready

How to do it...

How it works...

Applying Update Rollups (UR) to the DPM server

Getting ready

How to do it...

How it works...

Configuring a dedicated backup network

Getting ready

How to do it...

How it works...

Configuring Workload-Aware Storage

Getting ready

How to do it...

How it works...

Backup Storage Migration

Getting ready

How to do it...

How it works...

See also

Preventing unexpected data loss

Getting ready

How to do it...

See also

Creating a manual initial replica

Getting ready

How to do it...

How it works...

Creating custom reports

Getting ready

How to do it...

How it works...

Protecting Hyper-V VMs

Introduction

Configuring Hyper-V protection with DPM

Getting ready

How to do it...

How it works...

There's more...

Protecting Hyper-V VMs with Resilient Change Tracking

Getting ready

How to do it...

How it works...

There's more...

See also

Protecting Hyper-V clusters over SMB and Hyper-V replica

Getting ready

How to do it...

How it works...

There's more...

See also

Protecting Hyper-V clusters over Clustered Shared Volumes

Getting ready

How to do it...

How it works...

There's more...

See also

Protecting Hyper-V shielded VMs

Getting ready

How to do it...

How it works...

See also

Enabling DPM for scale-out Hyper-V protection

Getting ready

How to do it...

How it works...

See also

Recovering a Hyper-V virtual machine

Getting ready

How to do it...

How it works...

There's more...

Recovering a Hyper-V virtual hard disk

Getting ready

How to do it...

How it works...

There's more...

Recovering a single file using Item-Level Recovery

Getting ready

How to do it...

How it works...

There's more...

Monitoring DPM and Configuring Role-Based Access

Introduction

Monitoring DPM

Getting ready

How to do it...

How it works...

Publishing the DPM logs

Getting ready

How to do it...

How it works...

Monitoring DPM with SCOM

Getting ready

How to do it...

How it works...

Monitoring DPM without SCOM

Getting ready

How to do it...

Monitoring DPM operations through Windows Event Viewer

Monitoring DPM operations through the DPM Administrator Console

Using DPM reports to view usage and health trends

Using Performance Monitor to monitor the standard built-in operating system performance counters

How it works...

Installing the DPM Central Console

Getting ready

How to do it...

How it works...

Using the DPM Scoped Console

Getting ready

How to do it...

How it works...

Configuring remote administration

Getting ready

How to do it...

How it works...

Configuring and using role-based access

Getting ready

How to do it...

How it works...

Central reporting

Getting ready

How to do it...

How it works...

Protecting Microsoft Workloads with DPM

Introduction

Enabling file server protection with DPM

Getting ready

How to do it...

How it works...

There's more...

Enabling SQL Server protection with DPM

Getting ready

How to do it...

How it works...

See also

Enable Windows bare metal protection with DPM

Getting ready

How to do it...

How it works...

There's more...

See also

Securing Windows Client with DPM

Introduction

Creating a plan for backing up end user data

Getting ready

How to do it...

How it works...

See also

Plan for off-site end user backup

Getting ready

How to do it...

How it works...

See also

Configuring DPM and Active Directory for end user protection

Getting ready

How to do it...

How it works...

See also

Installing the agent automatically and manually on a client computer

Getting ready

How to do it...

How it works...

Performing image-level backups of client computers with DPM

Getting ready

How to do it...

How it works...

Protecting Microsoft Azure Stack with DPM

Introduction

Preparing to back up Azure Stack with DPM

Getting ready

How to do it...

How it works...

There's more...

See also

Backing up the infrastructure layer

Getting ready

How to do it...

How it works...

There's more...

Backing up the Azure Stack tenant layer

Getting ready

How to do it...

How it works...

See also

Overview of cloud recovery

Getting ready

How to do it...

How it works...

Protecting Workgroups and Untrusted Domains

Introduction

Setting up DPM protection with NTLM authentication

Getting ready

How to do it...

How it works...

There's more...

See also

Setting up DPM protection with certificate authentication

Getting ready

How to do it...

Adding a HTTP CRL Distribution Point

Creating the DPM Certificate Template

Configuring the certificate on the DPM server

Installing the DPM agents on the protected systems

Configuring the certificate on the protected computer

Attaching the computer to the DPM server

Test backing up the VMs

How it works...

There's more...

Recovering Data from Backup

Introduction

Recovering file server data with PowerShell

Getting ready

How to do it...

How it works...

See also

Recovering SQL data using the Self-Service Recovery Tool (SSRT)

Getting ready

How to do it...

How it works...

Recovering a failed server using bare-metal recovery

Getting ready

How to do it...

How it works...

Recovering data from Azure Backup

Getting ready

How to do it...

How it works...

There's more...

Recovering data from an external DPM server

Getting ready

How to do it...

How it works...

There's more...

Recovering data from a secondary DPM server

Getting ready

How to do it...

How it works...

There's more...

Integrating DPM with Azure Backup

Introduction

Integrating DPM with Azure Backup

Getting ready

How to do it...

How it works...

There's more...

See also

Protecting data with Azure Backup

Getting ready

How to do it...

How it works...

There's more...

See also

Creating online recovery points

Getting ready

How to do it...

How it works...

Monitoring and centralized reporting

Getting ready

How to do it...

Configuring Azure Storage Account

Viewing reports in Power BI

How it works...

There's more...

See also

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

System Center Data Protection Manager (SCDPM) is a robust enterprise backup and recovery system that contributes to your Business Continuity and Disaster Recovery (BCDR) strategy by facilitating the backup and recovery of enterprise data. With an increase in data recovery and protection problems faced in organizations, it has become important to keep data safe and recoverable. This book contains recipes that will help you upgrade to SCDPM and it covers the advanced features and functionality of SCDPM.

This book starts by helping you install SCDPM and then moves on to post-installation and management tasks. You will come across a lot of useful recipes that will help you recover your Hyper-V and VMware VMs. It will also walk you through tips for monitoring SCDPM in different scenarios. Next, the book will also offer insights into protecting windows workloads followed by best practices on SCDPM. You will also learn to back up your Azure Stack Infrastructure layer as well as the Tenant layer using SCDPM. You will also learn about recovering data from backup and implementing disaster recovery.

Lastly, the book will show you how to integrate SCDPM with Azure Backup service as well as how to enable protection groups for online protection, and finally how to centralize reports and monitor your backups using Power BI and Log Analytics.

Who this book is for

If you are a backup administrator and working with SCDPM, this book will help you verify your knowledge and provide you with everything you need to know about the latest release of System Center Data Protection Manager and Microsoft Azure Backup Server. This book will also cover the Long-Term Servicing Channel (LTSC) and Semi-Annual Channel (SAC) for SCDPM. No prior knowledge about System Center DPM is required, however, some experience of working with Windows Server and running backups will come in handy.

What this book covers

Chapter 1, Installing and Upgrading DPM, helps you to plan and prepare your DPM deployment. Then, you will learn how to install SQL Server for the DPM database. Also, we will cover how you can enable the Transport Layer Security 1.2 protocol for DPM. In the end, we will cover the installation and upgrading of DPM and DPM agents.

Chapter 2, DPM Post-Installation and Management Tasks, teaches you the techniques for dealing with the post-installation and management tasks of your Microsoft SCDPM. By the end of the chapter, you will have the knowledge to carry out common DPM management activities, such as using the DPM console, configuring modern backup storage, creating a dedicated backup network, creating custom reporting using SQL Server Reporting Services, and many more tasks besides.

Chapter 3, Protecting Hyper-V VMs, covers the protection and recovery of Hyper-V VMs at the private cloud scale using SCDPM. Different protection configurations that apply to Hyper-V VMs, and the different restore options that you can exercise, are covered in details.

Chapter 4, Monitoring DPM and Configuring Role-Based Access, provides you with the skills and techniques for dealing with post-deployment monitoring and management tasks of your Microsoft System Center DPM server. After reading this chapter, you will have the knowledge to carry out common DPM monitoring and management activities.

Chapter 5, Protecting Microsoft Workloads with DPM, describes how SCDPM orchestrates the backup of different Microsoft workloads. You will learn how to enable file server, SQL server protection, and Windows bare-metal protection with SCDPM.

