#CyberFit Academy

Cyber Protect Cloud

Cloud Tech Associate - Advanced
Backup

#CyberFit Academy
 Meet your Instructor

Taiki Imoto
Partner Technology Evangelist
Taiki is Partner Technology Evangelist based in Tokyo
Japan office. Before joining Acronis, he has worked as a
Consultant at a startup company. He was previously a
English and Japanese Trainer and Account Manager at Thomson Reuters. He
Taiki.Imoto@acronis.com developed his training skills, user support and sales skills
from both service provider and user perspective when
he was working at Nomura and Mizuho Securities.

#CyberFit Academy
Learning Objectives

• Understand technical aspects of the

Advanced Backup Pack
• Understand the features (core backup
versus advanced backup pack), what they
mean and how they are utilized
• Plan, create and perform backup and
recovery and other operations

#CyberFit Academy
Target Persona

Tech Leader (along with employees on team) Service

Provider
• Wants to improve the managed services offerings with vendor
solutions that understand service providers‘ ability to deliver,
automate, train, support and manage these solutions while
integrating them into stack of tools
• Interested in Data Protection like Backup, Recovery and other
issues focused on pain points

#CyberFit Academy
 Course Modules

1. Case Study
2. High Level Overview and Benefits
3. Planning for Backup & Recovery
4. Protecting different Workloads
5. Performing Recovery
6. Monitoring & Reporting
7. New Features
8. Top Troubleshooting Issues

#CyberFit Academy
Cyber Protect Cloud
Case Study

#CyberFit Academy
 Meet Ben
(Customer of Diamatix)

City agency

19 virtual and 3 physical servers

Using Hyper-V infrastructure

Monthly / Weekly backups approximately 1.3TB

#CyberFit Academy
 Case Study
Key Challenges
✓ Limitations due to lack of server
backup automation
✓ Required assistance with
monitoring
✓ Limited cybersecurity protection
with existing solution
✓ Sensitive constituent and
personnel data as city agency
✓ Manually running custom
backup scripts

#CyberFit Academy
 Case Study

Key Requirements
✓ Automate schedule-based
backup
✓ Deploy agentless recovery
solution
✓ Implement cybersecurity
protections

#CyberFit Academy
 Acronis Cyber Protect Cloud
Benefits
✓ Optimized budget converting
depreciating CAPEX to fixed
monthly OPEX
✓ Implementation: three days
(included demo session)
✓ Active protection along with
backup benefit
✓ Fully automated backup regimen
✓ Offloaded support / reporting and
other services to partner
✓ Looking now at endpoint
advanced protection

#CyberFit Academy
Cyber Protect Cloud
High Level Overview and Benefits

#CyberFit Academy
Integrated Platform
An integrated solution of cyber security, backup, disaster recovery,
management and automation built specifically for SPs

#CyberFit Academy
Integrated Platform
An integrated solution of cyber security, backup, disaster recovery,
management and automation built specifically for SPs

Technicians

Owner

#CyberFit Academy
Integrated Platform
An integrated solution of cyber security, backup, disaster recovery,
management and automation built specifically for SPs

Backup

Base Backup Advanced Backup

▪ File, image, app ▪ MSFT SQL Server and Exchange
backup ▪ Oracle DB
▪ Backup to cloud ▪ SP HANA
▪ Backup to local ▪ Data Protection Map
▪ Continuous Data Protection
▪ MySQL/MariaDB backup
▪ Off-host data processing

Technicians

Owner

#CyberFit Academy
Cyber Protect Cloud
Planning for Backup & Recovery

#CyberFit Academy
 Section Modules

2. Planning for Backup & Recovery

I. What can be backed up & recovered
II. Configuring Backup
III. CDP Backup
IV. Replication, Notarization and Backup Options

#CyberFit Academy
Cyber Protect Cloud
What can be backed up & recovered

#CyberFit Academy
How to Plan for Backup
Understand your data environment and what needs to be
backed up, e.g., for recovery and/or for archival
? ?
Entire machine/disks/volumes/VMs or Application-aware backup and need
individual files/folders/databases? for granular recovery?

? ?
Regulatory/audit compliance? Legal Size of data and length of backup
obligations? window?

#CyberFit Academy
How to Plan for Backup
Determine the backup strategy (retention period and replication?) and the most
suitable type of storage for storing and retrieving the backup

?
D2D2D (remoted disk storage) or D2D2C

?
Local, network storage and/or cloud?

?
Staging to cloud for replication or archival?

#CyberFit Academy
How to Plan for Backup
Have multiple versions of your backup, follow the 3-2-1 rule:

3 Copies of 2 Different 1 Copy Stored

your data Types of Off-Site
Storage Media

• Eliminate single point of failure

• Leverage different types of storage for maximizing capacity/performance
vs. price

#CyberFit Academy
How to Plan for Backup
Key differentiator: Data recovery with minimal RTO and RPO

Recovery Point Objective (RPO) Recovery Time Objective (RTO)

Backup Event

Maximum data loss you can have. Time needed to fully bring back a system online.
• Back in time to latest Backup • With Instant Restore nearly any system can be
recovered within seconds

#CyberFit Academy
How to Plan for Backup
Determine the backups available and the
most suitable method/location for
recovery:

• From local, network or cloud storage?

• Recovery method?
• Recover to live system or use bare
metal recovery?
• Use Acronis Instant Restore or
Acronis Cyber Disaster Recovery
Cloud?
• Follow and if necessary adapt
disaster recovery plan and business
continuity plans to perform recovery

#CyberFit Academy
 Section Summary

1 Use the 3 -2 – 1 rule to avoid data loss by creating a

single point of failure and leverage various storages
the best

2 RPO and RTO can be use perfectly to describe a

backup in the protection plan

3 When you plan backup, always think on the

recovery and what you want to reach at the end

#CyberFit Academy
Cyber Protect Cloud
Configuring Backup

#CyberFit Academy
Protection Plan – Backup

Backup settings

#CyberFit Academy
Configuring Backups
Select the machine or group to be backed up
i
Plan and decide:

• What to back up: Entire machines, disk/volumes, files/folders, ESXi configuration?

• Where to back up: Cloud, Local, Network storage? Physical Data Shipping?
• Schedule: Backup scheme – monthly, weekly, daily, hourly?
• How long to keep: Retention rule – By backup age, By number of copies?
• Replication: Enable replication? From where to where?
• Encryption: Turn on AES encryption for backups?
• Backup options: Performance Window, Error handling, Pre/Post commands?

#CyberFit Academy
What to back up
Selection available depends on machine/group selected:
i
Select and decide:

• Entire machine: All non-removable disks will be backed up with option of

enabling Application backup
• Disks/volumes: 1 or more disks and volumes can be selected
• Files/folders: 1 or more files and folders can be selected
• System state: Windows Vista and later only, backs up system state data
• ESXi configuration: Backs up the vSphere Hypervisor configuration
• Exchange/SQL databases: 1 or more Exchange/SQL database can be selected

#CyberFit Academy
What to back up
Application backup selection is available when Entire machine is selected for

i
What to back up

• Microsoft SQL Server | Microsoft Exchange Server | Microsoft Active Directory |

Oracle Database can be enabled for application-aware backup (Advanced
Backup Pack is needed for Oracle, SQL and Exchange cluster)
• Machine has to meet requirements for application-aware backup
• If any requirements are not met, an error message with the missing requirement
will be shown to assist in meeting the requirements

#CyberFit Academy
What to back up
Besides selecting items to be backed up directly
i
Items can also be selected using policy rules:

• Disks/volumes: Conditional rules such as [All volumes], [Fixed volumes] for

volumes on SCSI, ATAPI, ATA, SSA, SAS and SATA devices and on RAID arrays,
[BOOT+SYSTEM] for system and boot volumes, etc. and specific rules such as
C:\, /dev/hda1, etc.
• Files/folders: Conditional rules such as [All Files], [All Profiles Folder] and
%PROGRAMFILES% and specific rules such as C:\Users, /home, or otherwise
type in a file/folder path such as /dev/hda1/file.txt
• When a backup using policy rules is applied to multiple machines and no data
matches at least 1 of the rules, backup will fail on that particular machine

#CyberFit Academy
Where to back up
The following backup destinations are available:

Cloud Storage: Local folders: Network folder, Secure Zone: Defined by a

Backups will be Backups will be NFS folder: Backups will be script:
stored in Acronis or stored locally on the Backups will be stored in a secure Backups will be
Service Provider machine being stored on partition on the local stored in a folder
cloud storage backed up such as SMB/CIFS/DFS or disk of the machine (local or network)
internal/external disk NFS shared folder being backed up, defined by a script
or removable media accessible from the can be created from written in Jscript,
machine being Details > Create VBScript or Python
backed up Secure Zone 3.5

#CyberFit Academy
Secure Zone
i
Secure Zone is a secure partition that can be created on a local disk of
the machine being backed up:

• Offers a cost-effective and handy method for protecting data from software
malfunction, virus attack and human error
• Eliminates the need for a separate media or network connection to
backup/recover data
• Can be used as a “staging” storage prior to replication of backups
Limitations:
• Cannot be created on a Mac
• Does not protect against physical failure of the local disk
• Does not support single-file backup format

#CyberFit Academy
Secure Zone
To create a Secure Zone, perform the following Steps:

Go to All Devices (Select Device) > Details > Create Secure Zone and click Select to
select a local disk on which to create the secure zone

Enter the Secure Zone size or drag the slider

[Optional] Enable Password protection

switch and specify a password

Click Create

#CyberFit Academy
Immutable backups

Ensure no backup is lost and data is easily

recovered after malware attack or in case
of accidental or malicious deletion of
backups
Use cases:
✓ External malicious activity (e.g. data corrupted
or compromised)
✓ Accidental data deletion
Hackers Accidental
✓ Insider malicious activity (e.g. modification of deletion
backup-job retention or deletion of restore
Ransomware
points)
attacks

#CyberFit Academy
Immutable backups
Tenant Configuration View

#CyberFit Academy
Schedule

i
Select a Backup Scheme:

• Always incremental (single-file)

• Always full
• Weekly full, Daily incremental
• Monthly full, Weekly differential, Daily
incremental (GFS)
• Custom

#CyberFit Academy
Schedule

i
Select a Backup Scheme:

• Schedule by time: Choose from Hourly, Daily,

Weekly, Monthly scheduling or pre-defined,
depending on the backup scheme chosen
• Schedule by event: Choose from Upon time since
last backup
• When user logs on/off the system | On system
startup/shutdown | On Windows Event Log event
Additionally, Start conditions and options can be selected to modify the
behavior of the schedule

#CyberFit Academy
Schedule

i
Options:

• Run the plan within a date range

• If the machine is turned off >> run missed tasks at
the machine startup
• Prevent the sleep or hibernation mode during
backup
• Wake up from the sleep or hibernation mode to start
a scheduled backup

#CyberFit Academy
Schedule

i
Start conditions:

• The backup location’s host is available

• Users logged off
• Fits the time interval
• Save battery power
• Do not start when on metered connection
• Do not start when connected to the following Wi-Fi
networks | Check device IP address
• If more than 1 condition is selected, all selected conditions have to be
met simultaneously before backup will start

#CyberFit Academy
Types of Backup

✓ Full Backup
• Stores all data selected for backup: forms base for F F F F
subsequent incremental and differential backups

✓ Incremental Backup
• Stores changes to data since most recent backup F I I I
• Creates “chain” of backups, requires corresponding full
+ all subsequent incrementals to restore data

✓ Differential Backup
• Stores changes to data since most recent full backup F D D D
• Creates “links” to full backup, requires corresponding
full + differential to restore data

#CyberFit Academy
Backup Schemes
✓ Always full
F F F
• All backups, created on schedule or started manually.

✓ Weekly full, Daily incremental

• Full backup created once a week. All other backups incremental. Day
which full backup is created depends on Weekly backup option (click gear F I I
icon, then Backup options → Weekly backup).

✓ Monthly full, Weekly differential, Daily incremental (GFS)

• Default setting. Incremental backups performed on daily basis: Monday to
Friday; differential backups performed every Saturday; full backups F I I D
performed first day of month. Backup scheme displayed as Custom
scheme on protection plan panel.

✓ Always incremental (single-file)

• First backup is full (most time-consuming). All subsequent backups are
incremental (take significantly less time). F I I

✓ Custom
• Specify schedules for full, differential, and incremental backups.
Differential backup not available when backing up SQL data,
Exchange data, or system state.
Support Quick Tips
#CyberFit Academy
How long to keep

i
Select a Cleanup rule:

• By backup age (default): Specify how long in terms of

days, weeks and months to keep backups
• By number of backups: Specify the maximum number of
copies to keep
• By total size of backup: Specify maximum total size of
backups to keep, not available with Always incremental
(single-file) backup scheme or when backing up to
cloud storage
• Keep backup indefinitely: Do not delete backups

#CyberFit Academy
How long to keep

i
Select when to start the cleanup:

• After backup (default): Retention rule is applied after a

new backup is created
• Before backup: Retention rule is applied before a new
backup is created

#CyberFit Academy
How long to keep

i For cleanup by backup age, by default, backups are

grouped into monthly, weekly, daily and hourly sets

• Monthly set: 1st backup created after a month starts

• Weekly set: 1st backup created on the day specified in

Backup option > Weekly backup which by default is
Monday

• Daily set: 1st backup created after a day starts

• Hourly set: 1st backup created after an hour starts

#CyberFit Academy
How long to keep

i For cleanup by backup age, by default, backups are

grouped into monthly, weekly, daily and hourly sets

• E.g., Keep 6 months, 4 weeks, 7 days = keep 1st backup

created every month for last 6 months including current month,
keep Monday backup created every week for last 4 weeks
including current week, keep the 1st backup created every day
for last 7 days including current day

• If switched to single rule for all backup sets, backups will be

retained based on Month, e.g., Keep 7 months = keep all
backups created for last 7 months including current month

#CyberFit Academy
 Section Summary

1 Protection Plan, what to back up and where to back up

2 Secure Zone, Immutable backups

3 Schedule, Types of Backup, Backup Schemes, How long

to keep

#CyberFit Academy
Cyber Protect Cloud
CDP Backup
(Advanced Backup Pack)

#CyberFit Academy
Continuous Data Protection (Advanced Backup)

CDP settings

#CyberFit Academy
Continuous Data Protection (Advanced Backup)

i
CDP backs up files only, can be used with disk-level or file-level archives

• Supported OS:
• Windows 7/8/10 32/64-bit
• Windows Server 2008R2/2012/2016/2019 32/64-bit
• Supported file system: NTFS only, local folders only
• Not compatible with application aware backup
• Supported backup destinations:
• Local folder, Network folder, Cloud storage, Location defined by the script
• Select files of specific applications or in specific folders, e.g., D:\Data\* to be continuously backed up
• Goal of CDP is to save data between backups and have close to a zero recovery point objective

#CyberFit Academy
Continuous Data Protection (Advanced Backup)

Select files of
applications to be
continuously
backed up

Add more
applications by
specifying the
path to the
application exe

#CyberFit Academy
Continuous Data Protection (Advanced Backup)

Specify files and

folders with files to
be continuously
backed up

#CyberFit Academy
Continuous Data Protection (Advanced Backup)

CDP recovery
point

#CyberFit Academy
Continuous Data Protection (Advanced Backup)

i If file was changed multiple times during backup,

after backup it will be backed up entirely only once

• During regular backup CDP is paused (either regular backup is

working or CDP, not together in parallel)
• Disk/volume recovery workflow:
• User initiates disk recovery from CDP backup
• System recovers disk from the last regular backup
• System recovers files from CDP backup

#CyberFit Academy
Continuous Data Protection (CDP) - How it works

1 2
CDP is running:
3
Regular backup
CDP started after plan 1. Program saves file process:
(automatically or by
application to machine, user’s request) 1. CDP paused
but pauses 2. Driver tracks and notifies 2. Regular backup
immediately if no completes
agent about changed file
archive 3. Agent reads entire file
3. CDP resumed
and checks what 4. New CDP backup created
changed 5. Previous CDP backup
4. Agent saves changes into deleted
backup

#CyberFit Academy
 Cyber Protect Cloud
Replication, Notarization and Backup Options

#CyberFit Academy
Replication
Up to 4 replications are available (including source, a total of 5 locations)

Backups can be replicated from:

Earlier backups not replicated: Agent

Local folder, Network folder, Secure attempts to replicate all missing
Zone backups since last successful
replication

Replication fails halfway: next

Replication targets: replication attempts to continue from
where it stopped previously to
reduce time required
Local folder, Network folder, Cloud

#CyberFit Academy
Notarization

i Notarization can be enabled to notarize files being backed up and is

available with Forensic backup which is part of Advanced Security Pack

• Available for file-level backup only and not available when:

• Backup format is set to Version 11

• Backup destination is Secure Zone or encryption is enabled

• To enable, toggle the Notarization switch

#CyberFit Academy
Backup Options
Understanding available backup options

i
Backup options are settings that can modify the behavior of the Backup

• Availability of Backup options depends on:

• The environment the Agent operates in (Windows, Linux, OSX)
• The type of data being backed up (disk, files, VMs, application data)
• The backup destination (cloud, local or network storage)

• Refer to the Help file for more details of each Backup option

#CyberFit Academy
Backup Options

Backup
options

#CyberFit Academy
 Section Summary

Backup is part of a protection plan and is showing only

1 options which are available depending on the selected
device.

Choose what, where, when and how long to keep. Different

2 schemes and retentions available to meet regulations and
SLAs.

Additional settings are hidden between Backup option.

3 Forensic is a Features out of the Advanced Security Pack

#CyberFit Academy
Cyber Protect Cloud
Protecting different Workloads

#CyberFit Academy
 Section Modules

3. Protecting different Workloads

I. Protecting Physical Machines
II. Protecting Applications
III. Protecting VMs & Virtual Hosts
IV. Protecting Productivity Suites
V. Off-Host Data Processing
VI. Browsing Backups & Plans

#CyberFit Academy
Cyber Protect Cloud
Protecting Physical Machines

#CyberFit Academy
Protecting Physical Machines
Windows, Linux and Mac physical machines¹ can be backed up using:

What can be recovered to live

machines:
• 1 or more disk/volumes and
files/folders can be recovered
from disk-level backups such as
Entire machine or Disk/volume
backups
Entire machine Disks/volumes Files/folders2
• 1 or more files/folders can be
backup: backup: backup: recovered from file-level
includes all non- 1 or more disks and 1 or more files and backups
removable disks of volumes can be folders can be
the machine selected selected

1 A VM with Agent installed can be backed up similar to a physical machine

2 Files/folders backup can also be used to back up network folders on file servers and NAS
devices

#CyberFit Academy
Protecting Physical Machines
i Additionally, bare metal recovery can be used when original machine is
non-operational, e.g., hardware or OS failure:

• Requires bootable media for booting up hardware (physical or virtual) to be

used for recovery
• Disk-level backups containing an OS can then be selected for system (1 or more
disks/volumes) recovery
• For recovery to dissimilar hardware for Windows or Linux systems, Universal
Restore can be used after bare metal recovery

#CyberFit Academy
Cyber Protect Cloud
Protecting Applications

#CyberFit Academy
Protecting Applications SQL
Server
Exchange

Microsoft SQL and Microsoft Exchange (Clusters in Advanced

Backup Pack) can be protected as follows:

• Application-aware backup: Disk-level backup of entire server and application

metadata
• Database backup: File-level backup of the database and associated
metadata
• Both types of backup can be used to recover:
• Database to live application
• Database as files
• Granular recovery of application items
• For Microsoft Exchange 2010 SP1 or later, Mailbox backup is also possible and
can be used for mailbox and mailbox item recovery

#CyberFit Academy
Protecting Applications SQL
Server
Exchange

For Microsoft Exchange, recovery can be performed to original

or new Exchange server of the same version:

• Target Exchange server and machine performing the recovery (with Agents
installed) must belong to the same AD forest and requires either membership
in Exchange Organization Administrators role group (Exchange 2007) or
Server Management role group (Exchange 2010 and above)
• For Microsoft SQL, recovery can be performed to original or new SQL server
of the same or higher version for user databases and same version for system
databases:
• Requires membership in Backup Operators or Administrators group on the
machine and sysadmin role in target SQL instance

#CyberFit Academy
Protecting Applications
Exchange cluster backup support
(Advanced Backup Pack) :
DAG is supported for Exchange Server 2010
and above, other clustering configurations
are not supported
Agent for Windows + Agent for Exchange
must be installed on each node of the
Exchange cluster and Backup option >
Cluster backup mode has to be enabled
#CyberFit Academy
SQL
Server
Exchange
SQL cluster backup support
(Advanced Backup Pack ):
AAG is supported for SQL Server 2012 and
above, other cluster configurations are not
supported
Agent for Windows + Agent for SQL must be
installed on each node of the WSFC cluster
and Backup option > Cluster backup mode
has to be enabled
Protecting Applications SQL
Server
Exchange

To recover DAG (Exchange cluster) or AAG (SQL cluster):

• Requires that the DAG or AAG is backed up (not individual databases or

items)
• Select the clustered database for recovery from the Backup Storage tab;
target node for recovery is automatically selected by the Agent when creating
the Recovery Task
• For DAG, after recovery is complete, manually configure or resume replication
on the cluster
• For AAG, target database to be recovered (if live) must be excluded from the
AAG prior to recovery as a database in an AAG cannot be overwritten

#CyberFit Academy
Protecting Applications SQL
Server
Exchange

Microsoft SharePoint farm can be protected as follows:

• Backup all database servers (Microsoft SQL based) with SQL application-
aware backup
• Backup all unique front-end and application servers with normal disk-level
backup
• Backups of all servers should be performed using the same schedule
• For recovery:
• Database servers can be recovered using recovery methods for Microsoft
SQL
• Other servers can be recovered using disk-level or bare-metal recovery
• SharePoint content such as sites, libraries and documents can be
recovered using Acronis SharePoint Explorer

#CyberFit Academy
Protecting Applications Active
Directory

Microsoft Active Directory can be protected as follows:

• Application-aware backup: Disk-level backup of entire server and application

metadata
• For recovery:
• A non-authoritative restore is performed and USN rollback will not occur after
recovery

#CyberFit Academy
Protecting Applications Oracle
Database

Oracle Databases (Advanced Backup Pack) on

Windows and Linux can be protected as follows

• Application-aware backup: Disk-level backup of entire server and application

metadata
• Database backup: File-level backup (a.k.a. RMAN backup) of the Oracle
database and Archived Logs using RMAN scripts
• RMAN scripts can be found in the following locations after installing Agent for
Oracle and parameters in the scripts can be customized
• In Windows: %ProgramFiles%\Acronis\Oracle
• In Linux: /usr/lib/Acronis/Oracle
• Refer to the Help file for more details

#CyberFit Academy
 Protecting Applications Oracle
Database

Comparison Server Backup Database Backup

RTO in case of entire server failure Less More

Run as virtual Oracle Server (Run as VM) Yes, on ESXi or Hyper-V hosts No

Support for raw partitions/ASM No Yes

Support for databases spread over several volumes Yes Yes

Necessary to configure separate backup

Backup is fully configured in the GUI,
Ease of use plans for full backup of database and
knowledge of RMAN not necessary
archived logs

Oracle Explorer can be used for granular,

Scripts can be used to customize
Database recovery point-in-time recovery of Oracle data
recovery for advanced scenarios
directly from backup

#CyberFit Academy
Protecting Applications SAP
HANA

SAP HANA databases (Advanced Backup Pack) on

Linux can be protected as follows:

• Disk-level backup with Pre/Post data capture scripts:

Disk-level backup of entire server with scripts to prepare SAP HANA
databases for backup

• Scripts can be downloaded from:

https://dl.managed-protection.com/u/SAPHANA/SAP-HANA-modules.tar

• After the scripts are downloaded, access to the database needs to be

configured for the scripts before using them

• For recovery:
Recover entire server or use SAP HANA Studio to revert a database to a
snapshot

#CyberFit Academy
Protecting Applications VMware
VMs

Application-aware and database backup requires the

following:

• For agent-based/guest-level backup of physical machines/virtual machines:

• Agent for Windows/Linux + Agent for Exchange/SQL/Active
Directory/Oracle is installed on the physical or virtual machine
• For agentless backup of VMware VMs:
• Agent for VMware (Virtual Appliance or Windows Agent) is installed for the
vSphere Hypervisor host with VMs to be backed up
• VMs have to meet the requirements for application-consistent quiescing
(refer to VMware KB)
• VMware Tools is installed and up-to-date
• UAC has to be disabled on Windows-based VMs, if not, a built-in domain
administrator credentials have to be specified when enabling application
backup

#CyberFit Academy
Protecting Applications Hyper-V

For agentless backup of Hyper-V VMs:

• Agent for Hyper-V is installed for the Hyper-V host with VMs to be backed up
• Hyper-V Integration Services must be up-to-date and running in the VM
• In order to avoid VM going into "saved" state during backup, make sure that the
Integration services -> Backup (Volume checkpoint) option is enabled in VM
settings in Hyper-V Manager
• There must be network connection from Agent for Hyper-V to guest VM network,
since application data is read over WMI which requires network connection to guest
OS
• No Windows dynamic disks present in the guest OS.
• UAC has to be disabled on Windows-based VMs, if not, a built-in domain
administrator credentials have to be specified when enabling application backup

Exchange and SQL transaction logs are truncated after each

successful backup

#CyberFit Academy
Protecting Applications MariaDB MySQL

Browse databases and/or fully or granularly recover data and

tables without recovering the entire workload – during the
backup of an entire workload

Acronis Cyber Protect Cloud collects metadata for each database

running on it. This means you can count on:
• Quick backup configuration for MySQL and MariaDB
• Granular recovery of databases and tables
• Easy database recovery, as a set of files

Why? Reduce RTOs and ensure consistent protection of your

MariaDB and MySQL databases

#CyberFit Academy
Protecting Applications MariaDB MySQL

Available
options

#CyberFit Academy
Protecting Applications MariaDB MySQL

To protect a physical or virtual machine that

runs MySQL or MariaDB instances with
application-aware backup, you need to install

• Agent for MySQL/MariaDB on this machine

• Agent for MySQL/MariaDB is bundled with
Agent for Linux (64-bit)

#CyberFit Academy
MySQL and MariaDB Limitations MariaDB MySQL

Limitations

• MySQL or MariaDB clusters not supported.

• MySQL or MariaDB instances running in Docker containers not
supported.
• MySQL or MariaDB instances running on operating systems using
BTRFS file system not supported.
• System databases (sys, mysql, information-schema,
and performance_schema) and databases that do not contain any
tables cannot be recovered to live instances. However, databases
can be recovered as files, when recovering whole instance.

#CyberFit Academy
MySQL and MariaDB Limitations MariaDB MySQL

Limitations

• Recovery from backups stored on Secure Zone is not supported.

• Databases and tables cannot be recovered by Agent for
MySQL/MariaDB that is running on a machine on which AppArmor is
installed. You can still recover an instance as files, or the entire
machine.
• Recovery to target databases that are configured with symbolic links
is not supported. You can recover the backed-up databases as new
databases, by changing their name

#CyberFit Academy
Cyber Protect Cloud
Protecting VMs & Virtual Hosts

#CyberFit Academy
Protecting VMs and Virtualization Hosts VMware
vSphere

For VMware vSphere

• VMs can be backed up and recovered with Agent for VMware (agentless backup)
• ESXi configuration can also be backed up which allows recovery to bare metal
• Backup of ESXi configuration includes:
• Bootloader and boot bank partitions of the host
• Host state (configuration of virtual networking and storage, SSL keys, server
network settings and local user information)
• Extensions and patches installed or staged on the host
• Log files
• Requires SSH to be enabled in the Security Profile of the ESXi host configuration

#CyberFit Academy
Protecting VMs and Virtualization Hosts Hyper-V

For Hyper-V:

• VMs can be backed up and recovered with Agent for Hyper-V (agentless
backup)
• Requires Hyper-V Integration Services to be installed and updated on
the VMs
• Hyper-V VSS writers must be working (check using vssadmin list
writers)
• Entire Hyper-V server can be backed up with Agent for Windows via
disk-level backup

#CyberFit Academy
Protecting VMs and Virtualization Hosts Hyper-V

Amazon
For all other supported virtualization platforms, EC2

Windows Azure and Amazon EC2 cloud instances

• VMs can be backed up from inside guest OS (agent-

based backup) similar to how physical machines can be
backed up, i.e., using Agent for Windows or Linux

#CyberFit Academy
Protecting VMs and Virtualization Hosts Hyper-V

Amazon
Recovery is similar to physical machines except EC2

for Windows Azure and Amazon EC2 VMs

• Windows Azure and Amazon EC2 cloud instances cannot be

booted from bootable media, hence bare metal recovery is not
possible; recovery have to be performed to existing VM:
• Create new VM from image/template in Azure or EC2 with same
disk configuration as machine to be recovered and install Agent
for Windows or Linux on the new VM
• Recover backed up machine as disk-level recovery to the new
VM

#CyberFit Academy
 Section Summary
Acronis supports different Applications native by Agent or
1 by Script

Applications can be backed up standalone or in a

2 Application Aware Backup

On VMware and Hyper-V you can do a agent-less Backup,

3 even Application Aware

4 Application Aware Backups will lower your RTO

dramatically

#CyberFit Academy
Cyber Protect Cloud
Protecting Productivity Suites

#CyberFit Academy
Protecting M365 Microsoft
365

Microsoft 365 can be backed up as follows:

• Using Local Agent:

• Install Agent for M365 on a Windows machine
• Supports backup of M365 Exchange Online mailboxes to local,
network and cloud storage
• Using Cloud-to-Cloud (C2C) a.k.a Cloud Agent backup:
• No agent installation required, add M365 for Business from Add
button in cloud console
• Supports backup of M365 Exchange Online mailboxes, OneDrive for
Business, SharePoint Online sites, Teams, OneNote
• Requires Global Administrator role credentials, only during setup

#CyberFit Academy
Protecting M365 Microsoft
365

Feature Local Agent Cloud-2-Cloud Backup

Exchange Online: user, shared, and group

Data items that can be backed up
mailboxes
OneDrive: user files and folders
SharePoint Online: classic site collections, group
Exchange Online: user and shared mailboxes
(team) sites, communication sites, individual data
items
Teams: Entire teams
OneNote: all items (separate backup plan option)

Backup of archive mailboxes (In-

No Yes
Place Archive)

Backup Schedule User-defined Once a day (automatically) or manually started

Backup Locations Cloud Storage, local folder, network folder Cloud Storage only

Automatic Protection of new Office Yes, by applying a backup plan to the All users, All
No
365 users, groups, sites groups or All sites groups

#CyberFit Academy
Protecting M365 Microsoft
365

Feature Local Agent Cloud-2-Cloud Backup

Protecting more than one M365

No Yes
organization

Granular recovery Yes Yes

Recovery to another user within one

Yes Yes
organization

Recovery to another organization No Yes

Recovery to an on-premise Microsoft

No No
Exchange Server

Maximum number of manual backup

No 10 manual runs during an hour
runs

#CyberFit Academy
Protecting M365 Microsoft
365

To recover:

• Granular recovery can be performed from M365 backups:

• Mailboxes and mailbox items can be recovered to M365, downloaded
as files or sent as email as a form of recovery
• OneDrive content can be recovered to existing OneDrive, including
Sharing permissions recovery or download as files
• SharePoint Online sites can be recovered to existing site, as document
library or single document or download as files
• Preview, browsing and search of backed up content possible for quick
access to backed up data

#CyberFit Academy
Protecting Google Workspace Google
Workspace

Google Workspace can be backed up as follows:

• Using Cloud-2-Cloud (C2C) backup:

• No agent installation required, add G suite from Add button in cloud console
• Supports backup of Gmail mailboxes, Calendars, Contacts, Google Drives and G Suite Shared
drives

• Requires Super Admin credentials

• To recover:
• Granular recovery can be performed from Google Workspace backups:
• Mailboxes and mailbox contents can be recovered to G suite
• Google Drive content can be recovered to existing google Drive as entire drive or as files/folders

#CyberFit Academy
Protecting Websites

Can be backed up via SFTP or SSH protocol (no

Agent required):

• Website content files: All files accessible to account specified for

SFTP or SSH connection
• Linked databases (if any) hosted on MySQL servers: All
databases accessible to specified MySQL account
• Both website files and databases (if any) should be backed up to
enable consistent recovery
• Limitations:
• Only be backed up to cloud storage
• Each website must have own Protection Plan

#CyberFit Academy
 Section Summary
1 Default backup process is C2C (Cloud 2 Cloud), no Agent
needed

2 For local Backups for M365, the local Agent is still

available

3 C2C is available for M365 and Google Workspace

4 M365 Backup C2C includes Exchange, OneDrive,

SharePoint, Teams and OneNote

#CyberFit Academy
Cyber Protect Cloud
Off-host Data Processing

#CyberFit Academy
Backups Management: Off-host
Data Processing

Value

• Reduce CPU and RAM consumption on

protected server by offloading backup
management operations to a server with a
dedicated agent.
• Technician can offload the following
operations: backup replication,
validation, retention and conversion
into virtual machines
• Perform operations independently from
protection plan (example: separate
schedule)

#CyberFit Academy
Backups Management: Off-host
Data Processing

Licensing

• Each agent that executes protection

plans with off-host data processing
(except for "instant actions") will
require Server quota and Advanced
Backup pack to be enabled

#CyberFit Academy
 Off-Host Data Processing

Create Plan

Available Plans for Off-

Host processing Plan Actions

#CyberFit Academy
Off-Host Data Processing

Replication Plan
settings

#CyberFit Academy
Off-Host Data Processing

Validation Plan
settings

#CyberFit Academy
Off-Host Data Processing

Cleanup Plan
settings

#CyberFit Academy
Off-Host Data Processing

Conversion to VM Plan
settings

#CyberFit Academy
Off-Host Data Processing
i
Additional tasks that can be configured as part of a
backup can be performed separately:

Replication Validation Cleanup Convert to VM

#CyberFit Academy
Off-Host Data Processing

This provides flexibility to:

• Choose another Agent for performing these

operations
• Schedule these operations for off-peak
hours to minimize network bandwidth
consumption
• Shift these operations outside of business
hours if setting up a dedicated agent is not
feasible

#CyberFit Academy
 Section Summary

1 You can use any Agent in your environment for different

off-host processes

The off-host processes are Replication, Validation,

2 Cleanup, Conversion to VM

3 Off-Host is freeing up resources on the client

#CyberFit Academy
Cyber Protect Cloud
Browsing Backups & Plans

#CyberFit Academy
Browsing Backups > Backup Storage Tab

Add
locations

Backup storage locations

#CyberFit Academy
Browsing Backups > Backup Storage Tab

Backups can be browsed from the Backup

Storage tab

• All locations currently in use by all plans will be shown

• New locations can be added by selecting Add location:
• When adding a location, machine to browse from can be
specified in order to ensure that a specific machine (with
appropriate agent installed) is used to access the location,
e.g., using a machine with Agent for SQL to browse backups
of SQL databases
• Backups can be then selected for recovery and Run as VM as
well as manually deleted from a location

#CyberFit Academy
 Browsing Backups > Plans tab

Selected Plan
Available actions
Types of Plans

#CyberFit Academy
Browsing Backups > Plans tab

Plans can be browsed and managed from the Plans tab

• All plans of a specific type will be show in each section:

• Protection: Shows all available Protection Plans
• Cloud applications backup: Shows Microsoft 365 and Google
Workspace Backup Plans
• VM replication: Shows VM replication plans
• Actions available with Plans:
• Create Plan | Import | Details | Stop | Edit | Activities | Alerts | Clone |
Export | Disable | Delete

#CyberFit Academy
 Section Summary
Cloud backups can be browsed with the console
1
On the Cloud Storage, you can browse the single backup

You can delete full backups, or incrementals

2
You can start a recovery from the backup file

3 You can add other backup locations

#CyberFit Academy
Cyber Protect Cloud
Performing Recovery

#CyberFit Academy
 Section Modules

4. Performing Recovery
I. Using the Web Interface
II. Recovery Options
III. Bootable Media & Universal Restore
IV. Acronis Instant Restore
V. Acronis Instant Restore (Run as VM) How To
VI. VM Replication
VII. Other Recovery Methods

#CyberFit Academy
Configuring Recovery
Determine:
1 What to recover: Entire machine, disks/volumes,
2
Location of backup: Local folder, network folder or
VMs or individual files/folders, databases or cloud?
application items

3 4
Recovery method: Using web interface, bootable
Recovery point: Available backups to recover from?
media or other methods

5 6
Where to recover: Original location, custom Recovery options: Validation, Error handling, File
location, on-premises or in cloud? exclusions, etc.?

#CyberFit Academy
Recovery Methods

Backups can be recovered using the following methods:

• Using web interface: Used for performing recovery of entire

systems and select data
• Using bootable media: Used for bare metal recovery of entire
systems and select data
• Other methods: Used for recovering files and folders
• Additionally, the following can also be used:
• Acronis Instant Restore (Run as VM) on-premises
• VM Replication (VMware vSphere only) on-premises
• Acronis Cyber Disaster Recovery Cloud in cloud

#CyberFit Academy
Cyber Protect Cloud
Using the Web Interface

#CyberFit Academy
 Using Web Interface > Devices Tab

Select machine from appropriate

Devices built-in/custom group
for Recovery, then select Backup
location, recovery point to
recover from and type of
recovery

#CyberFit Academy
 Using Web Interface > Backup Storage Tab

Select a location, then select

backup > Show backups to view
available recovery points for
recovery

#CyberFit Academy
Using Web Interface

To perform recovery using web interface, select backup

to recover from via Devices or Backup Storage tab:
• Devices tab: Select backed up machine/device/data from built-in
or custom group under Devices tab to recover from
• Backup storage tab: Select location to recover from
• Browse for available Recovery points (backups) and:
• Select type of data to recover:
• Entire machine: Disk-level recovery (for physical machines and
VMs)
• Files/folders, SQL/Exchange databases, M365 data, Google
Workspace data: File-level recovery
• Use Instant Restore (if available)

#CyberFit Academy
 Disk-Level Recovery

Choose to Recover to Physical or Virtual

machine, Target machine to recover to,
Disk or Volume mapping and Recovery
options

#CyberFit Academy
 File-Level Recovery

Search for files/folders/databases to

recover

Expand to browse for files/folders/databases to

recover

Browse for available

recovery points

#CyberFit Academy
 File-Level Recovery

Choose Original location or

Custom location and recovery
options

#CyberFit Academy
Creating the Recovery Task

After selecting type of data to recover

• For disk-level recovery, Recover to Physical or Virtual machine,

Target machine to recover to, Disk or Volume mapping and
Recovery options can be configured
• For file-level recovery, browse or search for the data to be
recovered and recovery can be to Original or Custom location1 or
downloaded/recovered as files
After creating the Recovery task, it will be executed immediately
1Depending on the type of data being recovered, additional options may be available for the Recovery task, e.g., Target instance
and State

#CyberFit Academy
Recovering as Virtual Machine
In Backup Console, disk-level backups (Entire
machine, Disks/volumes) of physical machines can
be recovered to:
• Physical machine (original)
• Virtual machine (convert to VM)
• Agent will automatically map the disks from the backup
to the target machine. Alternatively, click DISK
MAPPING to manually map the disk(s) for recovery
• Recovery of OS requires a reboot and machine will
come online automatically
If recovering to Virtual machine (convert to VM):
• VMware vSphere Hypervisor or Hyper-V can be selected as the target
machine and Datastore for vSphere Hypervisor or Path for Hyper-V can be
configured as well as VM SETTINGS such as Memory, Virtual processors and
Network adapters

#CyberFit Academy
Recovering as Virtual Machine
The following settings are available when
configuring recovery to virtual machine:

• By default, the same VM will be selected for recovery

• To change to a different VM (same or different platform),
click TARGET MACHINE and select VMware vSphere
Hypervisor, Hyper-V or Virtuozzo, requires respective
Agent
• Datastore and Path settings can be configured as well
as VM SETTINGS
• VM will be stopped during recovery and has to be
manually started after recovery. Alternatively, use
Recovery options > VM power management to
automatically start the VM

#CyberFit Academy
Startup Recovery Manager (SRM)
Bootable Component Resides On Hard Drive

• Bootable rescue utility without separate bootable media

• Failure occurs:
• Reboot machine and wait for prompt
• Press F11 for Startup Recovery Manager to appear then press F11 again
• Program starts and perform recovery
• GRUB boot loader installed: select Startup Recovery from boot menu instead of F11 during reboot
• Non-encrypted volume: need 100MB+ free space. Recovery requiring restart additional 100MB
• System volume with BitLocker-Encrypted
• At least one non-encrypted volume on same machine and that volume needs 500MB+ free space.
Recovery requiring restart additional 500MB
• Unless you use GRUB boot loader and installed on Master Boot Record (MBR)
• SRM activation overwrites MBR with own code before starting SRM. Otherwise: reconfigure boot
loader manually after activation.

#CyberFit Academy
Startup Recovery Manager (SRM)

Activating SRM with Agent

• Windows or Linux
• Select machine in service console
(click “Details” and activate SRM)
• Click Details
• Enable Startup Recovery Manager
switch
• Software activates SRM

#CyberFit Academy
Startup Recovery Manager (SRM)

Activating SRM Without Agent

• Boot machine from bootable media

• Click Tools > Activate Startup Recovery Manager
• Software activates SRM
• NOTE: to deactivate SRM
• Repeat activation procedures and select respective
opposite actions
• Deactivation disables boot-time prompt “Press F11 for
Startup Recovery Manager” (or menu item in GRUB)

#CyberFit Academy
 Cyber Protect Cloud
Recovery Options

#CyberFit Academy
 Recovery Options

Recovery options

#CyberFit Academy
 Section Summary

You can use Web Interface for recovery, and there are
1 multiple recovery functions.

2 How to use Disk-Level Recovery, and how to use File-

Level Recovery.

Creating the Recovery Task, Startup Recovery Manager,

3 and Recovery Options.

#CyberFit Academy
Cyber Protect Cloud
Universal Restore & Bootable
Media

#CyberFit Academy
Acronis Bootable Media
Bootable media a.k.a. Rescue Media is used for booting up the hardware
of a physical or virtual machine used for bare metal recovery

Linux-based WinPE-based Mac-based

Can be downloaded as ISO Requires installation of Create using Rescue Media

from Cyber Protection service Bootable Media Builder from Builder that’s included with
console, used for recovering Acronis Cyber Protect installer Agent for Mac, used for
Windows and Linux machines (https://kb.acronis.com/content/59611)
recovering macOS machines

and other files, used when

Linux-based media is unable to
detect disks, network adapters
or other hardware of the
recovery machine

#CyberFit Academy
Universal Restore

Acronis proprietary technology that enables:

• Bare metal recovery of Windows or Linux-based systems to dissimilar

hardware
• P2P, P2V, P2C, V2V, V2P, V2C, C2C, C2P, C2V migrations
• Hardware independent deployment of supported OS
• Works by swapping required systems drivers for OS startup in
the recovered OS to match the hardware of the machine used
for recovery
• Available as Apply Universal Restore in bootable Agent on
bootable media
• Universal Restore can be performed multiple times without
having to perform recovery repeatedly

#CyberFit Academy
Universal Restore in Windows Windows

The following locations will be scanned recursively when

using Automatic driver search for suitable drivers:

• Windows default driver folder in the recovered OS – make sure OS is

detected when using Apply Universal Restore for the 1st time after bare
metal recovery
• Removable media, network folders or other folders – If Windows default
driver folder doesn’t contain suitable drivers, i.e., OS startup fails after
Apply Universal Restore, download drivers (HDD controller and chipset)
from vendor website and place them in any of the above locations
• Drivers have to be provided as .inf files, extract them from .exe, .cab or
.zip using a 3rd party app if they are downloaded as such

#CyberFit Academy
Universal Restore in Windows Windows

Mass storage drivers to install anyway:

• Used when Automatic driver search cannot locate suitable drivers in any
of the locations that were specified
• If a specific mass storage controller such as RAID or fiber channel
adapter is required
• Be careful with specifying Mass storage drivers to install anyway as
mistakes will render the recovered OS inoperable and you will have to
redo the bare metal recovery
If Universal Restore cannot find a compatible driver in the specified
locations, it will display a prompt about the problem device; choose either to
Ignore or Retry after adding drivers to specified locations to be searched

#CyberFit Academy
Universal Restore in Linux Linux
OS

Universal Restore can be used for Linux OS

with kernel version 2.6.8 or above
• When working in Linux, Universal Restore updates the initial RAM disk
(initrd):
• Adds modules for new hardware to initrd
• Search for necessary modules in /lib/modules
• If required modules cannot be found, records the module’s name into
the log
• Original initrd is not modified and a copy is saved to the same directory
with the same filename followed by _acronis_backup.img and can be
reverted to if necessary
• Universal Restore may modify the configuration of the GRUB loader to
ensure system bootability but will never modify the Linux kernel

#CyberFit Academy
 Using Bootable Media
• Download Boot Media as ISO
• Use Boot Media Builder
• Install via local Agent for Windows

#CyberFit Academy
Using Bootable Media

#CyberFit Academy
Using Bootable Media

#CyberFit Academy
Using Bootable Media

#CyberFit Academy
 Using Bootable Media

#CyberFit Academy
Using Bootable Media

#CyberFit Academy
Using Bootable Media

#CyberFit Academy
Using Bootable Media

#CyberFit Academy
Using Bootable Media

Boot from bootable

media

#CyberFit Academy
Using Bootable Media

Start bootable agent

#CyberFit Academy
Using Bootable Media

Configure recovery
task

#CyberFit Academy
Using Bootable Media

Select what to recover

#CyberFit Academy
 Using Bootable Media

Browse for
Location

#CyberFit Academy
Apply Universal Restore

1. Click Apply Universal Restore under

Actions section of the Bootable Media
2. If recovered disk has several OS, click
Select… and choose the OS to apply
Universal Restore to
3. [Optional] Click Add folder to add network
folders to search for suitable drivers
4. [Optional] If specific mass storage drivers
such as RAID is required, click Add driver
and browse to location where the drivers
are located

#CyberFit Academy
Using Bootable Media

After selecting location and backup to recover from:

• Select 1 or more disks/volumes and MBR to recover

• Configure Where/How to recover selected disks/volumes
• Start recovery
• Bootable agent will start the recover immediately and after
recovery is complete, reboot or perform Apply Universal
Restore if recovering to dissimilar hardware

#CyberFit Academy
 Section Summary

1 A default Bootmedia is available as ISO file download from

the console

Default Bootmedia is based on CentOS (Linux)

2 Bootmedia Builder must be installed separate with the
Agent installer

3 With Bootmedia Builder you can create your own pre-

configured boot media, even based on Windows PE

#CyberFit Academy
Cyber Protect Cloud
Acronis Instant Restore

#CyberFit Academy
Acronis Instant Restore

Disk-level backups containing an O/S can be “Run as VM” for

quick recovery:
• Temporary VM created and virtual disks are emulated from backup and linked
to temporary VM
• Can be deleted (all changes discarded) or Finalized (converted) as a regular
VM without downtime
• Can be used for:
• Disaster recovery: Instantly bring a copy of a failed machine online
• Testing of backups: Run machine from backup to ensure guest O/S is
functioning
• Accessing application data: Extracting application data using native tools
• Plan

#CyberFit Academy
Acronis Instant Restore

Pre-requisites:

• Requires Agent for VMware or Agent for Hyper-V and corresponding host
• Agent for VMware/Hyper-V must be able to access the backup file:
• Backups stored on SFTP and Secure Zone are not supported
• Backups must contain entire machine or all volumes required for O/S to start
• Backups of physical and virtual machines except for Virtuozzo containers
• Backups that contain Linux LVM must be created by Agent for VMware or
Hyper-V and the same type of Agent must be used for Run as VM

#CyberFit Academy
Cyber Protect Cloud
How To use Acronis Instant Restore (Run as VM)

#CyberFit Academy
 Instant Restore (Run as VM)

#CyberFit Academy
Instant Restore (Run as VM)

Select machine from

appropriate Devices built-
in/custom group, click
Recovery, then select Backup
location and recovery point to
Run as VM

#CyberFit Academy
Instant Restore (Run as VM)

Select VMware or Hyper-

V host for Run as VM

#CyberFit Academy
Instant Restore (Run as VM)

Configure Run as VM
settings

#CyberFit Academy
Instant Restore (Run as VM)

Finalize temporary VM

Temporary VM

#CyberFit Academy
Instant Restore (Run as VM)

To perform Run as VM, select Backup from Devices

or Backup Storage Tab:

• Select whether to use VMware vSphere Hypervisor or Microsoft Hyper-V

to host the temporary VM
• Configure Run as VM settings such as storage to use, VM settings and
Power state
• After the temporary VM has spun up, it will appear in the service console:
• If connection to agent or backup location is lost, the temporary VM will
become unusable
• Select Finalize to convert it to a regular VM after which it can be backed
up and the backup created can be used for recovery
• Alternatively, select Delete to delete the temporary VM

#CyberFit Academy
Instant Restore (Run as VM)

#CyberFit Academy
Instant Restore (Run as VM)

#CyberFit Academy
 Section Summary

1 Instant Restore is a unique feature and enables you

to recover a complete system within seconds

It can be used for testing. It is already a kind of local

2 Disaster Recovery

Only VMware and Hyper-V are supported. Backup

3 can be even in the cloud

#CyberFit Academy
Cyber Protect Cloud
VM Replication

#CyberFit Academy
 VM Replication

Only available for VMware vSphere Hypervisor VMs.

Creates an exact copy or replica of a VM to the same or

another vSphere Hypervisor host which can be
maintained in sync with the original VM

Replication can be started manually or on schedule

with the 1st replication being a full copy and
subsequent replications being incremental

#CyberFit Academy
Replication vs. Backup

Replica keeps only the latest Replication will consume space

state of a VM on datastore whereas backups
can be stored on other storage

Powering on a replica is much Replica can be used for testing

faster than recovery and faster and failover/failback to/from
than Run as VM local or remote site

#CyberFit Academy
VM Replication

The following types of VMs can not be replicated:

• Fault-tolerant VMs on ESXi 5.5 and lower

• Run as VM
• Replicas

#CyberFit Academy
VM Replication

Create VM Replication
Plan

#CyberFit Academy
VM Replication

Replica actions

#CyberFit Academy
VM Replication
Actions
Select the VMware VM to
replicate and click Replication
to create a VM replication plan:
Target machine and schedule for replication
can be configured
After the replica has been
created, the following actions
are available:
• Test replica: Start the replica for testing, replication is
suspended while testing is in progress
• Replica actions > Failover: Failover to replica,
replication is suspended while failover is in progress
• Replica actions > Stop failover: Stop the failover,
replication will resume
• Replica actions > Permanent failover: Removes the
“replica” flag from the VM, replication is no longer
possible to the VM and replication plan should be
edited to use this VM as source if desired
• Replica actions > Failback: Failback to the original or
new VM, replication will resume once failback is
complete

#CyberFit Academy
 Section Summary

1 Replication is only available for VMware

2 Replication is only available for real VMs

3 Replications are planned with a schedule

#CyberFit Academy
Cyber Protect Cloud
Other Recovery Methods

#CyberFit Academy
Recovering ESXi
Configuration
• ESXi configuration can be recovered
using Linux-based Bootable Media
to bare metal
• If original vSphere Hypervisor host is
still connected to vCenter Server,
disconnect and remove original host
before recovery to avoid unexpected
behaviors during recovery
• To keep the original host, add it back
to vCenter after recovery

#CyberFit Academy
 Extract Files from Local Backups

Directly browse local

backups to view available
recovery points to extract
files

#CyberFit Academy
Extract Files from Local Backups

Backups stored on local folders can be browsed

directly to extract files for recovery

• Only available in Windows using File Explorer

• Agent for Windows must be installed on the machine used for
browsing
• Backed up file system must be FAT16/32, NTFS, ReFS,
ext2/3/4, XFS or HFS+
• Backup must be stored in a local folder or network share
(SMB/CIFS)

1 Use ISO to USD or RUFUS to create bootable USB if you need to boot UEFI machine, Win32DiskImager for BIOS and in Linux, use dd utility

#CyberFit Academy
 Downloading Files from Cloud Storage

Select More ways to recover… >

Download Files to download files
from backups stored in Cloud
Storage

#CyberFit Academy
Downloading Files from Cloud Storage

Files can be downloaded from

Limitations:
backups stored in cloud storage:

• Select More ways to recover… > Download

• Backups of system state, SQL databases
files to open a new browser window and
and Exchange databases cannot be
login to view all backups stored in cloud
browsed
storage
• Download no more than 100 MB at a time to
• Browse for Backups to select files for
avoid slowdown
download

#CyberFit Academy
Downloading Files from Cloud Storage

#CyberFit Academy
 Downloading Files from Cloud Storage

#CyberFit Academy
Downloading Files from Cloud Storage

#CyberFit Academy
 Section Summary

1 Acronis is able to do a vSphere Hypervisor backup which

can be used to do a bare metal recovery of an host back to
vCenter
The Agent on a Windows system can browse and open
2 local Backup files

The Customer Account can use the recovery console to

3 browse cloud backups and download files. No Recovery
jobs.

#CyberFit Academy
Cyber Protect Cloud
Monitoring & Reporting

#CyberFit Academy
Monitoring > Dashboard

Provides a number of customizable (WYSIWYG)

widgets, updated every 2 minutes, that gives an
overview of all operations

• Widgets are customizable, have clickable elements

and more widgets can be added/removed as needed
• Dashboard can be sent or downloaded as Excel
and/or PDF file
• Full screen view can be shown for displaying on large
screens
• Widget selection based on categories (and search
capability)

#CyberFit Academy
Monitoring > Dashboard

Full screen view

Available
actions

Widget

#CyberFit Academy
Monitoring > Dashboard
Available
widgets

#CyberFit Academy
 Alerts

Monitoring > Alerts shows messages that warns about actual

or potential issues and can have 1 of the following severities

Critical: Issues which can potentially lead to

data loss, e.g., Malware detected
Error: Issues due to process errors, e.g.,
Backup failed due to network error
Warning: Minor issues, e.g., Backup is
cancelled
• For a machine, the highest severity
alert will be shown if there are
multiple alerts
• Alerts can be cleared manually or
automatically when the context has
changed or when the process, e.g.,
backup, is executed again and is
successful

#CyberFit Academy
 Monitoring > Alerts
Summary of
Alerts Alert details

#CyberFit Academy
 Reports

Reports similar to Dashboard is widget-based and

can be used to show information about operations:

• A number of templates are available and more reports

can be added
• Reports can be customized and scheduled for sending
via email as Excel and/or PDF
• Report structure can also be exported as JSON for
subsequent importing
• Report data can be dumped as CSV file and sent via
email

#CyberFit Academy
Reports Tab

Create report
from
template
Report
actions

Types of
Reports

#CyberFit Academy
 Activities

Monitoring > Activities can be used to view all

activities from all registered machines

• Activities can be searched by:

• Device name | Started by
• List of activities can also be filtered by:
• Status | Type | Time period

#CyberFit Academy
 Monitoring > Activities

Filter by Status, type

and time period

Search by Device
name or Started by

#CyberFit Academy
 Agents

Agents can be updated from the Settings > Agent tab:

• Update definitions: Update anti-malware, vulnerability assessment and

patch management definitions manually
• Clear cache: Clear the local storage cache used for updates
• Details: View details of the machine and enable/disable Update role for
agent:
• Agent with Update role will check for Agent and definitions updates
from the Internet and distribute them to other agents in local
network using peer-to-peer technology
• Activities: Shows activities of the machine
• Delete: Option to delete machine

#CyberFit Academy
 Settings > Agents

Actions
available

Machines with
agents installed

#CyberFit Academy
 Settings > Agents

Enable/disable
Update role for
agent

#CyberFit Academy
System Settings

Default Backup options can be configured

from Settings > System Settings:

• Once configured, will apply to all Protection Plans

subsequently created
• Existing Protection Plans will not be affected

#CyberFit Academy
 Settings > System Settings

Default Backup
options

#CyberFit Academy
 Settings > System Settings > Immutable Storage

#CyberFit Academy
 Section Summary

Left blue area of the console is the main menu where you
1 find functions such as the following:
• Dashboards
• Alerts
• Activities
• Reports
• Settings

In settings you can setup default backup options and

2 agent update

#CyberFit Academy
Cyber Protect Cloud
New Features

#CyberFit Academy
Web Restore: Full Support for
Custom Branded URL
✓ Custom branded URLs used can now access
Web Restore console to browse and restore
files from backups. Do not need to disable
custom URL.

Scenarios
• Customer (or SP) user logs into Acronis
Cyber Cloud via custom branded URL
(e.g. backup.mycompany.com)
• Goes to Cyber Protection console and
accesses Web Restore Console
interface to browse and restore files
from backup.

#CyberFit Academy
Advanced Backup: One-click Recovery for End Clients

#CyberFit Academy
Microsoft 365: Licensing for blocked seats
External user
✓ Acronis will not license blocked seats that
have unprotected workloads (OneDrive
and mailboxes) Public folder #1 (mailbox backup)

With backups
✓ License blocked seats only for protected M365 seat #1 (mailbox + OneDrive backup) MS Team #1 (backed up)
personal (non-shared) workloads:
M365 seat #2 (OneDrive backup)
OneDrive and mailboxes
M365 seat #3 (mailbox backup) SharePoint site #1 (backed up)
Scenarios
Shared mailbox #1 (backed up)
• Customers can enable backup of shared
Microsoft 365 workloads (Teams, SharePoint

Without backups
sites) M365 seat #4 (without any backup) MS Team #2 (without backup)

Licensing M365 seat #5 (without any backup)

• Available in Standard Protection M365 seat #6 (without any backup) SharePoint site #2 (without backup)
• Licensing models supported: M365 blocked seat (without any backup)
Per workload only.

Legend: - Billed - Non-billed - Has access

#CyberFit Academy
Microsoft 365 OneNote Backup and
Recovery
✓ C22.10: protection of Microsoft 365
OneNote notebooks enables recovery
of notebook files to original (or new)
location. Previously (June 2022): could
only download backups.
How To:
• Enable Microsoft 365 OneNote backup
as part of Microsoft 365 OneDrive and
Microsoft SharePoint Online backup
• Recover Microsoft 365 OneNote
notebook files back to their original or
new location

#CyberFit Academy
Acronis Cyber Protect Cloud:
Recover Microsoft 365 mailbox data to PST

#CyberFit Academy
Cyber Protect Cloud
Top Troubleshooting
Issues

#CyberFit Academy
Attempt To Remove Backup or
Recover Files Fails
Problem

“Machine with ID ‘…’ is offline or is not

available
Machine with agent offline or deleted

Solution

possible bring agent back online to

perform operation, Or…

#CyberFit Academy
Attempt To Remove Backup or
Recover Files Fails
Problem

Agent no longer available: two options

Solution

Go to Backup Storage and select location

Select another agent in the field “Machine
to Browse From”, Or…

#CyberFit Academy
Attempt To Remove Backup or
Recover Files Fails

Solution

Utilize Web Restore console

Know data center name (example: US2)
Type in <DC>-cloud.Acronis.com/wr
(<DC> is US2 for example)
Log in as original user that created
backups
Recover: browse files/folders and select
data want to recover
Click Download

#CyberFit Academy
Attempt To Remove Backup or Recover Files Fails
Solution
Delete backups via web restore console:
• Devices: Select machine for which you want to
delete backups
• Click Recovery > More ways to Recover >
Download files
• Enter credentials of account which backed up
machines is assigned
In Web Restore console select machine want to delete
backups
• Click right side of backup want to delete to open a
pop-up menu
• Click Delete
NOTE: delete option only available for entire backup
archives

#CyberFit Academy
Backup Fails with VSS Writer ‘SqlServerWriter’

Problem

Backup fails with following message:

| error 0x10c469: VSS writer 'SqlServerWriter' with class ID 'A65FAA63-5EA8-4EBC-9DBD-
A0C4DB26912A' has failed to process the snapshot.
| line: 0x3fec04e376b89d87
| function: `anonymous-namespace'::ObtainVSSFailReasonSuberror
| $module: disk_bundle_vsa64_3917
|
| error 0xfff0
| line: 0xbd28fdbd64edb8fb
| function: Common::Error::AddHResult
| code: 0x800423f4
| $module: disk_bundle_vsa64_3917

#CyberFit Academy
Backup Fails with VSS Writer ‘SqlServerWriter’

Problem

SQL Instance with large number of databases

Backup up instance (or disk containing the instance)
In the Windows application event logs, see following error:
Sqllib error: OLEDB Error encountered calling ICommandText::Execute. hr = 0x80040e14.
SQLSTATE: 42000, Native Error: 3013Error state: 1, Severity: 16
Source: Microsoft SQL Server Native Client 11.0
Error message: BACKUP DATABASE is terminating abnormally.
SQLSTATE: 42000, Native Error: 3202
Error state: 1, Severity: 16
Source: Microsoft SQL Server Native Client 11.0
Error message: Write on ""{56EFEAC3-AC01-4E93-86B8-D24E27241B1D}33"" failed: 995(The
I/O operation has been aborted because of either a thread exit or an application request.)

#CyberFit Academy
Backup Fails with VSS Writer ‘SqlServerWriter’

Solution

Increase “Max Worker Threads” on SQL Server

Select version of SQL Server and follow instructions at:
• https://docs.microsoft.com/en-us/sql/database-
engine/configure-windows/configure-the-max-worker-
threads-server-configuration-
option?redirectedfrom=MSDN&view=sql-server-ver16

#CyberFit Academy
Backup Fails with VSS Writer ‘SqlServerWriter’

Problem

Other issues
Using disk-level backup plan
Have ACT7! SQL Server installed
In the Windows application event logs, see following error:
MS SQL Backup Fails with error: VSS error 0x800423f4
Description
MS SQL Backup Fails with error: VSS error 0x800423f4
Act7 Database
Errors in Event Logs:
SQLVDI - Loc=UserAccount::Init(name). Desc=LookupAccountName. ErrorCode=(1332)No
mapping between account names and security IDs was done Instance=ACT7
SQLVDI - Loc=IdentifySQLServer. Desc=Initialize. ErrorCode=(1332)No mapping between
account names and security IDs was done Instance=ACT7
SQLWRITER - Sqllib error: Failed to create VDS object. hr=0x80770005
I/O operation has been aborted because of either a thread exit or an application request.)

#CyberFit Academy
Backup Fails with VSS Writer ‘SqlServerWriter’

Solution

Go to “Start” and “Computer Management”

Choose “Services and Applications”
Choose SQL Server Configuration Manager
Locate SQL Server (ACT7)
Change service logon from Local System to Local Service
Restart machine

VSS tool for diagnosing and repairing VSS service issues

https://www.acronis.com/en-us/products/vss-doctor

#CyberFit Academy
Continue Backup To Existing Archive with New Backup Plan

Scenario

Backup plan applied to single machine. Have to remove machine

from console or uninstall agent along with configuration settings
Machine re-added or agent reinstalled

• Can force backup plan to continue backup to same backup (or

backup sequence)
• Supports encrypted archives (20.08 release)

#CyberFit Academy
Continue Backup To Existing Archive with New Backup Plan

Solution

Create new backup plan

“Where to Backup”: Specify folder where
existing archive located
Click “Backup Options”
Navigate to “Backup File Name”
Click “Select and select required backups
• Button shows backups in location selected in
the “where to back up” section of backup plan
panel (Cannot browse anything outside of this
location)
Click Done and Save Backup Options
Save Backup Plan

#CyberFit Academy
Archives with “Remediation” in the Name

Scenario

Backup location: notice archives with

“Remediation” in name

Cause

Archives with names like “%device_name%-

Remediation”
Result of backup remediation action performed
by user from “Threat Feed”

#CyberFit Academy
Archives with “Remediation” in the Name

Cause

User confirmed to “Backup of protected or

unprotected machines” in the “Run
recommended actions” on received alert
These archives can be deleted manually in
“backup storage” tab if needed

#CyberFit Academy
Links to KB Articles – Top Troubleshooting
Issues
• Attempt To Remove Backup or Recover Files Fails
• https://kb.acronis.com/content/69264

• Backup Fails with VSS Writer ‘SqlServerWriter’

• https://kb.acronis.com/content/57072

• Continue Backup To Existing Archive with New Backup Plan

• https://kb.acronis.com/content/59725

• Archives with “Remediation” in the Name

• https://kb.acronis.com/content/67914

#CyberFit Academy
Thank you for watching!

#CyberFit Academy
Cyber Foundation
Building a More Knowledgeable Future

Create, Spread and Protect

Knowledge with Us!
www.acronis.org
#CyberFit
Building New Schools
Publishing Education Programs
Publishing Books

#CyberFit Academy