Azure Backup is a cloud service provided by Microsoft that offers data protection and recovery solutions for IT infrastructures. Designed to easily integrate with Azure applications and services, the service helps protect business resources such as virtual machines, servers, databases, and files. With its centralized, automated and scalable management, Azure Backup represents a versatile solution for backup needs in both on-premise and cloud environments. In this article, we're going to take a closer look at how it works, what are the best practices for implementing it in your backup strategies, and what are the factors that influence its cost.
With so much data now stored digitally, new strategies are needed to protect it. Whether it's a natural disaster, a power outage, or a cyberattack, terabytes of information can disappear in a flash. In fact, a downtime event can cost a company amounts corresponding to thousands of euros per minute; according to some estimates, this means up to about half a million per hour.
A recurring theme in companies when it comes to data is how to make effective backups and the use of long-term strategies based on tape libraries and off-site backup is gradually leaving room for simpler and more modern techniques such as those allowed by the Cloud.
Hyperscale providers all offer some type of backup service, as this is a simple but important use case for every company, and Microsoft's Azure cloud platform is no exception, providing native backup tools such as Azure Backup to protect Azure-based workloads.
Azure Backup is an Azure-native backup service that allows you to protect your workloads in the Azure cloud, in multicloud or hybrid environments, by enabling self-service backup and recovery at scale.
Your organization's data is constantly at risk of loss, damage, theft and exposure and it is therefore important to protect it, regardless of where it is stored: on-premise or on cloud servers.
A reliable backup solution can help your organization quickly recover lost data and continue business operations without interruption.
Azure Backup is a solution that is part of a large package offered to customers through the Azure Recovery Services vault and even if it is a cloud-native service, it is possible to use Azure Backup features even on-premise.
The service can use both Recovery Services Vault and the more recent Backup Vault. Each supports different types of data sources. The Recovery Services Vault is the traditional and most complete one, while the Backup Vault is more targeted and supports newer workloads such as Azure Disks, Azure Blobs and PostgreSQL.
It can be considered as a security network “in the clouds”, which with its archiving and retrieval capabilities guarantees the protection of business data even during unexpected interruptions, offering secure and reliable protection against the loss of information.
Azure Backup is simple to use thanks to a centralized management interface that allows easy access to most backup and recovery options.
It reduces the infrastructure and licensing burden associated with traditional on-premise backup architectures and also helps in hybrid environments by offering seamless integration with on-premise workloads, allowing companies to both base their entire backup strategy on the cloud and extend their existing backup strategies with the added benefits of the cloud.
The service is simple to configure and use, offering consistent copies with security features and management controls made available through the Azure portal.
There are numerous components in Azure Backup that can be downloaded and distributed depending on what you want to back up. All of these components can be used to back up data to a Recovery Services Vault in Azure, regardless of whether you're protecting data in your buildings or in the cloud.
But what is a Recovery Service Vault?
This is just an online storage unit in Azure that is used to store restore points, backup copies, and backup policies. The Recovery Services Vault can be used to store backup data for Azure services, as well as for on-premise servers and terminals. With each Azure subscription, you can create up to 500 Recovery Services vaults or Backup vaults for each subscription by region.
Backups made with Azure Backup services and stored in Recovery Services Vault are kept independent and isolated from the original copies to protect them from accidental deletion and destruction and guarantee different restore points for backups created in a continuous process.
The service establishes these restore points with all the information necessary to restore consistent application backups, which take much less time to resume their working state.
There are no limits or costs on two-way data transfers, unless there is a large initial offline backup using the Azure Import/Export service.
The Recovery Services Vault keeps both long-term and short-term data, and Azure Backup protects data regardless of its state, both at rest and in transit. Organizations can rely on Azure's security capabilities and transfer data virtually without limits.
Azure Backup can archive and recover data sources such as:
MARS and MABS, both key components of Azure Backup, are two distinct tools used within the service to provide maximum data protection in different environments.
Let's take a closer look at them individually.
MARS, or Microsoft Azure Recovery Service Agent, is an agent installed directly on Windows machines, both on-premises and virtual, to back up files, folders, and entire machines directly to the Azure cloud and is particularly useful for protecting individual machine data without the need for a complex backup infrastructure.
It can work both independently and together with MABS/DPM.
This tool can be downloaded from the Recovery Service Vault and to configure it on a machine, you need the credentials of the vault, another file that can also be found in the Recovery Service Vault.
MARS Agent allows the backup of files and folders, the entire Windows volume and a snapshot of the system state of your on-premises machine. MARS backs up data directly into the Recovery Service Vault.
Although Azure Backup offers VM-level backup, if you want to back up specific files/folders on your Azure VM, MARS Agent can be useful.
MARS has some limitations, however: it does not support application-level backup (such as SQL or Exchange) in native mode, it does not support Linux, and it can only perform file/folder level backups for Azure VMs (not full snapshots of the VM).
MABS, or Microsoft Azure Backup Server, is instead a solution that combines on-premises and cloud backup capabilities. It is based on DPM (Data Protection Manager) and is designed to manage backups of enterprise workloads such as SQL Server, Hyper-V, and SharePoint. MABS can back up to local disks and then store the data in the cloud through Azure Backup.
It is often confused with MARS Agent but the two are distinctly different tools.
While MARS backs up data directly to the Azure vault, MABS and DPM are intermediate on-premises servers that keep the backup data of machines or other workloads locally (using local storage) and then send it to the Azure vault using MARS Agent.
In addition, MABS and DPM also protect applications such as HyperVisor, virtual machines, SQL Server, VMware, etc.
Azure Backup offers four types of redundancy to ensure high availability of its archives and data even in the event of critical failures or catastrophic situations that can put the information and files we want to keep in serious trouble.
Let's see what they are:
We have created the Infrastructure & Security team, focused on the Azure cloud, to better respond to the needs of our customers who involve us in technical and strategic decisions. In addition to configuring and managing the tenant, we also take care of:
With Dev4Side, you have a reliable partner that supports you across the entire Microsoft application ecosystem.
Backup strategies are fundamental to any disaster recovery plan (DRP) that can be defined as such. The goal is to create copies of all critical business data; these redundancies are then kept in separate places, acting as a safety net in the event of a primary data failure.
Simple? On the surface, yes, but as always, the devil is in the details.
When developing a backup strategy for your data, there are many factors to consider and it is important to adopt any practice that can help us to make our operations as efficient, fast and economical as possible, in a continuous process of review and adjustment.
So, let's now look at some simple and direct ways to make Azure Backup work even better for our recovery strategies.
Optimizing your backup strategy on Azure starts with evaluating and adjusting the frequency of backups.
It is therefore important to review the current backup policies within Azure Backup. For example, controlling the frequency of backups for Azure virtual machines (VMs), Azure SQL databases, and Azure Blob Storage and identifying critical data that requires more frequent backups.
Let's ensure that our backup programs are in line with operational needs and compliance mandates, and we use Azure Policy to enforce organizational standards regarding backup frequencies.
If we find ourselves in the situation of having to back up critical databases daily to comply with financial regulations, other less critical workloads could be saved weekly to save time and resources.
Azure Backup offers a range of storage options to manage backup lifecycles efficiently, while controlling storage costs.
So let's try to configure appropriate retention policies in the Azure Backup vault by setting, for example, daily retention for 30 days, weekly retention for 12 weeks, monthly retention for 12 months and annual retention for 7 years. This flexibility makes it possible to meet both short-term and long-term storage needs.
We also balance conservation needs with storage costs and use the Azure Cost Management tool as much as possible to monitor and analyze storage costs.
Let's try moving older backups to less expensive storage options, such as Cool Blob Storage or Archive Storage, to reduce costs while keeping essential data.
Regularly testing and validating your backups ensures data integrity and reliability.
We schedule regular restore tests using Azure Backup's built-in recovery capabilities, to verify that your backups are complete and that the data can be restored without errors or deficiencies.
You can automate these tests using Azure Automation and Azure PowerShell to create runbooks that automate backup validation processes. For example, a runbook can be configured to automatically restore a virtual machine in a test environment and verify its functionality.
Clear and detailed recovery procedures are critical to minimizing downtime and ensuring rapid recovery. We use Azure Backup and Azure Automation reports to document comprehensive recovery plans.
We try to include detailed steps for different scenarios, such as recovering a VM, retrieving an SQL database, or retrieving files from Azure Blob Storage.
We also organize regular training sessions for IT staff regarding Azure Backup and recovery procedures. In this regard, we can use Azure DevTest Labs to create training environments where staff can practice recovery operations without affecting production environments.
Effective monitoring helps you stay in control of backup operations and quickly identify any problems. We integrate Azure Backup with Azure Monitor and Log Analytics capabilities to monitor the status of backup jobs and performance metrics. We create custom queries and alerts in Azure Log Analytics to monitor the success, duration, and failure rates of backups.
Use Azure dashboards to create visual representations of our backup operations, and add specific Azure Backup widgets to our dashboard for real-time updates on the status and performance of backup jobs.
Let's configure alerts in Azure Monitor to notify failed backups, missed backups, and other critical issues, and set up action groups to forward these alerts to the appropriate teams via email, SMS, or Azure mobile app notifications, and design them to be actionable, including detailed information and resolution steps.
We use Azure Action Groups to ensure that alerts are sent to the correct team members who can address issues promptly.
Azure Backup pricing uses a scalable consumption-based model, making it accessible to businesses of all sizes.
The pricing model is based on the type and number of resources being backed up, as well as the Azure resources used for the backup, such as storage space and data transfer.
The cost of Azure Backup is determined by the following components:
For more information on the figures and to start making a first estimate of the costs for your organization, we strongly invite you to consult the official page of the service on the Microsoft Azure website (available hither), also equipped with a convenient calculation tool that allows filtering based on region, currency and type of workload.
Let's now see in the next sub-sections some slightly more specific examples of the pricing of Azure Backup for different resources of the Azure platform and what affects the costs for each one.
Azure virtual machines (VMs) are one of the most commonly used services in Azure. The cost of backing up Azure VMs is determined by the size of the backup data and the type of storage used. The cost is broken down into two main components: the cost of the instance and the cost of storage. You can also use the cheaper storage tier, instead of the standard storage tier.
The cost of the instance is based on the concept of a 'protected instance' in 500 GB increments. For example, if you have a VM with a size of up to 50 GB, you are charged a certain amount per month. The price increases as the size of the VM increases (up to 500 GB and then again for more than 500 GB).
The cost of storage, on the other hand, depends on the type of storage you choose: locally redundant storage (LRS), redundant zone-level storage (ZRS), geo-redundant storage (GRS), or geo-redundant storage with read access (RA-GRS).
SQL Server on Azure VM is another very popular service. The pricing for this service is similar to that of Azure VMs, with the cost of the instance and the cost of storage as two main components. The cost also depends on the model chosen, such as pay-as-you-go, reserved, Spot or savings plans.
It's worth noting that if you have multiple databases in a single SQL Server VM, you'll only be charged one fee for the VM and not for each database individually. This can lead to significant cost savings if you have a large number of databases.
Azure Backup also supports SAP HANA on Azure VMs, with a specific pricing structure.
The cost is based on the size of the database, with options ranging from 192 GB to 6 TB for a single instance.
Azure Files is a cloud-based file sharing service provided by Microsoft Azure. It allows you to create, share and manage files in the cloud, just like you would on your local system. The pricing for Azure Files backup is calculated based on the total amount of data stored in the file shares, in addition to the costs for storing snapshots.
For less than 250 GB of stored data, there's a 60% reduction.
It is important to note that in this case we refer exclusively to the backup service and the cost of archiving, which is billed separately, is not included.
Azure Blob Storage is a service that stores unstructured data in the cloud in the form of blobs or objects. This service is ideal for storing large amounts of unstructured data, such as documents, images, videos, and log files.
It should be specified that for Blobs, a Backup Vault is specifically used and not a Recovery Services Vault.
The pricing for Azure Blob backup is slightly different from that of Azure Files. In this case, the cost is calculated based on the total amount of data stored and the chosen storage class: Premium, Hot, Cool, Cold, and Archive.
The Hot archive is intended for data that is consulted frequently, the Cool archive is for data that is rarely consulted, and the Archive archive is for data that is consulted very rarely.
For your backups on Azure Blob Storage, it is advisable to use the Cold and Archive levels, as the storage prices are much lower than the Hot and Cool levels, even if the downside is represented by much higher data retrieval costs and financial penalties in case of premature cancellation.
Azure Disks is a service that offers high-performance and durable block storage for Azure virtual machines. Azure Disks are available in four types: Ultra Disk, Premium SSD, Standard SSD and Standard HDD. Azure charges for snapshots and for the use of bursting.
The cost of backing up Azure Disks depends on the type of disk you choose, disk size, and redundancy options. The higher the capacity and quality of the disk selected, the higher the costs will be for backing up data with Ultra Disk and Premium SSD, which have the highest price ever.
When you explore the cloud service you want to adopt and you begin to familiarize yourself with its native tools and services, you realize that, often, these are much faster to configure than a standard approach that involves manually activating services on your on-premise infrastructure or on cloud-based virtual machines.
Native tools and services also offer a number of benefits: legal compliance, delegation of responsibilities to the vendor, and troubleshooting support. In general, a world of differences compared to the past where backup operations were not only much more complex, but also more expensive and, potentially, much riskier.
Considering all the key points described above, Azure Backup can represent the ideal solution to administrative overload problems related to managing on-premises solutions, the purchase of additional storage space and licenses, and a drastic course correction that can allow us to avoid costly errors and ineffective backup strategies.
Why not find out if it's the right solution for you too?
Azure Backup is a cloud service developed by Microsoft that allows you to protect and recover company data in a simple and secure way. It is designed to adapt to both on-premise environments and cloud infrastructures, offering automated and centralized backups for virtual machines, files, databases and other workloads.
You can protect critical business data stored on virtual machines, both Hyper-V and VMware, physical servers, files and folders, databases such as SQL Server and SAP HANA, and cloud services such as Azure Files, Azure Blobs, Azure Disks, and even Kubernetes Services. The service covers complex scenarios, including Azure Stack Hub and Azure Stack HCI.
Yes, Azure Backup is compatible with on-premise environments thanks to specific components such as MARS and MABS, which allow data to be backed up locally and then stored in an Azure cloud vault, maintaining flexibility and protection even outside the cloud perimeter.
A Recovery Services Vault is a virtual container in Azure that allows you to store backups, restore points, and retention policies. Each Azure subscription can contain up to 500 of these vaults for each region. The vault isolates data from the original copies to protect them from accidental deletion and ensures fast and consistent restores.
MARS is an agent to be installed directly on Windows machines, useful for backing up files, folders and system state, especially in the absence of a complex backup infrastructure. MABS, on the other hand, is a complete server that can manage the local backup of articulated workloads and then send the data to the cloud through the MARS agent. Unlike MARS, MABS supports applications such as SQL Server, Hyper-V, and SharePoint.
Yes, the service offers several redundancy options. The copies can be replicated locally within the same data center or distributed over multiple zones or even geographically distinct regions, thus ensuring protection even in the event of regional interruptions or critical failures.
For a truly effective backup strategy, it is essential to adapt the frequency of backups to operational needs, configure storage policies tailored to each type of data, regularly test recovery processes, document the procedures for each type of recovery and monitor the execution of jobs in real time through Azure Monitor and Log Analytics.
The cost is based on a fixed monthly fee for the service, in addition to the expenses for data storage, the bandwidth used for transfers, and the number of protected instances. Each element contributes to the final price, which can be accurately estimated using the official calculator available on the Microsoft Azure website.
Not really. For Azure Blob, you use a Backup Vault and you choose a storage class between Premium, Hot, Cool, Cold or Archive. The Cold and Archive levels are the cheapest for storage but have higher costs for data retrieval. For Azure Files, the backup is calculated based on stored data and snapshots, but the cost of storage is separate.
Absolutely yes. Backups are isolated from the original sources, protected against accidental deletion, encrypted both at rest and in transit, and managed according to the highest security standards offered by the Azure infrastructure. Everything is designed to ensure maximum resilience and business continuity.
The Infra & Security team focuses on the management and evolution of our customers' Microsoft Azure tenants. Besides configuring and managing these tenants, the team is responsible for creating application deployments through DevOps pipelines. It also monitors and manages all security aspects of the tenants and supports Security Operations Centers (SOC).
