Backup: How Operational Management Suite (OMS) keeps customers safe on Azure
Over my first year working at Microsoft, it has been very clear that we are doing everything that we can to really be the go-to Cloud Service Provider (CSP) for customers when it comes to all types of Cloud based services. Now that Azure Government is available, we are trying to do the same for the Public Sector community.
However, not everyone is ready to throw all of their eggs into the proverbial Azure basket or to start leveraging some of the more cutting edge services like Platform as a Service (PaaS) or Software as a Service (SaaS). So in that vain, Public Sector customers that may be a little more leary of the Cloud and its Services, will find it much easier to get their feet wet with Infrastructure as a Service (IaaS), which can be found very prominently in Azure Government.
Unlike other CSPs, Azure Government has a suite of services that will absolutely help you manage and maintain your IaaS deployments. It is called the Operational Management Suite (OMS). OMS should make you feel much more comfortable that Microsoft is putting together a Cloud environment that is designed for Public Sector, not just for providing IaaS based resources, but also supporting services, that can help you feel secure about your investment with Microsoft. The specific services that I am referring to are the following:
- Site Recovery
- Monitoring / Log Analytics
For the most part, the services that make up this suite are pretty straight forward, but they can take a significant burden off of your IT department by providing better security and operational efficiency and doing so in a very cost effective way. Implementing OMS will save your IT department time and money, there by allowing them to learn and work on new projects that they may not have time for today.
There is one other thing that really makes Microsoft stand out with respect to our IaaS based offerings and it will make you feel even more secure about your investment with Azure. All of these services are Hybrid and Multi-Cloud aware. What exactly do I mean by this? I mean that you can leverage all four of these services, no matter where your VMs are located:
The reason that this is true is because although the service that is being leveraged may be sitting in Azure, the interaction with that service is managed through an agent/extension that is installed on the VM and the only requirements for the agent/extension is that the VM has one of the supported OS’s installed on it. By going down this path, you have the ability to really move into the Cloud at your own pace while continuing to leverage all of the same services to manage and maintain both types of infrastructure.
I consider this to be an extremely important point for those customers in Public Sector, much more so than some of our commercial customers. Many, if not all, of the Public Sector will continue to maintain some level of On-Premises infrastructure because of the secure nature of some of your data and/or applications. That is completely understandable, but wouldn’t it be good for you to be able to at least offload the configuration management of those On-Prem VMs? Or maybe you don’t want to have to maintain a SAN to store VM backups? Each of these are just a couple of the reasons why the Hybrid capabilities within OMS can be very meaningful and cost effective.
With all of this as a backdrop, lets talk about each of the individual services and explain the value that you get from using them.
Services – Backup
This service is the easiest one to discuss as it is a primary requirement for every VM no matter what its function. Azure Backup provides a Backup/Restore function by either allowing for a VM “snapshot” or Files/Folders level Backup within a VM no matter which OS is installed. This is all controlled through the centralized & shared Azure Backup Service where the majority of the work to handle job scheduling, data storage, retention policies, as well as backup/restore level logic (what should be backed up and what shouldn’t, etc.) is handled.
NOTE: Not everything with respect to the Azure Backup service can be controlled or managed through the Azure Portal as shown above. If you need your VMs to be configured for File/Folder level backups, then you will need to login to the VMs manually and specify exactly which Files and/or Folders should be managed by the Azure Backup service by configuring the Azure Backup agent that is installed on the VM.
By delivering a centralized service that handles almost all of the processing required to provide the required functionality, there is a huge reduction in load on the VM itself in comparison to most on-premises level Backup/Restore services, such as Acronis, Symantec, or Backup Assist. This allows for jobs to run on the VM throughout any time of the day without the process affecting the performance of the VM. How is this exactly accomplished, you might ask. Here is a typical workflow for when a VM based Backup is actually being processed and where the processing is actually occurring.
- Based on Job Start Time, Azure Backup Service sends request to each VM registered within the Policy
- VM sends a list of all items within its connected drives (File Names, Date Last Modified, File Sizes, etc.)
- Azure Backup Service does a comparison between recent list with list from the last successful Backup
- Azure Backup Service sends request to VM for only files/folders that have changed within each drive based on last successful Backup
- VM sends each file that was requested to Azure Backup Service
- Azure Backup Service stores all updated Files/Folders along with updated meta-data list along side of all other incremental backups
As you can see, the VM has a much smaller role in the Backup/Restore process when using the Azure Backup service which means that the process itself can pretty much happen at any time of the day without fear that it will adversely affect the VM. This also does mean, that Backup Jobs as a whole do tend to take longer as there is no longer a requirement for them to be completed within short time windows.
For a more detailed understanding of everything that makes up the Azure Backup service, please see the following documentation on the Azure website: https://azure.microsoft.com/en-us/documentation/services/backup/
Hopefully, you can start to see how OMS would be a benefit to Public Sector customers even if they are still primarily still using On-Premises Data Centers. The offloading of day to day required services by reducing costs and increasing efficiency should be very tempting, especially if there are no major security or privacy concerns.
In my next post, I will focus on the Site Recovery and Automation Services and then my last post will focus on the Log Analytics Service, which is definitely my favorite to talk about and demonstrate.