Category Archives: Backup

Synology DiskStation Active Backup for Office365

Recently i was requested to review the synology diskstation ActiveBackup for Office 365 . Though Microsoft 365 provides unlimited retention period and litigation hold for office 365 applications i always had one topic in my hit list to read on why there might be a reason to have a local backup instance for Office 365 applications.This made me to do some little bit research on this topic and could see there might be few business cases ,compliance/legal requirements which demands to maintain backup copies of electronic data.

Moreover the litigation hold and retention period is not applicable for all office 365 plans. I have seen organizations consuming wide variety of Office 365 plans based on their business models.

On the other hand i see most of the office 365 backup solutions provides faster efficiency of users able to restore the content on their own mostly from the user management portal. In an ideal scenario office 365 user data recovery can be executed from a native tool set where we use the native content search or an e-discovery case from the admin portal. In a real case scenario if we don’t have an SLA for restore of data that comes in everyday for a resigned employee or an existing employee there might be some delay where only few admins are responsible in handling the operations tasks. With these third party packages we can optimize the processes for data restore.

In this article we will have a look at Active Backup for Office365 from Synology. A little while back i setup DS920 + Diskstation with Sea Gate Iron Wolf HDD . SeaGate IronWolf is always BUILT FOR NAS Designed for 24×7 NAS workloads with better performance, spacious capacity, blazing-fast speeds and provides 2 applications sea tools and disk wizard for monitoring the drives.

In order to setup Active Backup for Office 365 we have to login to the Disk Station Manger.Keep this in mind the Active Backup for Office 365 supports only in 64 bit NAS and they must be running DSM 6.1 or later with atleast 2GB of ram.

After logged in to disk station manager in the package center , we can see the Active Backup for Office365 is present as an addon. Once its installed we can open them.

In the setup screen it provides us an option to choose in which office 365 data center our tenant resides.

Subsequent log in with the admin credentials we can see it requests for oauth permissions so that it can get the read and write access on all users data to perform the backup and restore operations.

Then it takes to the redirect page that we must confirm that we are ok with sending the office 365 data to the local DS domain.

Once it is completed Active Backup for Office 365 is opened. Navigate to Task Creation Wizard.

Here we have 2 highlighting features :

Account Discovery – When this option is turned on every new account in Office 365 gets the backup enabled automatically which is really a good features.

Enable the Active Backup Portal for end users – User logins with his own credentials and can see his own data and perform restore.

Here we have options to select the users where we need to take a backup for them. On a business standpoint we can think of 2 cases first one being the users not having the appropriate license for Litigation hold and retention policies and the latter one being VIP users or critical Financial Mailbox data that might require a local copy as per the business model concerning the audit and compliance requirements.

Selected few users for our testing and we also have the option to choose what service that needs to be backed up.

We have the site list where there is an option to choose the sites.

We have the backup and retention policy here to choose based on our requirement. We do have the file version retention policy as well.

Finally we choose the destination folder location in the NAS drive and the backup task creation is successful.

We can see the overall status and the backup summary in the Active Backup for Office 365 Dashboard once after few backup schedules have been successful.

Restore Operation:

There is an option to choose which service that we need to restore for the user. Here it can be one drive, Mail , Site , Calendar or Contacts. At the moment of writing this blog I do not see a separate option to restore for Teams Data.

Option 1 : Admin Restore

When admin logins he has the full privilege to navigate to all employees ,their data and restore them.

Option 2 : User Restore

User logins with his own credentials in the Office 365 Active Backup Portal and can see his own data.

Email Restore:

From the Admin console logged in – have the option to choose the users.

Here we can see the option to select our restore point date and choose the required emails individually. In the restore we have two options first one to restore them directly to users mailbox and the second one where we can export them as individual email messages.

We have the option to search for the individual files with keywords, subject ,date and including with attachments which looks like a promising feature.The ability to perform a granular brick level backup will minimize most of the native recovery operations task.

In the final screen we have the option to change the user destination. In a real case scenario this can be useful where a current employee might require a data from a resigned employee after getting prior approval for a valid business reason.

Once the restore operation is successful we can see in the user mailbox it has been stored them on a separate destination folder and only the selected emails are restored.

On a export operation we the selected files are exported individually as emails.

File Restore:

File restore is also very promising. It makes an easy task to restore the file directly to the destination or take an export which downloads the requested file in the same format.

On doing a direct restore we can see that there is an option to restore the file sharing permission which looks great.

Below were the highlights identified from the evaluation:

1) License-free for unlimited Office 365 backups.
2) Option Monitor and manage your backup even from multiple tenants from same single dashboard.
3) There is account discovery – when this option is turned on every new account in Office 365 gets the backup enabled automatically.
4) There is an advanced search engine which allows to find any files containing the keyword including mail attachments
5) Option to preview the content of each file before we could restore them

Of course Microsoft does provide enough ways to protect data against corruption, deletion , ransomware and disaster scenarios with security, retention policies and litigation hold. If that convinces then we are ok with the native backup mechanism.As an alternative we can choose these packages that can hold data locally mostly for compliance/legal purposes , Volume of users not covering the licensing requirements to retain their data and enhanced recovery mechanism based on the business requirements.

