• 5 min read

Azure Backup’s cloud-first approach and why it matters

Azure Backup's cloud first approach for enterprise backup and differentiated value it provides in a cloud transformed IT environment

Backup is all about how quickly you can be back up from a disaster or data loss situation. ​On this World Backup Day, this blog post is dedicated to explaining Azure Backup's cloud-first approach and how it helps you be back up quickly and securely. 

Backup is a deeply entrenched market and companies generally tend to stick with their backup solution unless there are major shifts in the IT infrastructure. When such a shift occurs, companies are open to evaluating alternate backup solutions that offer significant value tied to that infrastructure shift. Virtualization was a hardware infrastructure inflection that happened in the 2000s that allowed companies to significantly reduce their IT costs with the consolidation and portability benefits offered by virtualization. It also allowed new backup players to emerge and the ones that delivered significant value tied to virtualization became successful. The infrastructure inflection currently underway is the shift to the public cloud and Azure Backup has taken a cloud-first approach to deliver maximum value for backup scenarios in a cloud-transformed IT environment. 

Cloud-first value propositions

These are the benefits customers would likely expect in backup scenarios as they augment the public cloud to their IT infrastructure:

  1. Consistent management experience for Hybrid IT: Companies will be in a hybrid model where in addition to the on-premise IT, they will have a cloud foot print that has IaaS (“lift-and-shift applications”) that possibly extends to PaaS (“born-in-the-cloud applications”) and SaaS (O365). It is important to have a consistent experience to manage backups across the IT assets in this hybrid model.
  2. Agility: Business owners are seeking more agility offered by the public cloud where they can deploy solutions from the marketplace to meet their business needs. From a backup perspective, an application admin should be able to sign up for backup and do self-service restores without having to go through a central IT process to provision compute/storage in the cloud to enable backup.
  3. Reduce TCO (Total Cost of Ownership): A subscription based model (PAYG) is an obvious benefit of the public cloud, but it is also important to consider overall IT cost for backup. For example, if you need to deploy additional infrastructure in the cloud (compute and storage) for backups your overall costs would be higher.
  4. Freedom from infrastructure: This is one of the fundamental benefits companies seek when they move their IT to the cloud and since backup has a significant infrastructure footprint in on-premises IT (storage, compute, licenses, etc), an infrastructure-less backup solution would be a natural expectation for customers.

There are 3 possible approaches backup solutions can take to leverage the cloud inflection and it is important to consider how well they deliver on the above promises in each approach:

  1. Cloud as storage: In this model, the backup solution leverages the public cloud as a storage target for backup either for the second backup copy or to replace tape backups. The customer still needs to manage storage in the cloud, pay for any egress costs for restores, and manage bulk of backup infrastructure that is still on premises.    
  2. Cloud as infrastructure: This is the next level where the customer can run the backup application in an IaaS VM, which can protect applications deployed in IaaS. While it does offer a similar experience, it can only protect IaaS VMs and not the other cloud assets (PaaS, SaaS) and has TCO implications. For example, a single IaaS VM only supports 32 TB of total addressable storage, which is far too small for a backup application so to back up at scale, customers need to deploy additional IaaS VMs, configure scale sets for availability and provision/manage backup storage, all of which adds to the overall TCO for backup. Also, as the name implies, it does not free the customer from infrastructure management which is a fundamental promise of moving to the cloud.
  3. Cloud as platform: Backup can be built in a PaaS model to deliver backup as a service and architected to provide a consistent management experience to both on premises infrastructure as well as backup for born-in-the-cloud applications (IaaS, PaaS, and SaaS). Since all the service infrastructure is owned and managed by the service, there would be no additional costs for the backup and there is complete freedom from managing infrastructure associated with backup. 

Azure Backup is architected from the ground-up as a first-class PaaS service in Azure as described in approach 3 and delivers on the cloud promises customers expect as they cloud transform their IT infrastructure. In addition, since it is a first-party service in Azure, it can also leverage other services in Azure to deliver value beyond backup scenarios. For example, rich monitoring and reporting using PowerBI or the capability to do advanced analytics on backup data in Azure.

Compelling backup scenarios enabled by the cloud first architecture

The cloud-first approach of Azure Backup provides unique benefits to customers which are either difficult or not possible in traditional approaches.

  1. Native Backup for IaaS/PaaS: Azure Backup seamlessly integrates with IaaS VM by providing an enable-backup experience in the VM blade itself. A VM extension is deployed when the customer chooses to enable backup and with a few clicks, the IaaS VM is configured for backup. Backup can also be enabled via ARM templates and it supports all the features of IaaS VMs such as disk encryption, premium disks etc. This capability will be extended for SQL Azure, Azure Files, and other Azure PaaS assets like WebApps and Service Fabric for a first-class backup experience in Azure.
  2. Restore as a service: One of the key concerns customers have when they store their backups in the cloud is the restore experience. There are egress costs, the time it takes to restore data back on premises and handling encryption requirements. Restore operation typically requires all the data has to be restored on premises or a restore appliance needs to be hydrated in the cloud to browse items from the cloud restore points. Azure Backup, restore-as-a-service feature uses a unique approach to mount a cloud recovery point as a volume and browse it to enable item-level-restore. The customer does not need to provision any infrastructure and the egress from Azure is free which are both unique value propositions of Azure Backup. This feature is currently available for IaaS VMS (Windows and Linux) and on premise Windows servers. The same capability for System Center Data Protection Manager and Microsoft Azure Backup Server will be available over the next few months.
    File Recovery using Recovery as a service
  3. Secure Cloud Backups: Azure Backup leverages Azure authentication services to provide multiple layers of security to secure cloud backups against malware attacks such as ransomware. While the predominant ransomware attacks are limited to infecting on-premises data, some of the more evolved ransomware attacks also target backup copies of the data. Typical infections include reducing backup retention, re-encrypting data, and deleting backup schedule/copies that are initiated from compromised machines.  Azure backup has several layers of protection to prevent and alert against such attacks.

Related links and additional content