Business Continuity with ABCC: Part 3: understand your protected items inventory
Published Jan 01 2024 08:57 PM 2,319 Views
Microsoft

Hello everyone!  This is Daya Patil back with the next part of our series on business continuity with ABCC. In our last session, we delved into using ABCC to understand the protectable resources inventory. Today, we're going deeper into exploring the inventory of protected items within ABCC.

 

Tailwind Traders case study

Tailwind trader has also recently configured Azure Site Recovery solution to protect their 40 VMware virtual machines to Azure. In this segment, we'll explore how John, Tailwind's BCDR admin, can achieve his upcoming objectives:

  • View protected items
  • Explore best practices for protection
  • Execute actions on protected items.

View protected items (protection status)

John heads to the Protected Items view in ABCC. Alternatively, he can access this view by clicking on the "Protection Status" tile located on the ABCC overview page. John is happy to see centralized & at scale view for overseeing their protection landscape, offering a unified perspective across various solutions. He sees a list of all the protected items across the supported solution across the subscription, resource groups, location, type, and so on, along with their protection status.

 

DayaPatil_0-1704171261012.png

 

Within the protected items view, John can find the protection details for each resource using the following information:

  • Summary cards displays count of total protected items and based on various states of protection. based on applied filters at the top of view. This summary changes based on applied filters at the top of view. These cards are clickable to help you further filter and view protected items with specific states.​
  • Protected status details view shows protection status for each protected item in primary region and secondary regions.​
    • Resource name: This displays the name of the underlying resource that is protected with a clickable value that directs to the resource blade for the specific resource.​
    • Protected item: Shows the name of the protected item.​
    • Configured solutions: Shows the names of solutions used for protecting the resource.
    • Protection status: Protected items should be recoverable in both the primary and secondary regions. Protection status in the primary region refers to the protection status in the region in which datasource is hosted, and protection status in secondary region refers to the protection status in paired or target region in which datasource can be recovered in case the primary region is not accessible.​

The protection status values can be: Pending protection (protection is triggered and is in-progress), Protection disabled (protection has been disabled, for example, protection is in soft-deleted state like in the case of Azure Backup) or Protection paused (protection is stopped; however, the protection data will be retained as per solution provider), or Protected. When the datasource is protected by multiple solutions (that is, Configured solutions >= 2), the Protection Status for an item is computed in the following order:

  • When one or more solutions indicate that the protection status is disabled, then the protected item status is shown as Protection disabled.
  • When one or more solutions indicate that the protection status is paused, then the protected item status is shown as Protection paused.
  • When one or more solutions indicate that the protection status is pending, then the protected item status is shown as Pending protection.
  • When all the configured solutions indicate that the protection status is protected, then the protected item status is shown as Protected.
  • If there's no protection for a datasource in primary or secondary region, then the protected item status for that region is shown as Not protected.
  • For example, if a resource is protected by both Azure Backup (with status Protection paused) and Azure Site Recovery (with status Protected), then the protection status for the region displays Protection paused.

 

DayaPatil_1-1704171261040.png

 

John finds all his 5 Azure Virtual machines protected with Azure Backup in primary region. John is curious about the protection status details in both the primary and secondary regions. He's uncertain if simply enabling backup for his resources is sufficient for adequate protection. Surprisingly, he discovers a best practice guideline that addresses all his uncertainties and doubts.

DayaPatil_2-1704171261050.png

 

He comprehends the significance of securing resources in both primary and secondary regions and acknowledges their direct impact on RPO (Recovery Point Objective) and RTO (Recovery Time Objective), as given below:

 

Protect your data and applications

To determine how often to back up data and where to store backups, you consider the cost of downtime and impact of access loss to data and applications for any duration, as well as the cost of replacing or recreating the lost data. To determine the backup frequency and availability decisions, determine recovery time objectives (RTOs) and recovery point objectives (RPOs) for each data source and application to guide frequency.

  • Recovery Point Objective (RPO): The amount of data the organization can afford to lose. This helps to determine how frequently you must back up your data to avoid losing more.
  • Recovery Time Objective (RTO): The maximum amount of time the business can afford to be without access to the data or application i.e., being offline or how quickly you must recover the data and application. This helps in developing your recovery strategy.

RTOs and RPOs might vary depending on the business and the individual applications data. Mission-critical applications mostly require microscopic RTOs and RPOs since, downtime could cost millions per minute.

A datasource is an Azure resource or an item hosted in Azure resource (e.g. SQL database in Azure VM, SAP Hana database in Azure Virtual Machine, and etc.). A datasource belonging to a critical business application should be recoverable in both primary and secondary region in case of any malicious attack or operational disruptions.

  • Primary region: Region in which datasource is hosted.
  • Secondary region: Paired or target region in which datasource can be recovered in case primary region is not accessible.

 

Customize the view

John notices similar couple of other options on the page to customize view like:

  • Filters: John utilizes filters to tailor the displayed information to your specific requirements. Available filters include - solution, datasource type, subscription, resource group, location etc.
  • Scope: John also notices the new scope feature in ABCC that enhances visibility into protection landscape across various platforms such as Azure and Hybrid environments. Clicking on “Currently showing: Azure managed Active resources change" he discovers a range of available options, including:​
    • Resources managed by:​ Azure, non-Azure
    • Resource status:​ Active, deprovisioned resources
    • Protected item details -
      • Protection status details: This category pertains to protection status of protected item in primary and secondary regions.
      • Retention details: Under this category, you will find comprehensive information about the retention of protected items. It delves into the specifics of how long data is retained.

DayaPatil_3-1704171261058.png

 

  • Search:  John could also search by specific item name to get information specific to it.
  • Select columns:  Use Select columns from the menu available at the top of the views to add or remove columns.

John is excited to discover that ABCC extends beyond Azure resources, providing protection data for non-Azure / hybrid resources as well. This revelation significantly eases his task of managing these resources, eliminating the need for separate management tools. With enthusiasm, John narrows down the scope to non-Azure resources and witnesses VMware virtual machines successfully replicating to Azure through Azure Site Recovery.

 

DayaPatil_4-1704171261072.png

 

View protected items (retention details)

John aims to ensure that the retention of the protection data is configured as per the organization rules based on the compliance standards that they follow. Seeking to understand the configured retention on each item, he identifies an option within the scope to obtain comprehensive retention information for all items at once. Opting for the retention details view from the scope, he can now efficiently review this data without delving into each individual policy used for protection configuration.

He chooses the retention details view from scope, and on select, the view loads the retention information for protected items. The Protected items retention table shows the retention details for each protected item in the primary and secondary regions. 

  • Resource name: This displays the name of the underlying resource that is protected with a clickable value that directs to the resource blade for the specific resource. 
  • Protected item: Shows the name of the protected item. 
  • Configured solutions: Shows the names of solutions used for protecting the resource. 
  • Retention in primary region – Shows the retention configured for an item’s protection data in primary region 
  • Retention in secondary region – Shows the retention configured for an item’s protection data in secondary region. 

 

DayaPatil_5-1704171261100.png

 

View protected item details

John wants to explore further details for protection by each solution used to protect the resource. He clicks the item name or can select the more icon  > View details action menu to navigate and view further details for an item.

 

DayaPatil_6-1704171261123.png

 

On the item details view, John gets to see more information for item, coming from provider as is like protection state, latest recovery point in both regions etc.

 

DayaPatil_7-1704171261136.png

 

The view also allows John to add more columns using the “select columns” along with the option to change the default view using the scope picker from Currently showing: Protection status details, select Change.

 

DayaPatil_8-1704171261151.png

 

To change the scope for item details view from the scope-picker, select the required options:

  • Protection status - protection status of the protected item in primary and secondary regions
  • Retention details - retention details for protected items
  • Security posture details - security details for protected items
  • Alert details - alerts fired details for protected items

 

Perform actions

John is delighted to find all protection-related information consolidated in one location, along with the flexibility to switch between options seamlessly. As he explores further, he discovers the array of core actions available within the protected items view, allowing him to execute various operations:

  1. The menu available at the top of the view for actions like configure protection, recover, and so on. Using this option allows you to select multiple data sources.

DayaPatil_9-1704171261165.png

 

  1. The menu on individual items in Protected items view. This option allows you to perform actions for the single resource.

DayaPatil_10-1704171261197.png

 

  1. When Solutions filter is set to ALL, common actions across the solutions are available on the item like
    • Enhance protection – Allows you to protect the items with the other solutions than the ones that are already used to protect the item.
  • Recover – Allows you to perform the available recovery actions for the solutions with which the item is protected, that is, configured solutions.
  • View details – Allows you to view more information for the protected item.
  1. Choose a specific solution in the filter and notice solution specific actions command bar (appears over the protected items table and on the Protected item) by selecting the more icon  corresponding to the specific item.

DayaPatil_11-1704171261217.png

 

Learn about the view

Like other view, John sees the presence of built-in assistance within ABCC under the "Help" menu. Upon clicking, he discovers that it covers:

  • Business Continuity Center: Offers a concise brief of ABCC, detailing its various views and the objectives of each view.
  • the current view: Provides comprehensive information about the current view, offering insights into its components such as filters, tiles, scope, columns, values, and more.

 

John is excited to discover direct guidance on utilizing ABCC within the portal, removing the necessity of constantly referring to documentation for minor queries.

 

Completing his exploration of protection inventory, John leverages the protectable and protected items view in ABCC. In the next article, we'll delve into John's journey of comprehending the security coverage for the protected items utilizing ABCC.

 

Stay tuned………………

Co-Authors
Version history
Last update:
‎Jan 01 2024 08:57 PM
Updated by: