Protecting Azure Virtual Machines with Commvault

You can use the Commvault software to back up and recover Azure VMs that are part of an Azure application. You can configure a hypervisor to represent the Azure application.

Backups

Data You Can Back Up

  • Virtual machines (Windows and Linux, powered on or powered off)

  • VMs that are created with the trusted launch security type.

    These VMs retain the trusted launch security type throughout backup and restore cycles and cannot be converted to non-trusted launch VMs. Conversely, VMs with other security types cannot be converted to the trusted launch security type.

  • VMs of Azure Generation 1 and Azure Generation 2.

  • For Azure Resource Manager deployments, VMs that are configured with Azure unmanaged and managed disks. From these backups, you can restore full VMs and restore guest files and folders.

  • VMs that have encrypted blobs.

    These VMs can be protected and fully recovered. However, guest file recovery of these VMs is not currently supported.

  • VMs that are encrypted by Azure Key Vault.

    Backups of these VMs can include the operating system information, the data disks information, secrets (for example, token and password information), and encryption keys (for example, algorithm information). The encryption keys can be managed by Microsoft or by customers.

  • Confidential VMs that are encrypted with platform-managed keys (PMKs) or not encrypted.

  • If the source VM is associated with an application security group, then the application security group is included in the backup.

  • Disks that are configured by users through the Azure portal, including disks that are configured on Standard and Premium storage accounts.

  • Azure managed disks that are 8 TB or smaller.

  • Managed and unmanaged disks that have Changed Block Tracking (CBT) enabled.

    For more information, see Changed Block Tracking for Azure (CBT).

  • For Azure-managed disks, information about the configured Availability Zones, which are specific (physical) locations within an Azure region.

  • Azure-managed disks that are enabled with encryption at the host, on Windows or Linux VMs.

  • Proximity placement groups.

Data You Cannot Back Up

  • Confidential VMs that are encrypted with customer-managed keys (CMKs).

  • Temporary disks that are automatically configured by Azure when a VM is created.

  • Files or network drives that are shared in Azure and mounted on a VM.

  • Azure Ultra SSD-managed disks.

    Due to a Microsoft limitation, snapshots of Ultra SSD-managed disks are not supported. When Ultra SSD-managed disks reside on a virtual machine with other supported disks, during backups, the Ultra SSD-managed disks are skipped. The other disks on the virtual machine are backed up.

    You can back up your Ultra SSD-managed disks using the Windows File System Agent. For more information, see Backups Using the Windows File System Agent.

  • Managed Premium V2 SSD disks.

Backups You Can Perform

  • Full backups

  • Full backups, using IntelliSnap

  • Incremental backups

  • Synthetic full backups

When You Can Perform Backups

  • On a schedule: The server plan that you assign manages scheduled backups

  • On demand: You can perform on-demand backups at any time

Restores

Restores You Can Perform

  • Full VMs

  • Guest files and folders

  • Attaching disks to an existing virtual machine

  • Virtual machine files

Backups You Can Use for Restores

  • The most recent backup: For example, restore the most recent backup to its original location

  • A backup from a specific date: For example, restore data to a point in time before it became unusable

  • Backups from a date range: For example, restore data that was accidentally deleted

Destinations You Can Restore To

  • The current location (in place)

  • A different VM (out of place)

Known Issues

Azure snapshots that were taken with a locked resource group cannot be deleted.

Loading...