Chapter 6, Securing Windows Client with DPM,helps you create a plan for backing up end-user data. Secondly, you will configure the SCDPM and Active Directory for end user protection. In the end, you will learn how to install agents automatically and manually on a client computer.

Chapter 7, Protecting Microsoft Azure Stack with DPM, gets into preparing backup tenant workloads in Azure Stack with SCDPM. Also, you will back up the infrastructure layer and Azure stack metadata. 

Chapter 8, Protecting Workgroups and Untrusted Domains, explains NT LAN Manager (NTLM) and certificate-based authentication protection. Also, you will find out about how to protect workgroup machines using NTLM and certificate-based authentication.

Chapter 9, Recovering Data from Backup, describes how SCDPM orchestrates the recovery of different Microsoft workloads. You will learn how to recover file server, SQL databases using self-service recovery, and Windows bare metal recovery. In the end, you will learn about recovering from Azure Backup cloud recovery points as well as recover data from different DPM servers.

Chapter 10, Integrating DPM with Azure Backup, describes how Azure Backup and DPM provide a compelling, hybrid cloud backup solution for your organization. In the end, you will learn about monitoring and centralized reporting with Power BI and Log Analytics.

Chapter 11, Protecting VMware VMs, teaches you about DPM agentless VMware VM backup, and VMware credential management. Also, you will learn how you can create a new role in vCenter. In the end, you will learn how you can add, protect, back up, and recover VMware VMs. To go to this chapter refer to this link: https://www.packtpub.com/sites/default/files/downloads/Protecting_VMware_VMs.pdf

Chapter 12, Implementing Disaster Recovery with DPM, dives deep into how to protect the DPM database as well as how to recover your DPM server in case of disaster. In the end, you will implement DPM chaining and cyclic protection. To go to this chapter refer to this link: https://www.packtpub.com/sites/default/files/downloads/Implementing_Disaster_Recovery_with_DPM.pdf

Chapter 13, Online Articles, this chapter gives understanding about SCDPM concepts and what's new in DPM's latest release. It also covers prerequisites including what's new in DPM's latest release. To go to this chapter refer to this link: https://www.packtpub.com/sites/default/files/downloads/Online_Articles.pdf.

To get the most out of this book

In order to complete all the recipes in this book, you will require software such as DPM version 2016, DPM version 2019, DPM version 1801, DPM version 1807, and DPM version 1901. The operating systems that are used are Windows Server 2016 and Windows Server 2019. In terms of hardware, you will require physical or virtual machines with 8 GB RAM and 2 CPUs. All the installation steps and detailed information are given in the recipes of each chapter.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/9781787289284_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "On the protected server, use your preferred text editor to open thec:\windows\system32\drivers\etc\hostsfile."

Any command-line input or output is written as follows:

Connect-DPMServer -DPMServerName $env:COMPUTERNAME

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Click OK to confirm, and then click on Next > to continue."

Sections

In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also).

To give clear instructions on how to complete a recipe, use these sections as follows:

Getting ready

This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.

How to do it…

This section contains the steps required to follow the recipe.

How it works…

This section usually consists of a detailed explanation of what happened in the previous section.

There's more…

This section consists of additional information about the recipe in order to make you more knowledgeable of it.

See also

This section provides helpful links to other useful information for the recipe.

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in, and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

Installing and Upgrading DPM

In this chapter, we will cover the following recipes:

Planning your DPM deployment

Preparing your DPM deployment

Installing SQL Server for the DPM database

Enabling the Transport Layer Security 1.2 protocol for DPM

Installing DPM

Automating the installation of DPM

Upgrading to the latest release of DPM

Migrating legacy storage to Modern Backup Storage

Installing the DPM agents

Upgrading the DPM agents

Introduction

Data protection in today's world is becoming more critical than ever. With increasing amounts of data in this all-connected world comes more data that needs to be protected. As shown in the Enterprise Strategy Group (ESG) 2016 report, backup is one of the top five priorities that IT administrators continue to have in today's world:

System Center 2019's Data Protection Manager (DPM) is the latest release by Microsoft, and with it comes a lot of improvements and new features. DPM is well-recognized in the industry for protection of Microsoft workloads and VMware environments. With DPM 2019, you can back up the most common workloads that exist in any modern data center today. 

The following diagram provides an overview of the DPM backup functionality:

Typical malware attacks that happen today include ransomware, which is where target machines are forced to either re-encrypt their data or remove it permanently. If production data is impacted, then the backups that follow are impacted on too. Microsoft System Center DPM and Azure backup now provide security features that protect sensitive data. These security features ensure that you are able to secure your backups and recover your data if the production and backup servers are compromised. These features are built on three main principles—Prevention,Alerting, andRecovery—that help organizations to increase preparedness against attacks and equip them with a robust backup solution.

This chapter is designed to provide you with the necessary skills and techniques for dealing with installing and upgrading tasks for your Microsoft System Center DPM server. After reading this chapter, you will have the knowledge to carry out common DPM installation, migration, and planning activities, such as configuring the DPM firewall, calculating the storage requirements, preparing the SQL Server for the DPM database, installing and upgrading to the latest release of DPM, automating the installation of DPM, and much more.

Planning your DPM deployment

This recipe will cover the planning steps that you should consider before you start preparing to deploy your DPM servers.

Getting ready

Before you start planning your DPM server deployment, it's imperative that you start working on classifying the data sources that you would like to protect. A common strategy that I have observed that many companies still follow is to backup everything once a day. This is not a good approach.

There are, of course, several servers within your datacenter that need to be regularly backed up, but not all servers are the same. It is vital to adapt to your business continuity and disaster-recovery plan before you start any implementation. You can do this by identifying all of the services and working with all of the stakeholders in your company to develop more effective backup approaches, and then break down those services into smaller components to clearly see how or why they are of importance to your business.

How to do it...

From a more technical perspective, there are some considerations that need to be addressed during the planning phase, such as the following:

The total amount of data that should be protected

Firewall settings

Network consideration

Who can interact with DPM

Untrusted domains/workgroup

Backup repository 

To start provisioning resources for the DPM server that you want to deploy, you must first take into consideration the following:

Starting with DPM 2016 onward, Microsoft removed the

Logical Disk Manager

(

LDM

) limits for protection groups. The absence of LDM limits allows the data sources to grow and shrink as many times as needed, without the need for manual intervention. DPM 2016 or later does not need to allocate storage to data sources beforehand compared to DPM 2012 R2. This will allow the backups to adjust dynamically as needed, thus achieving higher efficiency with less storage requirements. The snapshot limits do not apply to protection groups that have been created in DPM 2016, as DPM does not use disks anymore. Instead, it uses volumes. Please read

Chapter 2

,

DPM Post-Installation and Management Tasks

, for more information on this.

Here are the suggested data limits according to Microsoft for a single DPM server:

DPM can protect up to 600 volumes. The limit for each DPM is 120 TB, 80 TB ReplicaPoint Volume, and 40 TB RecoveryPoint.

The total amount of SQL DBs that can be protected by one DPM server is 2,000 and the total size is 80 TB.

The total amount of clients that can be protected with one DPM server is 3,000 and the total size is 80 TB.

The total amount of virtual machines that can be protected with one DPM server is 800 and the total size is 80 TB.

Firewall configuration for DPM deployment is required on the DPM server, on the machines that you want to protect, and on the SQL Server used for the DPM database (if you're hosting your DPM database on a remote SQL Server). If Windows Firewall is enabled when you install DPM, then DPM automatically configures the firewall settings on the DPM server.

The backup network for Hyper-V is not listed as a requirement by Microsoft. However, we strongly recommend isolating the backup traffic from the host Management OS by leveraging a converged network in Hyper-V where you combine multiple physical NICs with

Switch-Embedded Teaming

(

SET

) and

Quality of Service

(

QoS

) so that you can isolate all network traffic while maintaining resiliency. This implementation can be seen in following diagram:

Before you begin with the deployment, you need to verify that the appropriate users have been granted the required privileges for performing various DPM tasks.

If you want to protect multiple domains, you can create a two-way transitive trust between the domains. By doing this, the DPM server will work in both domains without any limitations. However, this approach comes with a security risk—please take into consideration that you need to create a two-way transitive trust between the untrusted domains.

Starting with System Center 2012 R2 Data Protection Manager, Microsoft added support for the protection of computers in workgroups and untrusted domains using NTLM with local accounts. However, in scenarios where an organization does not allow for the creation of local accounts, this solution does not work.

As an alternative, you can use certificate-based authentication for computers in workgroups or untrusted domains. Please refer to

Chapter 8

,

Protecting Workgroups and Untrusted Domains,

for more information.

A major part of your DPM deployment will be figuring out how to store data that's been backed up by DPM. There are currently three different solutions:

Disk storage using volumes with

Modern Backup Storage

(

MBS

)

Tape storage, such as Physical or the 

Virtual Tape Library

(

VTL

)

Online storage with Azure Backup (off-site)

You should not just consider one of these three as an option. Instead, you need to focus on the requirements of the backup strategy in your organization by discussing the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) with all stakeholders.

When you are planning for data source protection, you can choose the backup target based on how frequently you need to access and restore the data. For example, if the data sources will be used for archiving and need to be accessed once per month, you can go with Azure Backup. If the protected data sources need an archiving solution but should also be able to restore quickly, you can go with Virtual Tape Library (VTL) or Azure Backup. If you need to restore the data sources as quickly as possible, you go with disk storage on-premises. Finally, if the workloads need an off-site secure solution, you can go with Azure Backup.

How it works...

Having all of the information we have just discussed and presented in an organized manner, you can now start designing the structure of the Backup as a Service (BaaS). A piece of advice here—make sure that you spend enough time on the planning phase and take small steps toward your goal and never rush an implementation. You will probably bump into a challenge or two, so it is of key importance to work using a well-defined structure.

See also

Follow

this blog post to learn more about how to set the firewall rules for DPM using Windows PowerShell: 

https://charbelnemnom.com/2017/03/installing-system-center-data-protection-manager-2016-agent-on-windows-server-2016-core-scdpm-dpm-ws2016/

.

Follow

the following blog post to learn more on how to isolate DPM backup traffic: 

https://charbelnemnom.com/2014/04/isolate-dpm-backup-traffic-in-hyper-v/

.

Preparing your DPM deployment

This recipe will cover the preparation steps that you must consider before you install the DPM server.

Getting ready

It's important to configure DPM properly and provide enough resources, or you will end up with quite a bad installation that could be part of the services you would like to provision within your data center. In the end, the DPM server can never work faster than what the underlying dependent architecture or technology allows.

There are certain requirements and considerations that you want to keep in mind when you deploy System Center DPM. By properly preparing a decent design, you can ensure that your DPM is scalable for future scenarios.

How to do it...

First things first, you want to decide how to deploy DPM server:

Virtual or physical deployment

Deduping DPM data

SQL Server consideration

DPM server requirement

Disks and storage consumption

A common question that we have heard a lot is, can we deploy DPM in a virtual or physical machine? The DPM server can be deployed either in a physical deployment or via a virtual machine. However, running DPM in a virtual machine has more benefits, such as the following:

It is easier to move the DPM server to new hardware if needed (portability).

Easier to recover (protected DPM virtual machine).

You can enable de-duplication on the VHDXs attached to the DPM server. The VHDXs files could reside on a

Scale-Out File Server

(

SOFS

), on a

Storage Spaces Direct

(

S2D

) cluster, or any other type of storage, such as NAS or SAN.

Backup storage is one of the top consumers of storage infrastructure, so storage optimization techniques such as compression and de-duplication have always been priorities for backup IT administrators.

De-duplication involves locating duplicate blocks of storage and replacing them with a reference and a single instance of the duplicate block. Depending on the workload that is being written to the storage and the block sizes used to perform the de-duplication, storage savings can range anywhere from 50 to 90 percent.

With the introduction of S2D in Windows Server 2016 and Storage Spaces with SOFS

in Windows Server 2012 R2, customers can create commodity storage that is built natively on a Windows-based server with local attached storage in S2D as well as Windows-based servers with JBODs, which can be a viable alternative to traditional SANs.

For DPM deployments, you need to have the following: