0% found this document useful (0 votes)

75 views

HYCU For Azure User Guide

Uploaded by

Ratnodeep Roy

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

75 views

HYCU For Azure User Guide

Uploaded by

Ratnodeep Roy

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 88

USER GUIDE

HYCU Data Protection

as a Service for Azure

Service update date: December 2021
Document release date: December 2021
Legal notices
Copyright notice
© 2021 HYCU. All rights reserved.

This document contains proprietary information, which is protected by copyright. No part

of this document may be photocopied, reproduced, distributed, transmitted, stored in a
retrieval system, modified or translated to another language in any form by any means,
without the prior written consent of HYCU.

Trademarks
HYCU logos, names, trademarks and/or service marks and combinations thereof are the
property of HYCU or its affiliates. Other product names are the property of their respective
trademark or service mark holders and are hereby acknowledged.

Azure®, Microsoft®, Microsoft Edge™, and Windows® are either registered trademarks or
trademarks of Microsoft Corporation in the United States and/or other countries.

Google Chrome™ is a trademark of Google LLC.

Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Mozilla and Firefox are trademarks of the Mozilla Foundation in the U.S. and other
countries.

Disclaimer
The details and descriptions contained in this document are believed to have been accurate
and up to date at the time the document was written. The information contained in this
document is subject to change without notice.

HYCU provides this material "as is" and makes no warranty of any kind, expressed or
implied, including, but not limited to, the implied warranties of merchantability and fitness
for a particular purpose. HYCU shall not be liable for errors and omissions contained
herein. In no event shall HYCU be liable for any direct, indirect, consequential, punitive,
special or incidental damages, including, without limitation, damages for loss and profits,
loss of anticipated savings, business interruption, or loss of information arising out of the
use or inability to use this document, or any action taken based on the information
contained herein, even if it has been advised of the possibility of such damages, whether
based on warranty, contract, or any other legal theory.

The only warranties for HYCU products and services are set forth in the express warranty
statements accompanying such products and services. Nothing herein should be
construed as constituting an additional warranty.

2
Notice
This document is provided in connection with HYCU products. HYCU may have copyright,
patents, patent applications, trademark, or other intellectual property rights covering the
subject matter of this document.

Except as expressly provided in any written license agreement from HYCU, the furnishing of
this document does not give you any license to these patents, trademarks, copyrights, or
other intellectual property on HYCU products. Use of underlying HYCU product(s) is
governed by their respective Software License and Support Terms.

Important: Please read Software License and Support Terms before using the
accompanying software product(s).

HYCU
www.hycu.com

3
Contents
1 About HYCU for Azure 8
Key features and benefits 9

Data protection environment overview 10

HYCU for Azure data protection 11

2 Starting with HYCU for Azure 12

Service pricing 12

Backup and recovery pricing 13

Subscribing to HYCU for Azure 14

Signing in to HYCU for Azure 16

3 Establishing a data protection environment 18

Determining the scope of data protection 20

Setting up targets 20

Adding a storage account to HYCU for Azure 21

Defining your backup strategy 22

Taking advantage of predefined policies 23

Creating a custom policy 23

Creating a backup window 26

Creating a data archive 28

Setting a default policy 30

Setting up automatic policy assignment 30

Configuring backup options 31

Allowing the restore of files by tagging the virtual machine in Azure 33

Enabling access to virtual machines 33

4 Protecting virtual machines 36

Backing up virtual machines 36

Restoring virtual machines 37

Restoring a virtual machine 38

4
Cloning a virtual machine 39

Restoring virtual machine disks 42

Cloning virtual machine disks 43

Exporting virtual machine disks 44

Restoring individual files 45

5 Performing daily tasks 48

Using the HYCU for Azure dashboard 49

Checking the status of tasks 50

Viewing events 50

Configuring event notifications 51

Creating email notifications 52

Creating webhook notifications 52

Using HYCU for Azure reports 54

Getting started with reporting 54

Viewing reports 56

Generating reports 56

Scheduling reports 57

Exporting and importing reports 58

Viewing virtual machine details 58

Viewing the backup status of virtual machines 60

Tier statuses 60

Filtering data 61

Applying the main filter 61

Applying the detail filter 61

Filtering options in the Virtual Machines panel 62

Filtering options in the Policies panel 63

Filtering options in the Targets panel 63

Filtering options in the Tasks panel 63

Filtering options in the Events panel 64

Managing targets 65

5
Viewing target information 65

Editing a target 66

Activating or deactivating a target 67

Removing a target 67

Managing policies 67

Viewing policy information 68

Editing a policy 68

Deleting a policy 68

Performing a manual backup 69

Expiring backups manually 69

6 Customizing HYCU for Azure 71

Managing roles 71

Changing a role 72

Changing the default role 73

Deleting a user 73

Configuring service principals 73

Adding a service principal 74

Setting the active service principal 74

Editing a service principal 75

Deleting a service principal 75

Managing protection sets 75

Creating a protection set 75

Editing a protection set 76

Adding a resource group to a protection set by using tags 76

Removing a protection set 77

Managing HYCU for Azure subscriptions 77

7 Canceling your HYCU for Azure subscription 79

8 Troubleshooting 81

A Deploying a HYCU backup controller 83

6
Accessing the HYCU web user interface 85

7
Chapter 1

About HYCU for Azure

HYCU Data Protection as a Service for Azure (HYCU for Azure) is a fully managed backup
and recovery service for Microsoft Azure that is specifically designed to make data
protection as simple and cost-effective as possible, to improve your business agility, and to
bring unified security, reliability, performance, and user experience.

Figure 1–1: Introduction to HYCU for Azure

8
1 About HYCU for Azure

Key features and benefits

The following features make HYCU for Azure a solution that can transform your business—
achieving complete compliance and data protection:
l Protection against data loss
Delivers native data protection for Azure virtual machines and ensures data consistency
and easy recoverability.
l Data protection in a few minutes
Data protection for virtual machines can be enabled in a few minutes after you
subscribe to HYCU for Azure, with no deployment and configuration concerns.
l Predefined policies and options for policy customization
Simplifies implementation of data protection by providing predefined policies and
includes options for policy customization that can address your special data protection
needs.
l Scheduled backups
Automatic backup scheduling provides data protection based on your recovery point
objectives (RPOs).
l Low impact on the environment
Agentless architecture reduces backup load on production virtual machines. In
addition, backup windows enable you to completely avoid the impact of backup activity
on your production environment during peak hours.
l Use of data archives
When you create an archive of data, you ensure your data is isolated from your current
activity and safely stored for future reference.
l At-a-glance overview of the data protection environment
The HYCU for Azure dashboard helps you to identify potential problems and
bottlenecks to improve the performance of your data protection environment.
l Restore of individual files
A possibility to restore one or more files to the original or a different location on the
virtual machine, or to a target is an alternative to restoring the entire virtual machine.
l Integration with the Azure billing system
Cost of data protection is billed by Microsoft through existing subscriptions, without
requiring you to provide additional billing information.
l Business continuity of your data protection environment across different
infrastructures
HYCU Protégé ensures data resilience by using the SpinUp functionality to migrate
protected data between the on-premises and Azure infrastructures. In the event of a
disaster in your on-premises environment, HYCU Protégé provides disaster recovery of

9
1 About HYCU for Azure

data to cloud. For details on the supported on-premises infrastructures and how to
employ HYCU Protégé, see HYCU for Enterprise Clouds documentation.

Data protection environment overview

The data protection environment consists of the following components:

HYCU for Azure web user An interface for protecting virtual machines and managing the
interface data protection environment.

Containers that include resources managed as a group—

Resource groups
virtual machines, targets, and temporary resources.

Storage accounts that HYCU for Azure uses for storing backup

Targets
data. Backup data can also be stored as snapshots.

Resources to which you can assign a policy and for which you
therefore provide data protection. Data is always protected at
Virtual machines
a granular level, allowing you to restore either the entire
virtual machines, individual disks, or individual files.

Virtual machines and disks that HYCU for Azure creates

Temporary resources
automatically for data protection purposes.

The following figure shows the data protection environment and its components:

Figure 1–2: HYCU for Azure architecture

10
1 About HYCU for Azure

HYCU for Azure data protection

With the HYCU for Azure data protection solution, you can be confident that your business
data is protected, which means that it is backed up in a consistent state, stored to a target,
and can be restored.

HYCU for Azure enables you to protect virtual machines. After you establish your data
protection environment, you can enable data protection by selecting the virtual machines
that you want to protect and assigning policies to them. After the backup is completed, you
can restore data from such a backup.

11
Chapter 2

Starting with HYCU for Azure

You can start protecting data after you perform the following tasks:

Task Instructions

Getting familiar with HYCU for Azure pricing

“Service pricing” below
concepts

Subscribing to HYCU for Azure “Subscribing to HYCU for Azure” on page 14

Signing in to the HYCU for Azure web user

“Signing in to HYCU for Azure” on page 16
interface

Service pricing
Because HYCU for Azure utilizes the Azure platform for its service needs, when you enable
data protection, you are charged for both the backup and recovery service and the
allocated resources it requires.

The total data protection cost is the sum of the following costs:

Figure 2–1: Data protection cost

Cost Details

Cost of backing up and restoring data. For details, see

Backup and recovery
“Backup and recovery pricing” on the next page.

Cost of storing backup data. The following factors are

Backup data storage
considered:

12
2 Starting with HYCU for Azure

Cost Details

l Target type (a snapshot or a storage account)

n Note If backup data is stored in an Azure storage

account, the cost may vary depending on whether you
are using a manually created storage account or an
automatically created one (StorageV2 by default).

l Access tier (hot, cool, or archive)

l Size of backup data
l Backup retention period
l Backup frequency
If you use a storage account as a target, the use of copies of
backup data and/or data archives is also considered.

Cost of temporary virtual machines and disks that HYCU for

Azure creates in Azure when performing the following tasks:
l Backing up virtual machines
l Restoring virtual machines or virtual machine disks
l Restoring individual files
Temporary resources l Performing maintenance operations

i Important The names of the temporary resources

that HYCU for Azure creates for data protection purposes
start with the hycuazure or hycu-azure prefix. Make sure
not to rename or delete any of them unless specifically
instructed to do so.

A HYCU for Azure subscription includes a 14-day free trial period. During this time, HYCU
does not charge you for the backup and recovery cost. The cost of backup data storage and
temporary resources is charged by Microsoft as usual.

For more details on pricing, see Azure Marketplace.

Backup and recovery pricing

HYCU for Azure backup and recovery pricing model provides you with the simplicity and
transparency of consumption-based pricing. At the end of your 14-day free trial period, you
are billed according to the software plan that you select when subscribing to HYCU for
Azure. For details on the software plans, see “HYCU for Azure software plans” on the next
page.

Pricing for data protection is based on the capacity of all disks belonging to protected
virtual machines and pricing tiers to which these virtual machines belong, within a monthly
billing cycle. A pricing tier to which a protected virtual machine belongs is determined when

13
2 Starting with HYCU for Azure

you assign a policy to the virtual machine. HYCU for Azure automatically associates the
virtual machine with one of the pricing tiers based on the value of the Backup every option
in the policy that defines how frequently data is backed up. For details on policies, see
“Defining your backup strategy” on page 22.

Depending on how frequently your data is backed up, each protected virtual machine
belongs to one of the following pricing tiers:

Virtual machine pricing tier Data backup frequency (in hours)

Platinum 1–3

Gold 4–11

Silver 12–23

Bronze Greater than or equal to 24

i Important If a virtual machine is deleted from Azure, but it still has at least one
valid restore point available, it is considered protected (its status is PROTECTED_
DELETED). HYCU automatically associates such a virtual machine with the Bronze pricing
tier and charges you for protecting only the included disks.

HYCU for Azure software plans

HYCU for Azure offers you the following software plans:
l Pay-as-you-go plan
Select this plan if you want to pay only for what you use for data protection each
month.
For details on the pay-as-you-go software plan, see Azure Marketplace.
l Token-based plan
Select this plan if you want to pay a fixed subscription fee. In this case, you pay for the
number of HYCU tokens that you plan to consume for data protection each month.
For details on the token-based software plan, contact your HYCU sales representative.

Subscribing to HYCU for Azure

You subscribe to HYCU for Azure online from Azure Marketplace and HYCU then
automatically activates the service for you. This is usually done by one user for an entire
organization.

Prerequisites
l You have an Azure account.
l You have the Contributor role assigned at the subscription level. This applies to all
Azure subscriptions that you plan to connect with HYCU for Azure.
For details on Azure accounts and subscriptions, see Azure documentation.

14
2 Starting with HYCU for Azure

Consideration
If you violate the terms of use of HYCU for Azure, HYCU may temporarily suspend the
service for your subscription. Your complete data protection environment is retained for
the duration of suspension, but you cannot use the service until the violation is resolved.

Procedure
1. In the Azure portal, click Marketplace, and then in the Search the Marketplace field,
type HYCU for Azure and press Enter.
2. Click the service entry, and then do the following:
a. From the Select a software plan drop-down menu, select the HYCU for Azure
software plan that best suits your business needs. For details on the software plans,
see “HYCU for Azure software plans” on the previous page.
b. Click Create.

3. On the Subscribe to plan page, provide the following information:

a. Enter a name for your service.

b. From the Subscription drop-down menu, select the Azure subscription that will be
connected with HYCU for Azure.

i Important You will be able to protect only the virtual machines within the
selected subscription.

c. Review the HYCU for Azure software plan and change it, if required.

d. Accept the terms of use by selecting the check box, and then provide the preferred
email address and phone number as contact information.
e. Click Subscribe.

4. Navigate to the Software as a Service (SaaS) page, and then, from the list of all services,
select the one to which you are subscribing.
5. Activate and configure your HYCU for Azure subscription. To do so, follow these steps:
a. Click Configure Account. The HYCU Data Protection as a Service for Azure
webpage opens.

t Tip An email notifying you that you must configure your HYCU for Azure
subscription is also sent to you. It contains a link to the HYCU Data Protection as
a Service for Azure webpage and you can follow this link to perform the
required action.

b. Click Sign up with Azure.

c. Specify the same Azure account as you used to initiate the process of subscribing to
HYCU for Azure.

15
2 Starting with HYCU for Azure

d. Provide the required information, taking into account that you must specify the
same subscription as you specified when subscribing to the service in the Azure
portal, and then click Submit.
You will receive an email confirming that you have successfully subscribed to HYCU for
Azure.
6. Navigate to Subscriptions and grant access to resources at the subscription scope by
assigning a role to the HYCU for Azure application:
a. Select the same subscription as you selected when subscribing to HYCU for Azure.

b. Click Access control (IAM), and then click Add > Add role assignment.

c. In the Add role assignment pane, do the following:

i. From the Role drop-down menu, select Contributor.

ii. From the Assign access to drop-down menu, select Azure AD user, group, or
service principal.

iii. In the Select field, enter HYCU for Azure.

iv. Click Save.

HYCU automatically creates a user account for the HYCU Customer Support portal for your
subscription and sends you an email notification about it. You can use this account to
submit requests to HYCU Customer Support.

Signing in to HYCU for Azure

After successfully subscribing to HYCU for Azure, you can sign in to the HYCU for Azure web
user interface.

Prerequisites
l You have the Contributor role assigned at the resource group or subscription level.
l You are using a supported web browser. For a list of supported web browsers, see the
HYCU for Azure Compatibility Matrix.

Procedure
1. Open a web browser and go to the HYCU Data Protection as a Service for Azure
webpage.
2. On the sign-in webpage, click Sign in with Microsoft.

3. Specify or select the email address of your Azure account. If you are not signed in with
this account yet, enter the password, and then click Next.
4. Review the permissions that will be granted to HYCU for Azure. If you consent to allow
HYCU for Azure to access data on your behalf, click Accept.
HYCU for Azure requires these permissions to perform actions such as creating
temporary resources for backup and restore purposes, accessing Azure virtual

16
2 Starting with HYCU for Azure

machines and their disks during the backup and restore processes, and creating
and/or accessing Azure storage accounts to store backup data. Keep in mind that the
permission for sending you notifications related to your subscription by email is
implied.

n Note You can at any time revoke the consent for HYCU for Azure by removing it
from the list of applications in Azure. For details on how to do this, see Azure
documentation.

After you sign in to the HYCU for Azure web user interface, the Dashboard panel appears
and you can start establishing your data protection environment and protecting data.

i Important You are automatically signed out of the HYCU for Azure web user
interface after 15 minutes of inactivity and any unsaved changes are lost.

17
Chapter 3

Establishing a data
protection environment
After you sign in to HYCU for Azure, you must establish a data protection environment in
which data will be effectively protected.

Consideration
Keep in mind that the role you have assigned determines what kind of actions you can
perform. For details on roles, see “Managing roles” on page 71.

Establishing the data protection environment involves the following tasks:

Task Instructions

“Configuring service principals” on

1. Recommended. Configure service principals.
page 73

“Determining the scope of data

2. Determine the scope of data protection.
protection” on page 20

3. Only if you plan to use manually created storage

accounts. Add an Azure storage account to “Setting up targets” on page 20
HYCU for Azure as a target.

4. Decide for predefined policies or create custom “Defining your backup strategy” on
ones. page 22

5. Only if you plan to run the pre-snapshot and post-

snapshot scripts, to exclude individual disks from the “Configuring backup options” on
backup, or to restore individual files. Configure page 31
virtual machine backup options.

6. Only if you plan to run the pre-snapshot and post-

“Enabling access to virtual
snapshot scripts, or to restore individual files. Assign
machines” on page 33
credential groups to virtual machines.

18
3 Establishing a data protection environment

The following flowchart shows the tasks that you need to perform to establish your data
protection environment:

Figure 3–1: Establishing a data protection environment

After the data protection environment is established, data protection can be accomplished
in several ways to fulfill your particular business needs.

19
3 Establishing a data protection environment

Determining the scope of data protection

An environment for which HYCU for Azure provides data protection consists of one or
more protection sets that join together Azure resource groups for which you have access
permissions within a subscription.

When you subscribe to HYCU for Azure, a default protection set is created automatically
and all the resource groups for which you have the required permissions are included in it.
Depending on your business needs, you can create additional protection sets, having in
mind that you must implement data protection for each of them individually. For details on
managing protection sets, see “Managing protection sets” on page 75.

If no multiple protection sets are available in your data protection environment, your data
protection scope is always the same and you can safely skip the procedure described in this
section.

n Note Only if multiple protection sets are available in your data protection environment.
The currently selected protection set has the  icon next to it.

Procedure
1. On the toolbar, click  next to the name of the selected protection set.

2. In the Protection Sets dialog box, from the Subscription drop-down menu, select the
HYCU for Azure subscription that contains the protection set for which you want to
perform data protection tasks.
3. From the list of available protection sets, select the scope of your data protection by
selecting the desired protection set.
4. Click Select.

The HYCU for Azure web user interface switches the context to the selected scope of data
protection. The protection set that you selected last is remembered for the next time you
sign in.

Setting up targets
Targets are locations where backup data is stored. HYCU for Azure allows you to define
either a snapshot or a storage account as a location for storing your backup data.

Target Description

Backup data is stored as a snapshot in an Azure resource group that

contains the virtual machine that you want to protect.

Snapshot n Note If snapshots created by HYCU for Azure are deleted from

Azure, you will not be able to restore backup data from this
location. However, you can still restore your data from targets if
copies of backup data or data archives exist.

20
3 Establishing a data protection environment

Target Description

Backup data is stored in an Azure storage account that you create

yourself or HYCU for Azure creates for you automatically:
l Manually created storage account:
You can create your own storage account in Azure and add it to
HYCU for Azure as a target. For instructions, see “Adding a storage
account to HYCU for Azure” below.
l Automatically created storage account:
HYCU for Azure creates an Azure storage account automatically
while backing up data and uses it as a target:
o The size of the automatically created targets is 50 TiB and you
can change it if required. For details on how to do this, see
Storage account “Editing a target” on page 66.
o For increasing restore speed and minimizing costs, these
targets are created in the same region as the virtual machines
you are backing up. The same target is used for storing the
backup data of multiple virtual machines where possible.

i Important Automatically created storage accounts are

reserved for storing the backup data. Make sure not to store
any other kind of data to them.

You can view all storage accounts added to HYCU for Azure as targets
in the Targets panel. The ones that are created automatically start with
the hycuazure prefix. You can use also these targets for storing your
backup data.

Adding a storage account to HYCU for Azure

Prerequisite
You have the Contributor role assigned at the storage account level. This applies to all Azure
storage accounts that you plan to add to HYCU for Azure as targets.

Limitation
HYCU for Azure does not support premium storage accounts.

Considerations
l When adding a storage account to HYCU for Azure as a target, you can choose to add
the storage account that belongs to the subscription associated with your current
HYCU for Azure session or a different Azure subscription to which you have access.

21
3 Establishing a data protection environment

l You can add the same target to multiple protection sets. In this case, keep in mind that
the status, health, and utilization of such a target might differ for each protection set
(depending on the data protection needs).
l If the amount of storage space required for storing backup data exceeds the value that
you specify when adding a storage account, HYCU for Azure automatically creates a
new storage account and uses it as a target.
l Only if the storage account connectivity method is not set to Public endpoint (all networks).
The virtual machine that you plan to protect must be in the same Azure Virtual Network
(VNet) as the storage account that you want to use as a target.

Accessing the Targets panel

To access the Targets panel, in the navigation pane, click  Targets.

Procedure
1. In the Targets panel, click  Add.

2. In the Size field, specify the amount of storage space that should be used for storing
backup data (in MiB, GiB, or TiB).
3. From the Select target list, select one or more storage accounts that you want to add to
HYCU for Azure as targets. You can also search for a storage account by entering its
name in the Search targets field.

i Important Storage accounts that belong to a subscription other than the one

associated with your current HYCU for Azure session are not listed under Select
target. If you want to add a storage account that belongs to a different subscription,
in the Search targets field, enter its name.

4. Click Save.

The target is added to the list of targets in the Targets panel. For details on managing
targets, see “Managing targets” on page 65.

Defining your backup strategy

HYCU for Azure enables you to schedule automatic backups to achieve the optimum level
of data protection based on your recovery point objective (RPO) and backup retention
requirements. Backups can be scheduled to start each time the specific number of minutes,
hours, days, weeks, or months has passed.

When defining your backup strategy, consider the specific needs of your environment and
the RPO that represents the maximum period of time for which data loss is considered
acceptable. For example, setting the RPO to 24 hours means that your business can
tolerate losing only data from the last 24 hours.

Decide which of the following policy approaches best suits the needs of your environment:

22
3 Establishing a data protection environment

Policy approach Description

You can use any of the predefined policies to simplify the data
Applying a predefined
protection implementation. For details, see “Taking advantage
policy
of predefined policies” below.

If none of the predefined policies meets the needs of your

Creating a custom policy environment, you can create a new policy and tailor it to your
needs. For details, see “Creating a custom policy” below.

If you consider one of the predefined or custom policies satisfies all data protection goals
of your environment, you can set such a policy as default. For details, see “Setting a default
policy” on page 30.

Taking advantage of predefined policies

When establishing a data protection environment, you can take advantage of the
predefined policies that provide a fast and convenient way of enabling data protection, and
cover the most common data protection scenarios.

Consideration
Predefined policies use targets that HYCU for Azure creates automatically for storing
backup data. For details on targets, see “Setting up targets” on page 20.

HYCU for Azure comes with the following predefined policies:

Predefined Back up data Keep snapshots Keep copies of

policy name every... for... backup data for...

Platinum 2 hours 1 day 1 week

Gold 4 hours 1 day 1 week

Silver 12 hours 1 day 1 week

Bronze 24 hours 2 days 1 week

If you want to exclude virtual machines from backups, you can use the Exclude policy.

Creating a custom policy

If the needs of your data protection environment are not covered with any of the
predefined policies, you can create a new policy and tailor it to your needs. In this case,
besides setting the desired RPO, the retention period for the backup data, and the target,
you can also enable one or more additional policy options for optimal policy
implementation.

23
3 Establishing a data protection environment

Policy option Allows you to...

Start all backup tasks within specified time frames to improve

Backup Window effectiveness and avoid an overload of your environment. For details,
see “Creating a backup window” on page 26.

Copy Create a copy of backup data.

Preserve your data for future reference. For details, see “Creating a data
Archiving
archive” on page 28.

Set up automatic assignment of policies to virtual machines based on

Tags tags that are added to virtual machines in Azure. For details, see
“Setting up automatic policy assignment” on page 30.

Prerequisites
l Only if you plan to select a manually created storage account. A storage account is added to
HYCU for Azure as a target. For instructions, see “Adding a storage account to HYCU for
Azure” on page 21.
l Only if you plan to enable the Backup Window policy option. A backup window exists. For
instructions, see “Creating a backup window” on page 26.
l Only if you plan to enable the Archiving policy option. A data archive exists. For instructions,
see “Creating a data archive” on page 28.
l Only if you plan to enable the Tags policy option. The virtual machine is tagged in Azure. For
details on how to do this, see Azure documentation.

Considerations
l HYCU for Azure automatically associates the resource with one of the pricing tiers
based on the value of the Backup every option that you set in the policy. However, if you
are storing data as a snapshot and have enabled the Archiving option, the pricing tier is
automatically set to Bronze regardless of the specified RPO.
l Only if you plan to select a manually created storage account for storing backup data. If there
is insufficient space on the selected target, an automatically created one will be used
instead.
l If you want your data to be stored as a snapshot and on a target, make sure to select
the Snapshot target and also enable the Copy policy option.
l Only if you plan to enable the Tags policy option.
o Tags that you specify in a HYCU for Azure policy must be unique within the selected
protection set. Using the same tag (both its name and value) in another policy in the
same protection set is not possible.
o The hycu-policy tag takes precedence over any other tag that might be added to
the virtual machine in Azure. For more information on the hycu-policy tag, see
“Setting up automatic policy assignment” on page 30.

24
3 Establishing a data protection environment

Accessing the Policies panel

To access the Policies panel, in the navigation pane, click  Policies.

Procedure
1. In the Policies panel, click  New.

2. Enter a name for your policy and, optionally, its description.

3. Add any of the following policy options to the list of the enabled options by clicking it:
l Backup (mandatory and enabled by default)
l Backup Window
l Copy
l Archiving
l Tags
4. In the Backup section, do the following:
a. In the Backup every field, set the RPO (in months, weeks, days, hours, or minutes).

n Note You can set the RPO to 30 minutes in the following cases:

l If you are storing data only as a snapshot.
l If you are storing data as a snapshot and have enabled the Archiving option.

For all other cases, the minimum RPO is one hour.

b. In the Retention field, set a retention period (in months, weeks, or days) for the
backup data.
c. From the Target drop-down menu, select a location for storing your backup data.
If you select the Automatically selected option, HYCU for Azure creates a storage
account in the region of the virtual machine and uses it as a target for storing the
backup data. If an automatically created storage account already exists, it is used
instead.
5. Depending on which policy options you have enabled, do the following:

Policy option Instructions

In the Backup Window section, from the Backup window drop-

down menu, select a backup window for backup tasks.
Backup
If you do not select any backup window, the Always option is
Window
shown, which means that your backups are allowed to run at any
time.

In the Copy section, do the following:

Copy a. Set a retention period (in months, weeks, or days) for the copy
of backup data.

25
3 Establishing a data protection environment

Policy option Instructions

b. From the Target drop-down menu, select a location that you
want to use for storing the backup data. If you select a manually
created storage account, make sure it is different from the one
you selected for the backup.
If you select the Automatically selected option, HYCU for
Azure creates a storage account in the region of the virtual
machine and uses it as a target for storing the copy of backup
data. If an automatically created storage account already exists,
it is used instead.

In the Archiving section, from the Data archive drop-down menu,

Archiving
select a data archive.

In the Tags section, enter a tag name and value, and then click Add.

During the next virtual machine synchronization, the policy is

automatically assigned to all the virtual machines with the
corresponding tags in Azure.
Tags
n Note HYCU for Azure performs automatic synchronization
of virtual machines every five minutes. However, you can at any
time update the list of virtual machines also manually by clicking
 Synchronize in the Virtual Machines panel.

6. Click Save.

The policy is created and added to the list of policies. For details on managing policies, see
“Managing policies” on page 67.

Creating a backup window

HYCU for Azure enables you to define time frames when backup tasks are allowed to start.
If you use a backup window, the backup tasks are started only within the hours you specify,
which improves effectiveness and prevents overloading your data protection environment.
For example, you can schedule your backup tasks to run on non-production hours to
reduce the load during peak hours.

You can use backup windows with both predefined policies and custom policies.

i Important When defining a backup window, make sure that the RPO specified in
the affected policy can be achieved within this backup window. If the RPO is shorter
than any time frame during which backups are not allowed to start, this will result in
your virtual machine not being compliant with backup requirements.

Accessing the Policies panel

To access the Policies panel, in the navigation pane, click  Policies.

26
3 Establishing a data protection environment

Procedure
1. In the Policies panel, click  Backup Window.

2. Click  New.

3. Enter a name for your backup window and, optionally, its description.

4. From the Time Zone drop-down menu, select the time zone for the backup window.

5. Select the days and hours during which backups are allowed to run.

t Tip If you click a day label or an hour label, you allow backups to run that
whole day or that hourly period for all days of the week. You can also click and drag
to quickly select a time frame that includes your preferred days and hours.
The selected time frames are displayed in the Time Frames field. If you want to delete
any of the selected time frames, pause on it, and then click x.
6. Click Save.

7. Click Close.

You can later edit any of the existing backup windows (click  Edit and make the required
modifications) or delete the ones that you do not need anymore (click  Delete).

After you create a backup window, you can do the following:

l Specify the backup window when creating a new policy. For details, see “Creating a
custom policy” on page 23.
l Assign the backup window to an existing policy. To do so, select the policy, click  Edit,
and make the required modifications.

27
3 Establishing a data protection environment

Example
You have selected the Bronze policy and allowed new backup tasks to run on weekdays
from 6 PM to 6 AM (Eastern Time), and on Saturday and Sunday all day long.

In this case, the backup tasks can be run every 24 hours at any point of time within the
specified time frames.

Creating a data archive

HYCU for Azure enables you to create an archive of your data and keep it for a longer
period of time. By archiving data, the data is stored for future reference on a daily, weekly,
monthly, or yearly basis. Your data is isolated from current activity and safely stored in a
secure cloud archive location.

Prerequisite
Only if you plan to select a manually created storage account. A storage account is added to
HYCU for Azure as a target. For instructions, see “Adding a storage account to HYCU for
Azure” on page 21.

Accessing the Policies panel

To access the Policies panel, in the navigation pane, click  Policies.

Procedure
1. In the Policies panel, click  Archiving.

2. Click  New.

28
3 Establishing a data protection environment

3. Enter a name for your data archive and, optionally, its description.

4. Add any of the following archiving options to the list of the enabled options by clicking
it:

Daily Allows you to create a daily archive of data.

Weekly Allows you to create a weekly archive of data.

Monthly Allows you to create a monthly archive of data.

Yearly Allows you to create a yearly archive of data.

5. In the Start at field, specify the hour and the minute when the archiving task should
start.
6. From the Time zone drop-down menu, specify the appropriate time zone.

7. Only if you have enabled the Weekly, Monthly, and/or Yearly archiving option. Specify when
to archive data.
8. For each enabled archiving option, do the following:
a. In the Retention field, set the retention period to be used.

n Note Make sure that the retention period is longer than the RPO to prevent
the data archive from expiring before a new backup is performed.

b. From the Target drop-down menu, select a target that you want to use for storing
the data archive.
If you select the Automatically selected option, HYCU for Azure creates a storage
account in the region of the virtual machine and uses it as a target for storing the
archive data. If an automatically created storage account already exists, it is used
instead.
c. From the Access tier drop-down menu, select the access tier that you want to use
for storing the data archive.
If you select the Automatically selected option, an access tier is automatically
selected depending on the specified retention.
9. Click Save.

You can later edit any of the existing data archives (click  Edit and make the required
modifications) or delete the ones that you do not need anymore (click  Delete). Keep in
mind that you cannot modify an archive target if an archiving task is in progress on that
target.

After you create a data archive, you can do the following:

l Specify the data archive when creating a new policy. For details, see “Creating a custom
policy” on page 23.
l Include the data archive into an existing policy. To do so, select the policy, click  Edit,
and then make the required modifications.

29
3 Establishing a data protection environment

Setting a default policy

You can select one of the predefined or custom policies to be the default policy for your
data protection environment. After you set a default policy, it is assigned to one of the
following:
l All existing virtual machines that do not have an assigned policy and all newly
discovered virtual machines.
l All newly discovered virtual machines.

Accessing the Policies panel

To access the Policies panel, in the navigation pane, click  Policies.

Procedure
1. In the Policies panel, select the policy that you want to set as default, and then click
 Set Default.
2. In the Set Default Policy dialog box, do one of the following:
l Click Yes to assign the default policy to all virtual machines that do not have an
assigned policy and all newly discovered virtual machines.
l Click No to assign the default policy only to newly discovered virtual machines.
The default policy is represented by theicon. If you later decide not to use this policy as
the default one, click  Clear Default. Keep in mind that by doing so, you do not unassign
this policy from the virtual machines to which it was assigned.

Setting up automatic policy assignment

You can set up automatic assignment of policies to virtual machines in one of the following
ways:
l By first adding tags to virtual machines in Azure and then specifying the corresponding
tag names and values in HYCU for Azure policies. If the comparison of these values
shows that the specified values match, the corresponding policies are automatically
assigned to the virtual machines during the next virtual machine synchronization in
HYCU for Azure.
l By adding the hycu-policy tag to virtual machines in Azure. Use the following
name/value pair:

Name Value

hycu-policy <PolicyName>a

a The name of a HYCU for Azure policy (for example, Gold).

The corresponding policy is automatically assigned to the virtual machines during the
next virtual machine synchronization in HYCU for Azure.

30
3 Establishing a data protection environment

Considerations
l Assigning policies automatically takes precedence over assigning policies manually (see
“Backing up virtual machines” on page 36) or setting a default policy (see “Setting a
default policy” on the previous page). This means that the tag added to the virtual
machine defines which policy is assigned to it, even if the virtual machine already has an
assigned policy.
l If tags added to a virtual machine in Azure match tags specified in several HYCU for
Azure policies, the policy with the lowest RPO is assigned to the virtual machine.

Configuring backup options

Before you start protecting virtual machines, you can adjust virtual machine protection to
the needs of your data protection environment by configuring backup options.

Backup option Description

You can use the pre-snapshot and post-snapshot scripts to

perform necessary actions before and after the snapshot of a
virtual machine is created. For example, if the virtual machine
Running pre/post
hosts a database management system, you may want to put the
scripts
database offline before the snapshot is created to ensure an
application-consistent backup and bring the database back online
when the snapshot creation completes.

Excluding disks from You can specify any disk to be excluded from the virtual machine
the backup backup.

You can allow the restore of individual files if your data protection
needs require that only individual files are restored, and not the
entire virtual machine.
Allowing the restore As an alternative to allowing the restore of individual files by using
of individual files the Configuration option described in this procedure, you can also
tag a virtual machine in Azure, and by doing so, instruct HYCU for
Azure to allow it automatically. For details, see “Allowing the
restore of files by tagging the virtual machine in Azure” on page 33.

Limitations
l For virtual machines with unmanaged disks: Restoring individual files is not supported.
l For virtual machines with encrypted managed disks: Restoring individual files is supported
only for virtual machines that have managed disks encrypted with SSE with PMK. For a
list of data protection operations that are supported based on how the managed disks
are encrypted, see the HYCU for Azure Compatibility Matrix.

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

31
3 Establishing a data protection environment

Procedure
1. In the Virtual Machines panel, select the virtual machine for which you want to
configure backup options.
2. Click  Configuration.

3. Depending on what you want to do, perform the required action:
l Run the pre-snapshot and post-snapshot scripts:
On the Pre/post scripts tab, do the following:
o If you want to run the pre-snapshot script, enable the Run pre-snapshot script
switch, and then specify the path to the script. The following are the examples
of the scripts:
n Windows: %USERPROFILE%\quiesce_db.bat
n Linux: bash /home/<UserName>/freeze_db.sh
o If you want to run the post-snapshot script, enable the Run post-snapshot
script switch, and then specify the path to the script. The following are the
examples of the scripts:
n Windows: %USERPROFILE%\resume_db.bat
n Linux: bash /home/<UserName>/thaw_db.sh
A snapshot is created even if the pre-snapshot script fails. The post-snapshot script
is run even if the pre-snapshot script, snapshot creation, or both actions fail. When
a pre-snapshot or post-snapshot script returns an error, the backup status of the
virtual machine is set to Done with errors.
l Exclude disks from the backup:
On the Exclude from backup tab, in the Disks drop-down menu, make sure the
disks that you want to exclude from the backup are not selected. By default, all the
disks are selected.

i Important Only if you plan to exclude the boot disk from the backup. When
restoring the virtual machine whose boot disk was excluded from the backup,
the Restore VM and Clone VM options are not available.

l Allow the restore of individual files:

On the Restore individual files tab, enable the Allow restore of individual files
switch.
4. Click Save.

Allowing the restore of files by tagging the virtual

machine in Azure
As an alternative to allowing the restore of individual virtual machine files in HYCU for Azure,
you can add the hycu-enable-flr tag to the virtual machine in Azure, and by doing so,

32
3 Establishing a data protection environment

instruct HYCU for Azure to allow it automatically. Use the following name/value pair:

Name Value

hycu-enable-flr Truea

a By setting the value to False, you disallow the restore of individual files for the specific virtual

machine.

If the virtual machine has credentials assigned, HYCU for Azure automatically allows the
restore of its individual files. Otherwise, you must assign the credentials to the virtual
machine. For details on how to do this, see “Enabling access to virtual machines” below.

Enabling access to virtual machines

If you plan to run the pre-snapshot and post-snapshot scripts, or to restore individual files,
you must enable HYCU for Azure to access these virtual machines by assigning credentials
to them.

Prerequisites
l For Windows virtual machines:
o A user account with the admin privileges must be configured on the virtual
machine.
o WinRM must be enabled and configured on the virtual machine.
o A firewall must be configured to allow inbound network traffic through the
required TCP port for WinRM.
l For Linux virtual machines:
o A user account with the sudo privileges must be configured on the virtual machine.
o Only if using password authentication. The sudoers file must be configured to allow a
user that has permissions to access the virtual machine to run sudo commands
without being asked for the password (the NOPASSWD tag must be added to the
sudoers file).

o A firewall must be configured to allow inbound network traffic through the

required TCP port for SSH.

Limitation
If you use the SSH protocol with private key authentication, only the RSA key type is
supported.

Consideration
If a virtual machine is deleted from Azure, but still has at least one valid restore point
available, keep in mind that you can unassign credentials from such a virtual machine, but
cannot assign them.

33
3 Establishing a data protection environment

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Procedure
1. In the Virtual Machines panel, select the virtual machine to which you want to assign a
credential group.
2. Click Credentials.

3. Click  New.

4. Enter a name for the credential group.

5. From the Protocol drop-down menu, select one of the following protocol options:

Protocol
Instructions
option

Select this option if you want HYCU for Azure to automatically select

a protocol for accessing the virtual machine: the SSH protocol (TCP
port 22) or the WinRM protocol (TCP port 5985, HTTP transport),
and then enter the user name and password of a user account that

Automatic has required permissions to access the virtual machine.

n Note For Linux virtual machines: Password authentication is

used by default. If you want to use public key authentication,
select the SSH protocol option and make the required
modifications.

Select this option if you want to use the SSH protocol, and then do
the following:

a. In the Port field, enter the SSH server port number.

b. From the Authentication drop-down menu, select the type of

authentication you want to be used, and then provide the
required information:

Enter the user name and password of a user

SSH Password
account that has required permissions to
authentication
access the virtual machine.

Enter the user name of a user account that

Public key
has required permissions to access the
authentication
virtual machine.

Private key
Do the following:
authentication

34
3 Establishing a data protection environment

Protocol
Instructions
option

i. Enter the user name of a user account

that has required permissions to access
the virtual machine.
ii. Choose a private key.

iii. Only if the private key is encrypted. Enter

the private key passphrase.

Select this option if you want to use the WinRM protocol, and then
do the following:

WinRM a. In the Port field, enter the WinRM server port number.

b. Enter the user name and password of a user account that has
required permissions to access the virtual machine.

6. Click Save.

7. Only if using the public key authentication type. Download a public SSH key in HYCU for
Azure and reset it in Azure. To do so, follow these steps:
a. In HYCU for Azure, select the required credential group, click Download Key,
and then copy the public SSH key.
b. In Azure, reset the public SSH key for the selected virtual machine and, as a new
public SSH key, specify the one you copied from HYCU for Azure. For details on how
to do this, see Azure documentation.
8. Click Assign.

The name of the assigned credential group appears in the Credential group column of the
Virtual Machines panel. HYCU for Azure performs virtual machine discovery after you assign
the credentials to the virtual machines and the Discovery status in the Virtual Machines
panel is updated accordingly.

t Tip If several virtual machines share the same user name and password, you can
use multiple selection to assign the same credential group to them.
To unassign a credential group from a virtual machine, in the Virtual Machines panel, select
the virtual machine, click Credentials, and then click Unassign.

You can also edit any of the existing credential groups (select a credential group, click
 Edit, and then make the required modifications) or delete the ones that you do not
need anymore (select a credential group, and then click  Delete).

35
Chapter 4

Protecting virtual machines

HYCU for Azure enables you to protect your virtual machine data with fast and reliable
backup and restore operations. After you back up a virtual machine, you can choose to
restore either the entire virtual machine, individual disks, or individual files.

Consideration
Keep in mind that the role you have assigned determines what kind of actions you can
perform. For details on roles, see “Managing roles” on page 71.

For details on how to efficiently protect virtual machine data, see the following sections:
l “Backing up virtual machines” below
l “Restoring virtual machines” on the next page
l “Restoring individual files” on page 45

Backing up virtual machines

With HYCU for Azure, you can back up your virtual machines in a fast and efficient way.

Prerequisite
Only if a custom firewall rule is applied. Traffic to the *.azure.com, *.core.windows.net,
*.servicebus.windows.net, and *.microsoftonline.com endpoints must be allowed.

Limitations
l Ultra disks are not protected.
l Azure temporary storage disks are not protected.
l Virtual machine memory is not protected.
l Backing up virtual machines with unmanaged disks is supported only if the
unmanaged disks are in the same resource group as the virtual machine.
l Backing up virtual machines that have managed disks encrypted with SSE with PMK &
ADE is not supported. For a list of data protection operations that are supported based
on how the managed disks are encrypted, see the HYCU for Azure Compatibility Matrix.

36
4 Protecting virtual machines

Considerations
l To optimize the use of storage space in the Azure storage accounts, HYCU for Azure
employs the HYCU changed block tracking (CBT) technique on the backup data before
storing it. This technique is applied to all backup data, including copies of backup data
and data archives.
l Only one backup task can run at the same time for the virtual machine.
l Only if you plan to run the pre-snapshot and post-snapshot scripts. Make sure that the
credential group is assigned to the virtual machine. For instructions on how to enable
access to the virtual machine, see “Enabling access to virtual machines” on page 33.
l Only if you plan to restore individual files.
o Make sure that the restore of individual files is enabled for the virtual machine. For
details on how to do this, see “Configuring backup options” on page 31.
o For Windows virtual machines: Make sure that the credential group is assigned to the
virtual machine. For instructions on how to enable access to the virtual machine,
see “Enabling access to virtual machines” on page 33.

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Procedure
1. In the Virtual Machines panel, select the virtual machines that you want to back up.

n Note You can update the list of virtual machines by clicking  Synchronize.

To narrow down the list of displayed virtual machines, you can use the filtering
options as described in “Filtering data” on page 61.

2. Click  Policies.

3. From the list of available policies, select the desired policy.

4. Click Assign to assign the policy to the selected virtual machines.

When you assign a policy to a virtual machine, a backup task starts immediately.
Subsequent backups are scheduled according to the values defined in the policy.

If required, you can also perform a manual backup of virtual machines at any time. For
details, see “Performing a manual backup” on page 69.

Restoring virtual machines

HYCU for Azure enables you to restore an entire virtual machine or individual virtual
machine disks to a specific point in time.

Prerequisite
Only if a custom firewall rule is applied. Traffic to the *.azure.com, *.core.windows.net,
*.servicebus.windows.net, and *.microsoftonline.com endpoints must be allowed.

37
4 Protecting virtual machines

Considerations
l Only one restore task can run at the same time for the virtual machine.
l When restoring data archives, HYCU for Azure performs data rehydration during which
an archived blob is copied to the online hot tier (on a temporary container). Keep in
mind that this can take a few hours to complete.

Restore options
You can select among the following restore options:

Restore
Description Instructions
option

Enables you to restore a virtual machine to its “Restoring a

Restore VM original location with the same configuration virtual machine”
settings. below

Enables you to restore a virtual machine by creating “Cloning a virtual

Clone VM a virtual machine clone in its original or a new machine” on the
location with different configuration settings. next page

“Restoring virtual
Enables you to restore virtual machine disks with the
Restore Disks machine disks”
same configuration settings.
on page 42

Enables you to restore virtual machine disks by “Cloning virtual

Clone Disks creating disk clones with different configuration machine disks”
settings. on page 43

“Exporting virtual
Enables you to restore virtual machine disks to the
Export Disks machine disks”
same or a different Azure region.
on page 44

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Restoring a virtual machine

You can restore an entire virtual machine to its original location with the same settings.

Prerequisites
l Only if you plan to restore an entire virtual machine. You have deleted the original virtual
machine and all its disks from Azure.
l Only if you plan to restore individual disks other than the boot disk. You have deleted only
the individual disks (not the entire virtual machine) from Azure.

38
4 Protecting virtual machines

l Only if you plan to restore the boot disk. You have deleted the entire virtual machine and
the boot disk from Azure.

Consideration
Any data changes after the last successful backup are not protected and therefore cannot
be restored.

Procedure
1. In the Virtual Machines panel, click the virtual machine that you want to restore. The
Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details
section.

2. In the Details section, select the desired restore point, and then click  Restore Virtual
Machine.
3. Select Restore VM, and then click Next.

4. From the Restore from drop-down menu, select which tier you want to use for the
restore. Your restore point can contain one or more tiers among which you can select:
l Automatic: This option ensures the fastest and most cost-effective restore.
l Backup (Snapshot)
l Backup (Target)
l Copy
l Archive - daily
l Archive - weekly
l Archive - monthly
l Archive - yearly

5. From the Disks drop-down menu, select the disks that you want to restore.

n Note By default, all the disks are selected. This means that the entire virtual
machine will be restored if you did not exclude the individual disks from the backup
as described in “Configuring backup options” on page 31.

6. Click Validate to verify if the restore task can be run successfully.

7. Click Restore.

Cloning a virtual machine

You can restore a virtual machine to its original or a new location with custom settings. In
this case, you create a new virtual machine containing the restored data alongside the
original virtual machine. For the new virtual machine, you can specify a different
subscription, resource group, geographic region, and/or virtual network.

39
4 Protecting virtual machines

Prerequisites
l Only if you plan to restore a virtual machine to a different subscription and/or resource group.
You have the required role assigned on the Azure subscription and resource group to
which you plan to restore the virtual machine.
l Only if you plan to restore multiple virtual machine disks. You have updated the list of
virtual machines. To update the list of virtual machines, in the Virtual Machines panel,
click  Synchronize.

Limitation
Restoring virtual machines with unmanaged disks to a different subscription and resource
group is not supported.

Procedure
1. In the Virtual Machines panel, click the virtual machine that you want to restore. The
Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details
section.

2. In the Details section, select the desired restore point, and then click  Restore Virtual
Machine.
3. Select Clone VM, and then click Next.

4. In the New virtual machine name field, enter a name for the virtual machine.

5. From the Restore from drop-down menu, select which tier you want to use for the
restore. Your restore point can contain one or more tiers among which you can select:
l Automatic: This option ensures the fastest and most cost-effective restore.
l Backup (Snapshot)
l Backup (Target)
l Copy
l Archive - daily
l Archive - weekly
l Archive - monthly
l Archive - yearly

6. From the Disks drop-down menu, select the disks that you want to restore.

n Note By default, all the disks are selected. This means that a new virtual
machine containing the restored data will be created alongside the original virtual
machine. The new virtual machine will include all the disks if you did not exclude
individual disks from the backup as described in “Configuring backup options” on
page 31.

7. From the Subscription drop-down menu, select the subscription for the restored virtual
machine.

40
4 Protecting virtual machines

8. From the Resource group drop-down menu, select the resource group for the restored
virtual machine.
9. From the Location drop-down menu, select the geographic region for the restored
virtual machine.

i Important If you select a region other than the original one for the restored
virtual machine, you will be charged for outbound data transfer. For details, see
Azure pricing.

10. From the Availability Zone drop-down menu, select the zone for the restored virtual
machine.

n Note The selected geographic region and the size of the virtual machine
determine to which zones you can restore data. If you do not want to restore data
to any zone, select None.

11. Under Network interfaces, you can view the network interface that will be added to the
restored virtual machine. By default, this is the first network interface from the resource
group that you selected for the restored virtual machine. If required, you can also
modify network settings.

Modifying network settings

If you want to modify network settings, you can add an additional network interface,
edit an existing network interface, or delete a network interface:

l Click Add network interface to add a network interface or click  Edit next to
the network interface that you want to edit, and then follow these steps:
a. Only if you are adding a network interface. From the Virtual network drop-down
menu, select the virtual network for the network interface.

n Note The list of available virtual networks includes only the ones

within the region you selected for the restored virtual machine.

b. Select the subnet to which the network interface should be assigned.

c. In the Public IP address type field, select the public IP address for the network
interface. You can select among the following options:

Option Description

No public IP address will be assigned to the network

None
interface on the restored virtual machine.

A dynamic IP address will be assigned to the network

Dynamic
interface on the restored virtual machine.

A static IP address will be assigned to the network interface

Static
on the restored virtual machine.

41
4 Protecting virtual machines

Option Description

A preferred public IP address resource that you have

Existing created in Azure will be assigned to the network interface on
the restored virtual machine.

d. In the Private IP address type field, select the private IP address for the
network interface. You can select between the following options:

Option Description

A dynamic IP address will be assigned to the network

Dynamic
interface on the restored virtual machine.

A static IP address will be assigned to the network interface

Static
on the restored virtual machine.

e. Click Add or Save.

l Click  Delete next to the network interface that you want to delete. Keep in
mind that you cannot restore the virtual machine without a network interface.

12. Click Validate to verify if the restore task can be run successfully.

13. Click Restore.

Restoring virtual machine disks

You can restore virtual machine disks and attach them to the same virtual machine. In this
case, you replace the original disks with the restored ones.

Limitation
Restoring unmanaged disks is not supported.

Procedure
1. In the Virtual Machines panel, click the virtual machine whose disks you want to restore.
The Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details
section.

2. In the Details section, select the desired restore point, and then click  Restore Virtual
Machine.
3. Select Restore Disks, and then click Next.

4. From the list of disks that are available for the restore, select the ones that you want to
restore, and then click Next.

n Note If you select the boot disk, the virtual machine will be restarted after the

42
4 Protecting virtual machines

disks are restored.

6. Click Validate to verify if the restore task can be run successfully.

7. Click Restore.

Cloning virtual machine disks

You can create clones of virtual machine disks by restoring the disks and attaching them to
the same or a different virtual machine. In this case, the disks will be attached to the
preferred virtual machine.

Limitations
l Cloning unmanaged disks is not supported.
l You can attach the cloned disks only to a virtual machine that is running the same
operating system as the original virtual machine and that belongs to the same
protection set as the original virtual machine.

Considerations
l The name format of the cloned disk is hycu-disk-<UUID>-<DiskName>.
l Only if you are cloning disks to the same virtual machine. After cloning the disks, make sure
to change their UUIDs to be able to perform further tasks on the virtual machine.

Procedure
1. In the Virtual Machines panel, click the virtual machine whose disks you want to restore.
The Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details
section.

2. In the Details section, select the desired restore point, and then click  Restore Virtual
Machine.
3. Select Clone Disks, and then click Next.

43
4 Protecting virtual machines

4. From the list of disks that are available for the restore, select the ones that you want to
restore, and then click Next.
5. From the Restore from drop-down menu, select which tier you want to use for the
restore. Your restore point can contain one or more tiers among which you can select:
l Automatic: This option ensures the fastest and most cost-effective restore.
l Backup (Snapshot)
l Backup (Target)
l Copy
l Archive - daily
l Archive - weekly
l Archive - monthly
l Archive - yearly

6. From the Subscription drop-down menu, select the subscription that contains the
virtual machine to which you want to attach the cloned disks.
7. From the Resource group drop-down menu, select the resource group of the virtual
machine to which you want to attach the cloned disks.
8. From the Location drop-down menu, select the geographic region of the virtual
machine to which you want to attach the cloned disks.

i Important If you select a region other than the original one, you will be
charged for outbound data transfer. For details, see Azure pricing.

9. From the Virtual machine drop-down menu, select the virtual machine to which you
want to attach the cloned disks.
10. Click Validate to verify if the restore task can be run successfully.

11. Click Restore.

Exporting virtual machine disks

You can export disks by restoring them to the same or a different Azure region. In this case,
the disks will not be attached to any virtual machine.

Limitation
Exporting unmanaged disks is not supported.

Consideration
The name format of the exported disk is hycu-disk-<UUID>-<DiskName>.

Procedure
1. In the Virtual Machines panel, click the virtual machine whose disks you want to export.
The Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details

44
4 Protecting virtual machines

section.

2. In the Details section, select the desired restore point, and then click  Restore Virtual
Machine.
3. Select Export Disks, and then click Next.

6. From the Subscription drop-down menu, select the subscription to which you want to
export the disks.
7. From the Resource group drop-down menu, select the resource group to which you
want to export the disks.
8. From the Location drop-down menu, select the geographic region to which you want
to export the disks.
9. From the Availability Zone drop-down menu, select the zone to which you want to
export the disks.

n Note The selected geographic region determines to which zones you can

restore data. If you do not want to restore data to any zone, select None.

10. Click Validate to verify if the restore task can be run successfully.

11. Click Restore.

Restoring individual files

You can restore one or more files to the same or a different location on the original virtual
machine, or to a target.

Prerequisites
l The restore of individual files is enabled for the virtual machine. For details on how to
do this, see “Configuring backup options” on page 31.
l The credential group is assigned to the virtual machine. For instructions on how to
enable access to the virtual machine, see “Enabling access to virtual machines” on
page 33.

45
4 Protecting virtual machines

l Only if you plan to restore individual files to a target. A storage account to which you want
to restore data is added to HYCU for Azure as a target and it is reserved only for
restored data. For details on targets, see “Setting up targets” on page 20.
l Only if a custom firewall rule is applied. Traffic to the *.azure.com, *.core.windows.net,
*.servicebus.windows.net, and *.microsoftonline.com endpoints must be allowed.

Considerations
Only if restoring files to the virtual machine:
l If the virtual machine is not accessible, the restore operation fails. The virtual machine
may not be accessible if it is stopped or if it no longer exists.
l Only if you plan to restore the original access control lists (ACLs):
o Because restoring ACLs is not supported on FAT file systems types, the status of the
restore task for such files will be Done with errors. This means that the files have
been restored, but because the files in the FAT file system do not have ACLs, the
ACLs have not been set for the files.
o The ACL information is not restored during the cross-file system restore.

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Procedure
1. In the Virtual Machines panel, click the virtual machine that contains the files that you
want to restore. The Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details
section.

2. In the Details section, select the desired restore point, and then click  Restore Files.

3. From the Restore from drop-down menu, select which tier you want to use for the
restore. Your restore point can contain one or more tiers among which you can select:
l Automatic: This option ensures the fastest and most cost-effective restore.
l Backup (Snapshot)
l Backup (Target)
l Copy
l Archive - daily
l Archive - weekly
l Archive - monthly
l Archive - yearly

4. In the Disks drop-down menu, make sure only the disks with the files that you want to
restore are selected, and then click Next. By default, all the disks are selected.
5. From the list of available files, select the ones that you want to restore, and then click
Next.

46
4 Protecting virtual machines

i Important You can select only individual files or folders for the restore, not
whole disks or entire partitions.

6. Select whether you want to restore the files to the virtual machine or to a target, and
then perform the required steps:

Restore files to... Instructions

a. Select Restore to virtual machine, and then click Next.

b. Select the location on the virtual machine to which you

want to restore the files, and then provide the required
information:
l Original location
Select how the restore should save the files when there
is a file with the same name and location on the virtual
machine (overwrite the file, rename the original file, or
rename the restored file).

i Important Only if overwriting the files. Make

sure that the configured user account has sufficient
permissions to write to the specified files.

l Alternate location

Virtual machine Specify the path to an alternate location on the virtual

machine in the following format:
o Windows:

o Linux:

/<Path>/<FolderName>

The restored files overwrite the files with the same

name that might exist at the alternate location.
c. Use the Restore ACL switch if you want to restore the
original access control list. If enabled, HYCU for Azure
preserves original ACLs. If disabled, HYCU for Azure applies
inherited ACLs on the restored files (according to the file
system ACL inheritance rules).

a. Select Restore to target, and then click Next.

Target b. From the Target drop-down menu, select the target to
which you want to restore the files.

7. Click Restore.

47
Chapter 5

Performing daily tasks

To ensure your data protection environment is in the optimal state in terms of security,
reliability, and efficiency, HYCU for Azure provides various mechanisms to support your
daily activities.

Consideration
Keep in mind that the role you have assigned determines what kind of actions you can
perform. For details on roles, see “Managing roles” on page 71.

I want to... Instructions

Get an at-a-glance overview of the data

protection environment state, identify “Using the HYCU for Azure dashboard” on
eventual bottlenecks, and inspect different the next page
areas of the data protection environment.

Track tasks that are running in the data

protection environment and get an insight “Checking the status of tasks” on page 50
into the status of a specific task.

View all events that occurred in the data

“Viewing events” on page 50
protection environment.

Configure HYCU for Azure to send

notifications when new events occur in your “Configuring event notifications” on page 51
data protection environment.

Obtain reports on different aspects of the

“Using HYCU for Azure reports” on page 54
data protection environment.

View virtual machine details. “Viewing virtual machine details” on page 58

Narrow down the list of displayed items by

“Filtering data” on page 61
applying filters.

View target information, edit a target, or

“Managing targets” on page 65
remove a target.

View policy information, edit a policy, or

“Managing policies” on page 67
delete a policy.

48
5 Performing daily tasks

I want to... Instructions

Back up data manually. “Performing a manual backup” on page 69

Mark a restore point as expired. “Expiring backups manually” on page 69

Using the HYCU for Azure dashboard

The HYCU for Azure dashboard provides you with an at-a-glance overview of the data
protection status in your environment. This intuitive dashboard enables you to monitor all
data protection activity and to quickly identify the areas that need your attention. You can
use this dashboard as a starting point for your everyday tasks because it enables you to
easily access the area of interest by simply clicking the corresponding widget.

Accessing the Dashboard panel

To access the Dashboard panel, in the navigation pane, click  Dashboard.

You can find the following information within each widget:

Dashboard
Information
widget

Percentage of policies that are compliant, and the number of compliant and
non-compliant policies in the protection set. A policy is considered
Policies compliant if all virtual machines to which this policy is assigned are
compliant with the policy settings. For details on policies, see “Defining your
backup strategy” on page 22.

Percentage of virtual machines that are protected, and the number of

protected and unprotected virtual machines in the protection set. A virtual
Virtual machine is considered protected if it has an assigned policy and at least one
Machines valid backup within the retention period specified in the policy. For details
on protecting virtual machines, see “Protecting virtual machines” on
page 36.

Backups Backup success rate for the last seven days.

Number of storage accounts in the protection set, and the information on

Targets how much space is used and available for storing backup data. For details
on targets, see “Setting up targets” on page 20.

Total number of tasks in the protection set and the number of tasks
according to their status (Success, Warning, Failed, In progress) in the last
Tasks
48 hours. For details on tasks, see “Checking the status of tasks” on the next
page.

Events Total number of events and the number of events according to their

49
5 Performing daily tasks

Dashboard
Information
widget

severity level (Success, Warning, Failed) in the last 48 hours. For details on
events, see “Viewing events” below.

n Note Only if multiple protection sets are available in your data

protection environment. HYCU for Azure shows the events for all
protection sets and not only for the currently selected one.

Checking the status of tasks

In the Tasks panel, you can do the following:
l Check the overall status of the tasks in your data protection environment.
l Check the status of the tasks that are currently running.
l Check the completed and stopped tasks.
l List the tasks that match the specified filter.
l Check more details about a specific task in the Details section that appears at the
bottom of the screen after you select the task.
l Generate a report about a specific task by selecting it, and then clicking  View
Report. To copy the report to the clipboard, in the Task Report dialog box that opens,
click Copy to clipboard.
l Cancel any currently running task by selecting it, and then clicking  Abort Task. Keep
in mind that you cannot abort tasks related to retention maintenance.

Accessing the Tasks panel

To access the Tasks panel, in the navigation pane, click  Tasks.

Task
Description
information

Summary of the task (for example, running a backup, performing a

Description
restore, restoring individual files, and so on).

Current status of the task (for example, Done, Ready, a progress bar
Status
indicating the Running status, Failed, Done with errors, and so on).

Started Date and time the task started running.

Finished Date and time the task finished.

Viewing events
In the Events panel, you can do the following:

50
5 Performing daily tasks

l View all events that occurred in your data protection environment.

l Check more details about a specific event in the Details section that appears at the
bottom of the screen after you select the event.

t Tip If you click the related task link in the Details section, you are directed to the
Tasks panel where you can view more details about the related task.

l List the events that match the specified filter.

l Configure HYCU for Azure to send notifications when new events occur in your data
protection environment. For details, see “Configuring event notifications” below.

Consideration
Only if multiple protection sets are available in your data protection environment. HYCU for Azure
shows the events for all protection sets and not only for the currently selected one.

Accessing the Events panel

To access the Events panel, in the navigation pane, click  Events.

Event information Description

Severity Severity level of the event (Info, Warning, Error).

Message Description of the event.

Functional area of HYCU for Azure to which the event belongs (for

Category example, Targets, Credentials, Policies, System for an internal
event, and so on).

Timestamp Date and time the event was created.

Configuring event notifications

You can configure HYCU for Azure to send notifications when new events occur in your
data protection environment. This allows you to monitor and manage your data protection
environment more efficiently, and to immediately respond to the events if required. You
can set up emails or webhooks as a notification channel.

i Important Make sure to configure event notifications for each protection set

separately.

Accessing the Notifications dialog box

To access the Notifications dialog box, click  Events in the navigation pane, and then
click  Notifications in the toolbar.

Depending on which notification channel you want to use, see one of the following
sections:

51
5 Performing daily tasks

l “Creating email notifications” below

l “Creating webhook notifications” below

Creating email notifications

Procedure
1. In the Notifications dialog box, click the Email tab, and then click  New.

2. In the Subject field, enter a subject for the email notification.

3. From the Category drop-down menu, select one or more event categories. To include
all categories, click Select All.
4. From the Severity drop-down menu, select one or more severity levels of events. To
include all severity levels, click Select All.
5. In the Email address field, enter the recipient's email address. If you are entering more
than one email address, make sure to press the Spacebar after entering each one.
6. Click Save.

Your changes take effect immediately and email notifications are sent to any email address
that you specified in the notification settings.

You can later edit settings for existing email notifications (click  Edit and make the
required modifications) or delete the ones that you do not need anymore (click  Delete).

Creating webhook notifications

Procedure
1. In the Notifications dialog box, click the Webhooks tab, and then click  New.

2. In the Name field, enter a name for the webhook notification and, optionally, its
description.
3. From the Category drop-down menu, select one or more event categories. To include
all categories, click Select All.
4. From the Severity drop-down menu, select one or more severity levels of events. To
include all severity levels, click Select All.
5. In the Post URL field, enter the URL of the endpoint the webhook notifications should
be sent to in one of the following formats:

https://<Host>
https://<Host>/<Path>

6. Only if the receiving endpoint requires sender's identification. In the Secret field, enter a
secret for authentication.
7. Click Next.

8. Optional. Customize the body of the request that is sent by HYCU for Azure. You can

52
5 Performing daily tasks

click the appropriate fields in the HYCU fields list to easily insert event variables into the
body.

i Important Make sure the format you define in the body is supported by the
platform to which webhook notifications will be sent.
For details on the webhook data format that HYCU for Azure sends to the specified
URL, see “Webhook data format” below.
9. Click Save.

Your changes take effect immediately and webhook notifications are sent to any URL that
you specified in the notification settings.

You can later edit settings for existing webhook notifications (click  Edit and make the
required modifications) or delete the ones that you do not need anymore (click  Delete).

Webhook data format

The webhook data format is defined by:
l HTTP request header sent by HYCU for Azure
l HTTP request body sent by HYCU for Azure

HTTP request headers

The request headers are sent in the following format:

content-type = application/json
x-hycu-signature = base64(hmac(body, secret, 'sha256'))

n Note The x-hycu-signature request header is sent only if the webhook secret is

specified.

HTTP request body

The request body is sent in the following format:

{
"severity": "<severity-value>",
"authorityIdentifier": "<authorityIdentifier-value>",
"created": "<created-value>",
"details": "<details-value>",
"category": "<category-value>",
"message": "<message-value>",
"taskUUID": "<taskUUID-value>"
}

n Note Null values are set to N/A.

53
5 Performing daily tasks

Using HYCU for Azure reports

HYCU for Azure reports provide you with a visual presentation of data protection
environment resources within the currently selected protection set. This comprehensive
and precise presentation allows you to have an optimum view for analyzing data so that
you can make the best decisions when it comes to protecting your data. Report data can be
presented as a table or as a chart.

i Important Reports reflect the state of your data protection environment with an

up to 10 minute latency period.
After you get familiar with reports as described in “Getting started with reporting” below,
you can continue as follows:
l View reports. For details, see “Viewing reports” on page 56.
l Generate reports. For details, see “Generating reports” on page 56.
l Schedule reports. For details, see “Scheduling reports” on page 57.

n Note When scheduling the reports, you can also choose to send them by
email.

l Export and import reports. For details, see “Exporting and importing reports” on
page 58.

Accessing the Reports panel

To access the Reports panel, in the navigation pane, click Reports.

t Tip To minimize the Details section, click Minimize or press Spacebar. To return
it to its original size, click Maximize or press Spacebar.

Getting started with reporting

You can take advantage of predefined reports or create additional reports to better
understand your data protection environment, identify potential problems, and improve
performance.

For a list of predefined reports, see “Predefined reports” below. For instructions on how to
create reports, see “Creating reports” on the next page.

Predefined reports
Predefined reports, represented by theicon, provide you with information on the key
aspects of your data protection environment, such as the total size of virtual machine
backup data and the size of virtual machine disks. These reports cannot be edited or
deleted.

Name Description

Protected data on targets – per Amount of protected data on targets per access tier.

54
5 Performing daily tasks

Name Description

access tier

Protected data on targets – per

Amount of protected data on targets per policy.
policy

Protected data on targets – per Amount of protected data on targets per virtual
virtual machine machine.

Protected virtual machine disk Amount of protected virtual machine disk capacity
capacity – per policy per policy.

Total protected data on targets Total amount of protected data on targets through
(trend) time.

Total virtual machine disk capacity Total amount of virtual machine disk capacity
(trend) through time.

List of virtual machines, their compliance statuses,

Virtual machine compliance status
assigned policies, and the corresponding policy tiers.

Creating reports
If none of the predefined reports meets your reporting requirements, you can create a new
report and tailor it to your needs.

Depending on whether you want to create a new report from scratch or edit an existing
report and save it as a new report, do the following:

I want to... Procedure

1. Click  New. The Report Configuration dialog box opens.

2. Enter a report name and, optionally, its description.

3. Select the type of report (a table or a chart).

4. Specify the time range for the report.

Create a new report from 5. Select the aggregation value that you want to use to
scratch. perform a calculation on a set of collected data.
6. Distribute the report tags for the collected data that you
want to include in your report between x-axis and y-axis
to determine how the collected data will be presented in
the report.
7. Click Save.

Edit an existing report 1. From the list of reports, select the one that you want to
and save it as a new edit and save as a new report, and then click  Edit. The
report. Report Configuration dialog box opens.

55
5 Performing daily tasks

I want to... Procedure

2. Enter a new name for the report, and then make the
required modifications.
3. Click Save as.

Viewing reports
You can view the reports on the current state of your data protection environment or the
saved reports that were generated either manually or automatically.

I want to... Procedure

View a report on the

From the list of reports, select the desired report, and then
current state of my data
double-click it or click Preview.
protection environment.

1. From the list of reports, select the desired report.

2. In the Details section that appears at the bottom of the

screen, select the desired report version, and then
View a saved report. double-click it or click View.
For instructions on how to generate reports manually or
automatically, see “Generating reports” below or “Scheduling
reports” on the next page.

In the dialog box that opens, besides viewing the report data, you can also do the following:
l Switch between the reports.
l Download and export the report in the PDF, PNG, or CSV format. To do so, click
Download, and then select one of the available formats.
l If you view a report on the current state of the data protection environment, you can
save this version of the report by clicking Generate. The saved report is added to the list
of report versions.

Generating reports
When you generate a report, you are saving a copy of the current version of the selected
report (a report version) for future reference.

Procedure
1. From the list of reports, select the one that you want to generate.

n Note If none of the available reports meets your reporting requirements, you
can create a new report. For details, see “Creating reports” on the previous page.

2. In the Details section that appears at the bottom of the screen, click Generate. The

56
5 Performing daily tasks

Generate Report Version dialog box opens.

3. Optional. Enter a description for the report version.

4. Click Generate.

t Tip You can save a version of the selected report also by clicking Preview
followed by Generate.
The generated report version is added to the list of report versions in the Details section
that appears at the bottom of the screen when you select a corresponding report.

You can later do the following:

l View the saved reports. For details, see “Viewing reports” on the previous page.
l Delete the saved reports that you do not need anymore. To do so, select the desired
report version, and then click  Delete.

Scheduling reports
You can use scheduling to generate reports automatically at a particular time each day,
week, or month. You can view these reports in the web browser or schedule them to be
delivered by email.

Procedure
1. From the list of reports, select the one that you want to be generated on a regular basis,
and then click Scheduler. The Report Scheduler dialog box opens.

n Note If none of the available reports meets your reporting requirements, you
can create a new report. For details, see “Creating reports” on page 55.

2. In the Schedule date field, specify the date and the time of the day when you want the
report generation to begin.
3. From the Interval drop-down menu, select how often you want the reports to be
generated (daily, weekly, or monthly).
4. Use the Send switch if you want to schedule the automatic delivery of the reports to
email recipients, and then do the following:
a. From the Report format drop-down menu, select a file format for your report (PDF,
PNG, or CSV).
b. In the Email address field, enter one or more email recipients that should receive
the reports. If you are entering more than one email address, make sure to press
the Spacebar after entering each one.
5. Click Schedule.

t Tip The reports that are generated automatically are marked by  in the

Scheduled column of the Reports panel and have Auto-generated in their description.
You can later do the following:

57
5 Performing daily tasks

l Edit scheduling options of any of the scheduled reports. To do so, select the report,
click Scheduler, make the required modification, and then click Schedule.
l Unschedule any of the reports if you do not want them to be generated automatically
anymore. To do so, select the report, click Scheduler, and then click Unschedule.

Exporting and importing reports

HYCU for Azure enables you to share reports among different HYCU for Azure subscriptions
by exporting the reports to a JSON file and then importing the reports from the JSON file.

Exporting reports

Procedure
From the list of all reports, select the one that you want to export, and then click Export.

The selected report will be exported to a JSON file and saved to the download location on
your system.

Importing reports

Procedure
1. Click Import. The Import Report dialog box opens.

2. Browse your file system for the report that you want to import.

3. Enter a name for the report and, optionally, its description.

n Note If the JSON file name and description are already defined in the file itself,
the Name and Description fields will be populated automatically. You can, however,
use another name and description.

4. Click Import.

A new report will be added to the list of reports.

Viewing virtual machine details

You can view detailed information about virtual machines in the Details section of the
Virtual Machines panel.

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Procedure
In the Virtual Machines panel, click the virtual machine whose details you want to view. The
Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting the

58
5 Performing daily tasks

check box before the name of the virtual machine will not open the Details section.

VM information Description

Detailed information about the selected virtual machine such as its

Details
UUID, type, operating system, and so on.

Detailed information about the restore point:

l Date and time the restore point was created.
l Available tiers from which you can restore data:

o Snapshot: Available if a virtual machine snapshot

exists, enabling a faster restore.

o Backup: Available if backup data is stored on a

target.

o Copy: Available if a copy of backup data was

Restore point
created.

o Data archive: Available if a data archive was

created.

o Catalog: Available if the restore of individual files

was enabled.

n Note Only if you excluded individual disks from the

backup. The restore point does not include the backup
data of the entire virtual machine.

Compliance status of the backup:

l  Success. The backup is compliant (the RPO setting in the
policy assigned to the virtual machine was met).
l  Failure: The backup is not compliant (the RPO setting in
the policy assigned to the virtual machine was not met).
Compliance
l  Undefined: Backup compliance is undefined.
By pausing on the compliance status indicated by an icon,
additional information about the backup is available. You can see
backup frequency and the elapsed time since the last successful
backup.

Backup status of the virtual machine. For details, see “Viewing the
Backup status
backup status of virtual machines” on the next page.

Progress bar indicating the progress of the virtual machine

Restore status restore.

n Note By double-clicking a progress bar, you are directed

59
5 Performing daily tasks

to the Tasks panel where you can check details about the
related task.

Viewing the backup status of virtual machines

The backup status of your virtual machine determines whether it is possible to restore it.

Restore a VM or
Backup status Restore files?
disks?

 Done h h
 Done with warnings ha h
 Done with errors ha x
 Failed x x
 Aborted x x
 (Expired / Inaccessible on Azure /
x x
Deleted from Azure)

a This backup status may indicate the following:

l Not all virtual machine disks were backed up successfully, therefore the virtual machine can be
restored only partially. If backing up a boot disk failed, you may not be able to start the virtual
machine after the restore.
l Creating a copy of backup data failed. However, the virtual machine can still be fully restored
from the backup or the data archive (if it exists).

n Note By pausing on the backup status indicated by an icon, additional information

about the backup is available. You can see the backup type, the duration and size of the
backup, which target was used, and the backup ID.

Tier statuses
Tier labels may be visually marked to represent backup statuses of individual tiers. These
statuses define whether it is possible to restore a virtual machine. The following is an
example of possible marks:

Tier status Restore a virtual machine?

(Done) h
h
(Done with warnings or For details on what data can be restored if one of
Done with errors) these backup statuses is shown, see “Viewing the
backup status of virtual machines” above.

60
5 Performing daily tasks

Tier status Restore a virtual machine?

(Failed) x

(Aborted) x

(Expired) x

(Inaccessible on Azure /
x
Deleted from Azure)

Filtering data
HYCU for Azure provides you with two types of filters that you can apply—the main filter
and the detail filter. After you apply any of the filters, only data that matches the filter criteria
is displayed and you can easily find what you need.

Applying the main filter

Apply the main filter when you want to focus on certain aspects of your data protection
environment. For example, filtering data in the Virtual Machines panel helps you to focus
only on the virtual machines that you are interested in.

Procedure
In the Search field of the selected panel, enter a search term to filter data. If required,
narrow down the search scope by using more specific filtering options:
1. Click  Main Filter. The Main view side panel opens.

2. Specify your filter criteria.

3. Click Apply Filters.

Depending on the panel the contents of which you want to filter, see one of the following
sections for the information on the available filtering options:
l “Filtering options in the Virtual Machines panel” on the next page
l “Filtering options in the Policies panel” on page 63
l “Filtering options in the Targets panel” on page 63
l “Filtering options in the Tasks panel” on page 63
l “Filtering options in the Events panel” on page 64

Applying the detail filter

Apply the detail filter when you want to focus on the information about the restore and
backup data of the selected item.

n Note The detail filter is available in the Virtual Machines panel.

61
5 Performing daily tasks

Procedure
1. From the list of all virtual machines in the Virtual Machines panel, select the virtual
machine that you want to filter by restore and backup data.
2. In the Detail view that appears at the bottom of the screen, click  Detail Filter. The
Detail view side panel opens.
3. Specify your filter criteria.

4. Click Apply Filters.

For the information on the available filtering options, see “Filtering options in the Virtual
Machines panel” below.

Filtering options in the Virtual Machines panel

In the Main view side panel, select one or more filtering options:

Filtering
Action
option

Resource From the drop-down menu, select the resource groups to which the
groups virtual machines belong.

From the drop-down menu, select the policies that are assigned to the
Policies
virtual machines.

Credential From the drop-down menu, select the credential groups that are
groups assigned to the virtual machines.

Select one or more options to filter by the compliance status (a virtual

machine is considered compliant if the time since the last successful
backup is lower than the RPO policy setting):
Compliance
l Success
l Failure
l Undefined

Select one or more options to filter by the virtual machine protection

status:
Protection l Yes
l No
l Deleted

Select one or more options to filter by the virtual machine discovery

status:
l Success
Discovery
l Failure
l Warning
l Undefined

In the Detail view side panel, select one or more filtering options:

62
5 Performing daily tasks

Filtering
Action
option

Tiers From the drop-down menu, select one or more tiers.

Restore point
Select the time to filter by when the restore points were created.
date

Status Select one or more check boxes to filter by status.

Compliance Select one or more check boxes to filter by the compliance status.

Filtering options in the Policies panel

In the Main view side panel, select one or more filtering options:

Filtering
Action
option

Select one or more options to filter by the compliance status (a policy is

considered compliant if all virtual machines to which this policy is
assigned are compliant with the policy settings):
Compliance
l Success
l Failure
l Undefined

Filtering options in the Targets panel

In the Main view side panel, select one or more filtering options:

Filtering
Action
option

Select one or more check boxes to filter by the Azure storage account
kind:
Kind l Storage
l StorageV2
l BlobStorage

Select one or more check boxes to filter by the health of the target:
l Ok
Health l Warning
l Error
l Undefined

Filtering options in the Tasks panel

In the Main view side panel, select one or more filtering options:

63
5 Performing daily tasks

Filtering
Action
option

Resource
From the drop-down menu, select the resource groups of interest.
groups

From the drop-down menu, select the items to filter the list to include
Authority only the tasks that are the results of the selected authority's actions
(users or service principals).

From the drop-down menu, select the items to filter the list to include
Type only the tasks according to their type (for example, running a backup,
performing a restore, restoring individual files, and so on).

Select one or more options to filter by the status of the task:

l Ready
l Running
l Pausing
l Paused
Status l Aborting
l Aborted
l Done
l Failed
l Done with errors
l Skipped

Specify a time range to limit your search for tasks. You can select one of
the predefined time ranges (Last 1 hour, Last 24 hours, or Last week),
Time range
or use the calendar to select the start date and hour and the end date
and hour of the time range for tasks to be displayed.

Filtering options in the Events panel

In the Main view side panel, select one or more filtering options:

Filtering
Action
option

Resource
From the drop-down menu, select the resource groups of interest.
groups

From the drop-down menu, select the items to filter the list to include
Category
only the selected event categories.

From the drop-down menu, select the items to filter the list to include
Authority only the events that are the results of the selected authority's actions
(users or service principals).

64
5 Performing daily tasks

Filtering
Action
option

Select one or more options to filter by the severity level of the event:
l Info
Severity
l Warning
l Error

Specify a time range to limit your search for events. You can select one
of the predefined time ranges (Last 1 hour, Last 24 hours, or Last
Time range
week), or use the calendar to select the start date and hour and the
end date and hour of the time range for events to be displayed.

Managing targets
You can view target information, edit a target, or remove a target if you do not want to use it
for storing the backup data anymore.

Consideration
Only Azure storage accounts that were added to HYCU for Azure as targets either
automatically or manually are listed in the Targets panel. Snapshots are not included in this
list.

Accessing the Targets panel

To access the Targets panel, in the navigation pane, click  Targets.

Viewing target information

You can view the information about each target in the list of targets in the Targets panel.

Target
Description
information

Name of the target.

Name t Tip If you click a target name, you are directed to the Azure
portal where you can view more details about the related target.

Region Azure region where the target resides.

Storage account kind of the target in Azure: Storage (general

Kind
purpose v1), StorageV2 (general purpose v2), or BlobStorage.

Shows the status of the target:

Status l Active: You can use the target for backup and restore operations.
l Inactive: The target has been deactivated in HYCU for Azure and

65
5 Performing daily tasks

Target
Description
information

you can use it only for restore operations.

l Inaccessible on Azure: Insufficient permissions are set on the
target in Azure and HYCU for Azure cannot access the target.
l Deleted from Azure: The target no longer exists in HYCU for
Azure.
For instructions on how to change the status of active or inactive
targets, see “Activating or deactivating a target” on the next page.

Size limit Amount of storage space for storing backup data.

Health status of the target:

l  The target is in a healthy state. The utilization of storage space
for backup data is less than 90 percent of the specified size limit.
l  The utilization of storage space for backup data is over 90
percent of the specified size limit.
Health
l  The utilization of storage space for backup data is over the
specified size limit, the target has been deleted from Azure, or
the target is not accessible due to an I/O error, insufficient
permissions, or some other reason.
l  The target health has not been checked yet.
Ratio (in percentage) of storage space used for backup data to free
Utilization
storage space according to the specified size limit.

Shows whether the target was created automatically by HYCU for

Automatic
Azure (h) or not (x).

n Note To open the Details section where you can find more details about the target,
click the desired target.

Editing a target
Limitation
You cannot edit targets whose status is Inaccessible on Azure or Deleted from Azure.

Procedure
1. In the Targets panel, select the target that you want to edit, and then click  Edit.

2. Edit the selected target as required. For details on target properties, see “Adding a
storage account to HYCU for Azure” on page 21.
3. Click Save.

66
5 Performing daily tasks

Activating or deactivating a target

Prerequisite
For target deactivation: The target is not specified as the location for storing data in any of the
policies.

Limitations
l You cannot deactivate targets that were created automatically by HYCU for Azure.
l You cannot activate or deactivate targets whose status is Inaccessible on Azure or
Deleted from Azure.

Procedure
1. In the Targets panel, select the target that you want to activate or deactivate.

2. Change the status of the selected target by clicking  Activate or  Deactivate.

3. Only if you are deactivating a target. Click Yes to confirm that you want to deactivate the
selected target.
If you deactivate a target, this target will not be used for backup and restore operations
anymore.
You can check the status of each target in the list of targets in the Targets panel.

Removing a target
If you do not want to use a target for storing backup data anymore, you can remove it from
HYCU for Azure.

Prerequisites
l No backup data is stored on the target.
l The target is not specified as the location for storing data in any of the policies.

Consideration
Removing the target from HYCU for Azure does not remove the corresponding storage
account from Azure, but only deletes the backup data from it.

Procedure
1. In the Targets panel, select the target that you want to remove, and then click
 Remove.
2. Click Yes to confirm that you want to remove the selected target.

Managing policies
You can view policy information, edit a policy, or delete a policy if you do not want to use it
for protecting data anymore.

67
5 Performing daily tasks

Consideration
You cannot view information about the Exclude policy, edit it, or delete it.

Accessing the Policies panel

To access the Policies panel, in the navigation pane, click  Policies.

Viewing policy information

You can view information about each policy in the list of policies in the Policies panel.

Policy information Description

Name Name of the policy.

Compliance status of the policy:

l  The policy is compliant.
Compliance l  The policy is non-compliant.
l  Policy compliance is undefined. The policy is not assigned
to any virtual machine or this is the Exclude policy.

Virtual machine Number of the virtual machines that have the policy assigned to
count them.

Description Description of the policy.

n Note To open the Details section where you can find more details about the policy,
click the desired policy.

Editing a policy
Procedure
1. In the Policies panel, select the policy that you want to edit, and then click  Edit.

2. Edit the selected policy as required. For details on policy properties, see “Creating a
custom policy” on page 23.
3. Click Save.

Deleting a policy
Procedure
1. In the Policies panel, select the policy that you want to delete, and then click  Delete.

2. Click Yes to confirm that you want to delete the selected policy.

68
5 Performing daily tasks

Performing a manual backup

HYCU for Azure backs up your data automatically after you assign a policy to the selected
virtual machine. However, you can also back up your data manually at any time (for
example, for testing purposes or if an automatic backup fails).

Consideration
When the assigned policy uses a backup window, manual backups may prevent the
scheduled backup for the virtual machine from starting within the defined time frame. If
this happens, the virtual machine becomes non-compliant with the policy settings until the
next backup window or the next manual backup.

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Procedure
1. In the Virtual Machines panel, select the virtual machines that you want to back up.

2. Click  Backup to perform the backup of the selected virtual machines.

3. Click Yes to confirm that you want the manual backup to start.

t Tip In the navigation pane, click  Tasks to check the overall progress of the
backup.

Expiring backups manually

HYCU for Azure expires backups automatically according to the retention period that is set
for the backup data in the policy. However, if there is a restore point that you do not want to
use for restoring data anymore, you can at any time expire it manually. You can do this also
for restore points whose backup status is Failed or Aborted if you want to free storage
space.

A restore point represents data that was backed up at a specified point in time. Your restore
point can contain one or more tiers—Backup, Copy, Archive—that can be marked as
expired also individually. Keep in mind that the Catalog tier cannot be marked as expired.

t Tip By pausing on the tier indicated by an icon in the Details section of the Virtual
Machines panel, you can check the backup, copy, and/or archive expiration time.
You can mark as expired one of the following:
l Whole restore point
Make sure that all tiers are marked for expiration.
l One or more tiers
Make sure that only tiers that you want to expire are marked for expiration.

i Important Marking a restore point or its tiers as expired cannot be undone.

69
5 Performing daily tasks

Accessing the Virtual Machines panel

To access the Virtual Machines panel, in the navigation pane, click  Virtual Machines.

Procedure
1. In the Virtual Machines panel, click the virtual machine for which you want to expire a
backup. The Details section appears at the bottom of the screen.

n Note The Details section appears only if you click a virtual machine. Selecting
the check box before the name of the virtual machine will not open the Details
section.

2. In the Details section, select the restore point that you want to mark as expired.

3. Click  Expire.

4. Make sure the tiers that you want to mark as expired are selected:
l Backup (Snapshot)
l Backup (Target)
l Copy
l Archive - daily
l Archive - weekly
l Archive - monthly
l Archive - yearly

The tiers that are available for expiration are based on the options that you set in your
policy. By selecting all the tiers, you mark the entire restore point as expired.
5. Click Yes to confirm that you want the selected tiers to be marked as expired.

HYCU for Azure automatically removes the expired backup during the next retention
maintenance task.

70
Chapter 6

Customizing HYCU for Azure

After you subscribe to HYCU for Azure, as an administrator, you can perform various tasks
to customize HYCU for Azure for your data protection environment.

Task Instructions

Change roles, set the default role for users

“Managing roles” below
and service principals, and delete users.

Add, edit, and delete service principals, as

“Configuring service principals” on page 73
well as change the default service principal.

Create, edit, and remove protection sets, as

well as add resource groups to protection “Managing protection sets” on page 75
sets by using tags.

View and manage HYCU for Azure “Managing HYCU for Azure subscriptions”

subscriptions. on page 77

Managing roles
A role determines the scope of actions that can be performed in the HYCU for Azure data
protection environment by a specific user or service principal. This means that access to
data and information within the data protection environment is limited based on the
assigned role. As an administrator, you can manage these roles and define what actions
can be performed by each authority.