I find this software to be beneficial for organizations that might require to backup Office 365 data as a part of their legal and compliance regulatory requirements.

Thanks & Regards

Sathish Veerapandian

Best practices to be followed to configure Backup in Exchange 2010/2013

Backing up the exchange server is very important thing to protect the data loss . If you aren’t running the Exchange Server Backups  then your Transaction logs will eventually fill up their storage volume

In this article we will  look at few steps that we need to look in configuring the backup in Exchange 2010/2013.

Backups are very much necessary during the case of a whole disaster, retention of datas for a period of time , performing a granular restore for the end users as well.

Choosing the Backup Media

Disk or Tape ?

Over the period of years Tape backup has been doing a great job. Cost wise also they are little bit lesser compared to the SATA storage and disk arrays which needs to be extended as users and our applications increases.
So, tape still has an advantage, particularly for larger backup volumes.
But when comparing the performance factor the disks backups wins the game.
Also Disk-based solutions will usually be better for faster recovery.

More realistically, a disk-based solution will involve copying data between two storage systems over a WAN from one site to another. If you are ready to pay for this expensive WAN links and replication then it should be fine with the disk backup.

Its always better to keep the daily and weekly backups in the disks (virtual tape library) which will help in disaster and daily restore scenarios and larger backups monthly,quarterly and annual in Tapes. Because there is no point to keep all these large data in expensive storage on data-centers  for the purpose of retention since the tapes will do the same job.

Plan for the Retention period

Planning for the retention of the data is very important. This plays a vital role in restoring the data as well as for any old data that is required for any legal cases.

Its very mandate retention needs to be followed for the following backups

Daily Backups

This decides on the single point of restoration for the end users on a specific day. Its better to have daily backup retention at-least to a period of 3 months so that granular restore for a specific date can be done.

Weekly Backups

This decides on the single point of restoration for the end users on a specific week. Its better to have this monthly backups to a retention of at-least 6 months which will help to recover emails if the first case fails.

Monthly Backups

This decides on the single point of restoration for the end users on a specific month. Its better to keep this retention atleast for a period of 1 year.

Quarterly Backups

Quarterly backups are very much important in restoring the data in case of dealing any cases , restoring emails from resigned staffs. So its better to keep this retention for 3 years.

Annual Backups

Annual Backups also does the same job of retention data for dealing with any cases . Its better to have the Annual Backups for a period of 5 Years.

Quarterly and Annual Backups can be taken in a Tape Drive and kept since they will not be used mostly and also will not involve in the disaster cases.

Setting end user Recovery Standards

Setting the scope of possible restores from the backup to the end users is very much important since they need to be aware of the possible restores.

So you need to carefully go through your backup retention periods and inform the users about the possible monthly restores. At any point of time if the users are missing out data within a month then its always advisable from the help-desk to restore them from the dumpster.

So its better you can prepare and create end user Recovery Standard scope document and hand it over to the help desk team so that they are aware of the possible restores.

Check  Mailbox server performance during the backup

This point is very much important and we need to check the performance of the mailbox servers during the backup period. Though the backup will be running on off-production hours but there are cases where your CEO   might be accessing an important  email  after working hours.

ESEUTIL will be running during backup process to verify integrity of the databases  which increases disk I\O intensive.Usually if the storage configuration is not proper then the normal disk read/write operations will increase.  There are chances if the storage is having bottleneck issues then the normal RPC read/write operations will get delayed due to which all the end users will severely experience connectivity issues.

When the backup is triggered you can go to the event viewer on the mailbox servers and look for any RPC , ESE , VSS writers, storage errors etc..,

Create a test account on any of the backup databases login to outlook,owa and activesync and measure the  performance.

If you have DAG configured in your setup and have Active/Passive combined distributed type check your active copies as well .Check if  the I/O operations are increasing on the active copies during the backup.Also you can check the event logs to see if you get anything related to them.

If you don’t see anything on them then the backup should be fine.

Note: The above steps are applicable only when you configure the backup solution for the first time on your mailbox servers.

Later you can prepare a daily check list on your backup status on all the mailbox servers to ensure the backups are completed.Daily checking of the backups is very important since the backup will truncate your old logs which will maintain space on your storage. There are many scripts written by experts on the Technet Gallery which you can schedule them and make them run through task scheduler.

Test the Backup

Testing the backup is very mandatory. As the backups has been configured its not that we are in safe side. Testing the backup is very much necessary.

There are several scenarios we can test and i have listed few of them

Check if the backup is supporting any other languages restore. For Example if i have an  end user who has French Mailbox with all emails in French and backup has been taken for him. When a restore is done for this mailbox it should be successful with all the emails both body and subject visible in French.

Take 2 users with the same UPN different SAM and see if the backup for them is restoring their contents,

Restore the Weekly backup and see the results.

Restore the monthly backup as well and see the results.

Thanks

Sathish Veerapandian

MVP – Exchange Server

%d bloggers like this: