Image-Based Backup Plan

Image-Based Backup is a backup of an entire operating system with all the data associated with it including the system state and all the application configurations including application data saved in a single file called "image".

With this feature, you can restore the operating system onto your users' computers straight from the system image file as it was at the moment of the last run of the image-based backup plan. Currently, the image-based backup plan is the most reliable way to back up everything on a computer. Image-based backup is an efficient tool to prevent the consequences of system crashes on servers and workstations.

This chapter covers the following topics:

Objects Excluded from Backup by Default

To reduce the backup size, the following objects are excluded by default from the backup:

Path
\System Volume Information*{3808876B-C176-4e48-B7AE-04046E6CC752}
\Pagefile.sys
\hiberfil.sys
\swapfile.sys
\Windows\Temp
\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\Cache
\Users*\AppData\Local\Temp
Data folder of MSP360 backup (mbs or standalone data folder)
\Windows\SoftwareDistribution\Download

Create Image-Based Backup Plan

To Create an Image-Based Backup Plan

  1. Open the Management Console.
  2. On Computers select Remote Management if you use legacy main menu, or open Backup > Computers page in the new main menu.
  3. Find the required computer, then click the Configure icon in the Backup Plan Status column.
  4. On the side panel, click + or +Add New Plan, then select the Image-Based item.
  5. Follow the backup wizard steps.

Backup Wizard steps:

Plan Name

Name the backup plan.

Click Next.

Where to Back Up

Select the target backup storage for the backup plan. If no storage accounts are available, create a new one. Refer to Add New Storage Account to learn how to do it.

It is not recommended to keep image-based backups in long-term storage. Note that long-term storages have several limitations: in the case of a restore, data retrieval can take up to several hours and retrieval charges may apply. Also, keep in mind that in some cases your backup data can be moved to long-term storage according to lifecycle policies. Learn more about lifecycle policies:

Click Next.

What to Back Up

Select partitions to back up.

The following options are available:

  • Back up only system-required partitions. Select this option to back up only partitions with operating system files and boot sectors
  • Back up all partitions. Select this option to include all available partitions at the moment of backup
  • Back up all fixed drives. Select this option to include all fixed drives at the moment of the backup plan execution. All drives except for removable media are to back up

If this option is selected, all connected fixed drives (e.g., physical drives attached to the mainboard, iSCSI LUN, virtual machine disks (inside the guest OS), virtual disk files (.vhd/.vhdx) mounted/attached to the OS at the moment of the backup plan execution will be backed up with success status reported. Thus, if some drives are disconnected for some reason or some drives are added, they all will be backed up 'as is'.

All removable drives (i.e USB flash drives, USB-connected portable HDDs) are not included in the backup plan

  • Back up selected partitions only. Select this option to configure the partition list manually

In case you intend to restore the backup dataset along with the operating system, note that selected partitions must include all system volumes as they contain the information which is necessary for loading the operating system. Without backing up these volumes, you will not be able to restore your disk image and load the operating system

For each partition you can configure two options:

  • Use VSS. With this option enabled, a Volume Shadow Copy Service is applied for the volume at the moment of backup plan execution
  • Keep BitLocker. For BitLocker-encrypted volumes, the Keep BitLocker option is selected by default. This means that the BitLocker-encrypted volumes will be backed up 'as is'. With the Keep BitLocker option disabled, volumes will be backed up encrypted with the proprietary encryption

Note that if you have system partitions encrypted with BitLocker, it is highly recommended not to use BitLocker encryption to back them up. Instead, you can use the built-in encryption of Backup for Windows.

This recommendation comes because image-based backups can be corrupted if a partition is BitLocker-encrypted. For these partitions, VSS (Volume Shadow Copy) is not available. This can cause the following issues on restore: the operating system may not start properly and result in a BSOD message BAD_SYSTEM_CONFIG_INFO

Click Next.

Advanced Options

Specify the advanced options for the backup plan, exclude unnecessary contents.

To exclude specific files and folders, select the Exclude Files/Folders check box, then specify the path to the object to exclude. Note that the disk labels must be capitalized (Example: C:\trash).

Note: Available advanced options depend on selected backup storage

  • Ignore bad sectors. Select this check box to bypass any damaged/corrupted sectors on backup source disks. Even in case the volume with bad sectors is restored, these sectors will become empty sectors, and you will not be able to read any files that were allocated in these sectors.
  • Disable VSS, use direct access to NTFS volume. Select this check box to disable Volume Shadow Copy Service (VSS). This option may be required when a disk is not used for writing operations and does not have sufficient space to create a VSS snapshot. Basically, this applies to system volumes

Note that the enabled Disable VSS, use direct access to NTFS volume option overrides the Use VSS settings made on the What To Back Up step

  • Use system VSS provider. Select this check box to use the system default VSS provider. It is recommended to use it in case of the presence of any third-party VSS providers installed that may interfere with the proper processing of VSS snapshots made by MSP360 (CloudBerry) Backup

  • Prefetch block count. Specify the maximum block number stored in memory for each disk volume (cache). Consider, by default you will see the recommended optimal value in this field. It is not recommended to change it. You can only use this field for testing purposes, if this is recommended by technical support.

A block is a minimum unit of information that can be processed at a time when preparing a backup.

When you need to perform a block-level backup over a disk containing several terabytes of data, you can speed up the backup processing by increasing the block size (see below).

  • Block size. Specify the amount of data to process at a time. Consider, by default you will see the recommended optimal value in this field. It is not recommended to change it.

    • 128 Kb
    • 256 Kb
    • 512 Kb
    • 1 Mb (default).

  • Use S3 Transfer Acceleration (available only for Amazon S3). Use this option to accelerate file transfer for an extra fee. The target bucket must have this feature enabled. Select this check box if you want to use the data transfer acceleration service provided by Amazon. To learn more, refer to the Amazon S3 Transfer Acceleration documentation
  • Select the Amazon S3 storage class to be used in the backup plan in the Storage Class drop-down menu (available only for Amazon storage backup destinations)
  • Select the S3 storage class for the backup plan (available for Amazon S3 only). You can use different storage classes for different backup needs. Learn more about Amazon S3 storage classes:

  • Archive Blob Storage (available only for Azure Blob Storage backup storage). . This is a low-cost storage option for infrequently accessed data. As opposed to hot and cool storage tiers, retrieving data from an Archive Blob Storage may take up to several hours
  • Cool Blob Storage (available only for Azure Blob Storage backup storage).The cool storage tier has lower storage costs and higher access costs compared to hot storage. This tier is intended for data that will remain in the cool tier for at least 30 days.

Note that this feature is only supported for General Purpose v2 Azure accounts. If you are using another account type, you need to upgrade your account to be able to use this feature

Be aware of the additional charges and increased blob access rates after your Azure account upgrade

To learn more about the difference between Azure storage tiers, refer to the Azure Blob Storage - Hot, cool, and archive storage tiers article at docs.microsoft.com.

Compression & Encryption

Specify compression and encryption options for the backup plan.

The following options are available:

  • Select the Enable compression check box to compress backup source contents for optimal backup storage space usage

  • To protect your backup contents with encryption, select the Enable encryption check box. Application supports AES encryption of 128, 192 and 256 bit key length. Select the appropriate key length in the Algorithm drop-down menu

  • Specify the encryption password in the Password field, then confirm the password in the Confirm field. Mind to keep the encryption password in a safe place. Pay attention, if Password Recovery Service is not enabled in the Management Console, then if the encryption password is lost or forgotten, the encrypted backup cannot be restored.

  • In the Hint field, specify some information that could help to recall the password in case you forget it

  • Use Server Side Encryption (available for Amazon S3 storage accounts only). Select this check box to enable encryption of your backup content if you use Amazon cloud storage. Note that the user should have enough permissions to access backup data.

Note that the encryption password will NOT be stored in the backup plan configuration for security reasons. Keep this password in a safe place to be able to restore the backup contents afterward

Click Next.

Consistency Check and Restore Verification

Enable or disable the full consistency check and restore verification for the backup plan.

Full consistency check implements checks of data integrity for all generations (full and incremental backup sequences) with the exception of the current generation check, which is the subject of a mandatory consistency check. A mandatory consistency check is performed at each backup plan run.

After the successful full consistency check, a user can be sure that backed up data is ready to be restored.

Also, you can configure the Restore Verification.

Restore verification is an auxiliary restore plan that retrieves only necessary backup parts from backup storage, mounts a Hyper-V virtual machine on the fly, then performs a system logon.

Since there is no need to download the whole backup dataset to make sure the disk image backup is valid and can be guaranteed for restore, the restore verification does not take much time.

You can run the Restore Verification for incremental backups only, full backups only, or for all backup runs.

Along with the Restore Verification running mode, customize the Hyper-V auxiliary virtual machine configuration to run the Restore Verification (screenshot interval,number of virtual processors, RAM).

Configure the failure handling. Specify the period after which the Restore Verification will be terminated with an error report. By default, this period is 60 min.

Click Next.

Schedule Options

Specify the backup plan schedule settings.

The following schedule options are available:

The following options are available:

  • Select the No schedule option to run the backup plan manually
  • Select the Forever Forward Incremental option to apply the Forever Forward Incremental (FFI) schedule, then specify the schedule parameters
  • If you want the backup plan to run incremental backups on a constant periodic basis, select the Recurring (incremental) option, click Edit, then specify the settings for incremental backup plan runs
  • If you want the backup plan to run full backups on a constant periodic basis, select the Execute full backup (synthetic full if possible) option, click Edit, then specify the settings for full backup plan runs
  • To stop the backup plan in case if it continues suspiciously long, select the Stop the plan if it runs for... option, then specify the backup plan's maximum duration
  • Select the Run Missed Scheduled Plan Immediately When Computer Starts Up option to run the plan that was not executed while the computer was down.

It is recommended to schedule full backup at least once every 3 months for selected schedule

Recurring Schedule for Incremental Backups

You can set the periodic run intervals for incremental backups. Specify if the full backup plan runs on a daily or monthly basis, then specify the recurrence parameters and start time. Click Save. You can check your settings on the bottom of the step page.

Recurring Schedule for Full Backups

You can set the periodic run intervals for incremental backups. Specify if the full backup plan runs on a daily or monthly basis, then specify the recurrence parameters and start time. Click Save. You can check your settings on the bottom of the step page. In case you want to enable GFS on the next step, you should configure a full backup runs accordingly.

Click Next.

Retention Policy, Intelligent Retention, GFS, and Object Lock (Immutability)

Specify the retention settings for the backup plan.

The following options are available:

  • Use default options specified for the whole product. Select this option to apply the default retention policy settings. You can see them below, but cannot edit if this option is selected
  • Specify custom retention policy for backup plan. Select this option if you want to customize the retention policy settings for this backup plan
  • Do Not Purge.
  • Keep. Select this check box if you want to keep the last file version in backup storage regardless if it is deleted in a backup source

GFS Settings

To apply the GFS retention policy, select the Enable GFS check box, then specify the GFS retention settings.

Learn more about GFS retention settings in the GFS Examples chapter

Object Lock (Immutability)

Object Lock (Immutability) is linked to the GFS retention policy. If the Object Lock (Immutability) is applied along with GFS settings, full backups that are subject to the GFS retention policy become immutable for the GFS keeping period.

Select the Enable Immutabulity check box, then confirm the use of this feature.

Note that under some circumstances, the use of the Object Lock (Immutability) feature can be subject to high storage bills since there is no possibility to delete the immutable backup until the GFS keeping period expires

Retention Policy with Forever Forward Incremental Schedule

If on the Schedule step you selected the Forever Forward Incremental schedule, the Retention Policy step has different settings.

The Keep backup for value defines the period Restore Points with the Forever Forward Incremental schedule are kept. If their retention period expires, these Restore Points are merged into a full backup (with Forever Forward Incremental only one full backup is kept on backup storage).

Enable the **Intelligent Retention option (highly recommended). Intelligent Retention is based on the following approach: each time the backup plan is executed, backup storage parameters are checked and the retention period for the full backup is set in such a way that it is kept on backup storage for the minimum period based on the storage provider data deletion conditions. Analysis of backup storage parameters is performed automatically, you do not need to do anything.

Learn more about Intelligent Retention in the Intelligent Retention chapter

Click Next.

Pre/Post Actions

Specify the actions to be executed before and/or after the backup plan run.

  • Select Synchronize local repository with backup storage before plan runs check box if you want your locale repository database to be synchronized with the backup storage
  • To specify the action that will be performed before the backup plan starts, select Execute this command before backup runs: check box.
  • In the field below, specify the path to the script to be executed before the backup plan.
  • Specify the conditions of the script's execution:
    • Exit backup if pre-backup action fails option if you do not want the backup plan to run if the pre-backup script fails
    • Select the Continue backup plan if pre-backup action failed option if you want the backup plan to run regardless of the pre-backup script execution result
  • To specify the action that will be performed after the backup plan is completed, select Execute this command after backup completes: check box
    • Select the Execute post-backup action if backup has been successfully completed option if you want to run it only if the backup plan is successfully completed
    • Select the Execute post-backup action in any case (regardless of the backup result) option if you want the script to execute regardless of the backup plan execution results
  • To chain the backup plan with another plan, select Execute following plan after backup completes: check box, then select the plan name in the drop-down menu
    • Select the Execute the specified plan only if backup has been successfully completed option if you want to run the specified plan only if the backup plan has been successfully completed
    • Select the Execute the specified plan regardless of the backup result option if you want to run the chained backup plan regardless of the current backup plan execution results.

Click Next.

Notifications

Specify notification settings for backup plan results. You can use the company notification settings or customize them as needed: specify the required recipients and customize the notifications on different backup plan results: Success, Failure, Warning.

Select User receives a notification email when backup completes if you want to notify your users about the backup plan results. You can select whether users will be notified about backup failure or any backup result.

If you want the backup plan record to be added to Windows Event Log, select Add entry to Windows Event Log when backup completes check box

  • Select the When backup fails option if you want to receive the notification message in case of the backup plan failure
  • Select the In all cases option if you want the entry to be put in Windows Event Log in any case.

Click the Next, then click Save to finish the wizard.

Run Backup Plan

To Run the Existing Backup Plan

  1. On Computers select Remote Management if you use legacy main menu, or open Backup > Computers page in the new main menu.
  2. Find the required computer, then click the Configure icon in the Backup Plan Status column.
  3. On the side panel, find the plan to run, then click on it.
  4. Click the Play button.

Force Full Backup

To Force Full Backup

  1. On Computers select Remote Management if you use legacy main menu, or open Backup > Computers page in the new main menu.
  2. Find the required computer, then click the Configure icon in the Backup Plan Status column.
  3. On the side panel, find the plan to run, then click on it.
  4. Open the drop-down menu next to the Play button, then click Force Full Backup.

To configure regular full backup settings, refer to the Schedule step of the backup wizard

Edit Backup Plan

To Edit the Existing Backup Plan

  1. On Computers select Remote Management if you use legacy main menu, or open Backup > Computers page in the new main menu.
  2. Find the required computer, then click the Configure icon in the Backup Plan Status column.
  3. On the side panel, expand the plan you want to edit, then click Edit.
  4. Once you made the required changes, click Save.

Clone Backup Plan

To Clone the Existing Backup Plan

  1. On Computers select Remote Management if you use legacy main menu, or open Backup > Computers page in the new main menu.
  2. Find the required computer, then click the Configure icon in the Backup Plan Status column.
  3. On the side panel, expand the plan you want to clone, then click Clone.
  4. In the field below, specify the name of the plan clone.
  5. Click Save.

Delete Backup Plan

To Delete the Existing Backup Plan

  1. On Computers select Remote Management if you use legacy main menu, or open Backup > Computers page in the new main menu.
  2. Find the required computer, then click the Configure icon in the Backup Plan Status column.
  3. On the side panel, expand the plan you want to delete, then click Delete.
  4. In the dialog box, click OK to confirm the deletion.
https://git.cloudberrylab.com/egor.m/doc-help-mbs.git