Considerations
l Each user that signs in to HYCU for Azure or each configured service principal has by
default the Administrator role assigned unless set otherwise. For details on changing
the default role, see “Changing the default role” on page 73.
l At least one user and one service principal that have the Administrator role assigned
must exist in the data protection environment.
l If multiple protection sets are available in your data protection environment, a user or a
service principal has the same role in all protection sets within the same subscription.

71
6 Customizing HYCU for Azure

l If a user or a service principal has access to multiple subscriptions, they can have
different roles assigned in different subscriptions. The user can also switch among
these subscriptions while being signed in to HYCU for Azure.

Accessing the Roles dialog box

To access the Roles dialog box, click  on the toolbar, and then select Roles.

HYCU for Azure roles

A user or a service principal can be assigned one or more of the following roles:

Role Allowed actions

Acquire information about virtual machines, policies, targets,

Viewer tasks, events, reports, service principals, and protection sets in the
data protection environment.

Acquire the same information as Viewer, define backup strategies,

Backup Operator
and back up virtual machines.

Acquire the same information as Viewer and restore virtual

Restore Operator
machines.

Reserved for service principals. Migrate protected data from the on-
premises environment to Azure and the other way round by using
Protégé Operator
the HYCU SpinUp functionality. For details on how to employ HYCU
Protégé, see HYCU documentation.

Administrator Perform all actions in the data protection environment.

Changing a role
Consideration
If you plan to change your own role, keep in mind that you will not be able to change it
back to Administrator yourself.

Procedure
1. In the Roles dialog box, from the list of available authorities (users and service
principals), select the one to which you want to assign a different role.

t Tip You can also search for an authority by entering its name in the Search
field.

2. Click  Change Role. The Role Change dialog box opens.

3. From the Role drop-down menu, select the role that you want to assign to the user or
the service principal.

72
6 Customizing HYCU for Azure

n Note You can assign multiple roles to the same user or service principal if the
needs of your data protection environment require it.

Changing the default role

You can at any time change the default role for users and service principals. This means
that all new users that sign in to HYCU for Azure and all newly configured service principals
will automatically acquire the new default role.

Procedure
1. Click  Change Role next to Default Role at the upper right of the Roles dialog box.
The Default Role Change dialog box opens.
2. From the Role drop-down menu, select which role you want to be the default one.

3. Click Save.

Deleting a user
Considerations
l Deleting a user from HYCU for Azure does not remove it from Azure.
l You cannot delete yourself from HYCU for Azure.
l Any upcoming data protection tasks related to the user that you delete will be
automatically assigned to you.

Procedure
1. In the Roles dialog box, from the list of available users, select the one that you want to
delete.

t Tip You can also search for a user by entering their name in the Search field.
2. Click  Remove. The Remove dialog box opens.

3. Click Yes to confirm that you want the selected user to be deleted from HYCU for Azure.

Configuring service principals

For security reasons, a service principal is used instead of a user identity to run automated
tasks in HYCU for Azure. The service principal is a service account that has access to a
predefined set of Azure resources and is always used to run automated tasks instead of
your own account.

You can define as many service principals as your business requires. Take into account that
HYCU for Azure automatically creates a service principal for you in Azure, adds it to
HYCU for Azure as the default service principal, and sets it as the active service principal. The
default service principal is represented by theicon and the active service principal is
represented by theicon.

73
6 Customizing HYCU for Azure

Prerequisites
l Only if you plan to use a service principal other than the default one. You have created a
service principal in Azure.
l The service principal—the default one or the one you have created yourself—must
have the Contributor role assigned at the subscription level. For instructions on how to
assign a role to a service principal, see Azure documentation.

Accessing the Service Principals dialog box

To access the Service Principals dialog box, click  on the toolbar, and then select
Service Principals.

Adding a service principal

Procedure
1. In the Service Principals dialog box, click  Add.

2. In the Name field, enter a name for your service principal.

n Note It is recommended that you enter the same name for the service
principal as the one that you used when registering the application and creating the
service principal.

3. In the Tenant ID field, enter your tenant ID.

4. In the Application ID field, enter the ID of the application's registration in your Azure
Active Directory.
5. In the Application secret field, enter the secret that is associated with the application ID.

6. Click Save.

Setting the active service principal

Consideration
The default service principal is the one that is used to run automated tasks unless you set
another service principal as the active service principal.

Procedure
1. In the Service Principals dialog box, select the service principal that you want to set as
the active service principal.
2. Click  Set Active.

The icon appears next to the service principal indicating that you have successfully set it
as the active service principal.

74
6 Customizing HYCU for Azure

Editing a service principal

Procedure
1. In the Service Principals dialog box, select the service principal that you want to edit,
and then click  Edit.
2. Edit the selected service principal as required.

3. Click Save.

Deleting a service principal

You can at any time delete a service principal that you no longer need from HYCU for Azure.
Deleting the service principal from HYCU for Azure does not remove it from Azure.

Considerations
l The default service principal that is automatically created and added to HYCU for Azure
cannot be deleted.
l Only if a service principal other than the default one is set as the active service principal. If you
delete the active service principal, the default service principal is automatically set as the
active service principal.

Procedure
1. In the Service Principals dialog box, select the service principal that you want to delete,
and then click  Delete.
2. Click Yes to confirm that you want to delete the selected service principal.

Managing protection sets

If you have the required permissions granted, you can create a new protection set, edit an
existing protection set, add a resource group to a protection set by using tags, or remove a
protection set from HYCU for Azure. For details on protection sets, see “Determining the
scope of data protection” on page 20.

Accessing the Protection Sets dialog box

To access the Protection Sets dialog box, click  on the toolbar, and then select
Protection Sets.

Creating a protection set

Procedure
1. In the Protection Sets dialog box, from the Subscription drop-down menu, select the
HYCU for Azure subscription for which you want to create a new protection set.
2. Click  New.

75
6 Customizing HYCU for Azure

3. Enter a name for your protection set.

4. From the list of available resource groups, select one or more resource groups that you
want to include in the protection set.

t Tip You can search for a resource group by entering its name in the Search
field and then pressing Enter. By selecting the Resource group check box, you select
all resource groups at once.

5. Click Save.

The protection set is created and added to the list of protection sets.

Editing a protection set

Consideration
You cannot edit the default protection set created by HYCU for Azure.

Procedure
1. In the Protection Sets dialog box, from the list of protection sets, select the one that you
want to edit, and then click  Edit.
2. Edit the selected protection set as required.

3. Click Save.

Adding a resource group to a protection set by using

tags
As an alternative to adding a resource group to a protection set in HYCU for Azure, you can
also add a resource group to a protection set by adding the hycu-protection-set tag to
the resource group in Azure. This is especially useful if you create several resource groups
at once by using scripts and you want to add them to one or more protection sets during
the process.

Prerequisite
The protection set to which you want to add the resource group must already be created in
HYCU for Azure.

To add the tag to the resource group, use the following name/value pair:

Name Value

hycu-protection-set <ProtectionSetName>a

a The name of the protection set to which you want to add the resource group.

The resource group is automatically added to the preferred protection set during the next
virtual machine synchronization in HYCU for Azure.

76
6 Customizing HYCU for Azure

Removing a protection set

Consideration
You cannot remove the default protection set created by HYCU for Azure.

Procedure
1. In the Protection Sets dialog box, from the list of protection sets, select the one that you
want to remove from HYCU for Azure, and then click  Delete.
2. Click Yes to confirm that you want to remove the selected protection set.

Managing HYCU for Azure subscriptions

In the SaaS Subscription Information dialog box, you can view and manage your HYCU for
Azure subscriptions. The following information is available for each subscription:
l Subscriber's name and company
l Notification email recipients

n Note If this field is empty, all important notifications related to the HYCU for
Azure subscription, such as support and upgrade information, are by default sent
to the email address that was provided when subscribing to HYCU for Azure. It is
recommended that you verify this email address and, if required, update the list of
email addresses to which the notifications are sent.

l HYCU for Azure subscription ID, activation status, and software plan

n Note If you determine that another software plan would be more suitable for
your data protection environment, you can change it directly from this dialog box.

l Azure subscription name and ID

l List of all resource groups within the selected subscription
You can also unsubscribe from HYCU for Azure from this dialog box. For details on how to
cancel your HYCU for Azure subscription, see “Canceling your HYCU for Azure subscription”
on page 79.

Accessing the SaaS Subscription Information dialog box

To access the SaaS Subscription Information dialog box, click  on the toolbar, and then
select SaaS Subscription Information.

Prerequisite
Only if you plan to change the software plan. You have signed in to HYCU for Azure with the
same user account that you used for subscribing to the service.

77
6 Customizing HYCU for Azure

Procedure
1. In the SaaS Subscription Information dialog box, from the SaaS subscription drop-
down menu, select the HYCU for Azure subscription that you want to view or customize.
2. Only if you plan to specify email addresses for notifications. In the Notification email
recipients field, enter one or more email addresses to which the notifications related to
the selected HYCU for Azure subscription will be sent.
3. Only if you plan to change the HYCU for Azure software plan. From the Software plan drop-
down menu, select the HYCU for Azure software plan that is best suitable for your data
protection environment.
4. Click Update, and then click Yes to confirm the changes.

5. Click Close.

78
Chapter 7

Canceling your HYCU for

Azure subscription
If for whatever reason you decide that you no longer want to use HYCU for Azure for
protecting your data, you can easily cancel your HYCU for Azure subscription.

Prerequisite
You have signed in to HYCU for Azure with the same user account that you used for
subscribing to the service.

Procedure

Task Instructions

In HYCU for Azure, unassign policies from all virtual machines:

1. In the navigation pane, click  Virtual Machines.

2. Select all the virtual machines, and then click  Policies.

1. Stop charges for 3. Click Unassign, and then click Yes to confirm that you

backup and recovery. want to unassign the policies from the selected virtual
machines.

i Important Only if multiple protection sets are available

in your data protection environment. Make sure to follow
these steps for each protection set separately.

In Azure, do the following:

l Delete all automatically created storage accounts and all
2. Stop charges for backup data that is stored in manually created storage
backup data storage. accounts.
l Delete all snapshots created by HYCU for Azure.
For instructions, see Azure documentation.

In HYCU for Azure, do the following:

3. Unsubscribe from
1. Navigate to the SaaS Subscription Information dialog box
HYCU for Azure.
by clicking  on the toolbar, and then selecting SaaS

79
7 Canceling your HYCU for Azure subscription

Task Instructions

Subscription Information.
2. From the SaaS subscription drop-down menu, select the
HYCU for Azure subscription that you want to cancel.
3. Click Unsubscribe.

4. Click Yes to confirm that you want to unsubscribe from

the selected HYCU for Azure subscription.

4. Prevent HYCU for In Azure, revoke the consent for HYCU for Azure by removing
Azure from accessing it from the list of app registrations. For details on how to do
data on your behalf. this, see Azure documentation.

5. Delete HYCU for

In Azure, delete HYCU for Azure from the list of SaaS
Azure as a SaaS
applications. For details on how to do this, see Azure
application from
documentation.
Azure.

After you cancel your HYCU for Azure subscription, your data is kept for 14 days before it is
permanently deleted. If during this period you change your mind and you want to continue
using HYCU for Azure, contact HYCU Customer Support.

80
Chapter 8

Troubleshooting
If you encounter a problem while using HYCU for Azure, use the following approach to
troubleshoot it:
1. Check if your problem is described in the knowledge base at https://support.hycu.com/
and apply the recommended solution.
2. If you cannot find the problem in the list of known problems, try to solve it on your
own. When doing so, you first need to identify the cause of the problem, collect and
analyze all available information about it, and then solve the problem. Answering the
following questions may help you to solve your problem:
a. Did you fulfill all the prerequisites and are you aware of all the limitations that come
with HYCU for Azure?
b. Do you receive any errors?
You can view all events that occurred in your environment in the Events panel. In
addition, you can track tasks that are running in your data protection environment
and get an insight into the specific task status. For this purpose, use the Tasks
panel. For detailed information on events and tasks, see “Viewing events” on
page 50 and “Checking the status of tasks” on page 50.
c. Is your problem related to any third-party hardware or software?
In this case, contact the respective vendor for support.
3. If the problem still persists, contact HYCU Customer Support. It is recommended that
you collect and send the following information to HYCU Customer Support:
l Description of your data protection environment
l Description of your problem
l Results of any testing you have done (if available)

81
8 Troubleshooting

Figure 8–1: Major steps of the troubleshooting process

82
Appendix A

Deploying a HYCU backup

controller
If you are employing HYCU Protégé, you can use the HYCU for Azure web user interface to
deploy a HYCU backup controller virtual machine to Azure in the event of a disaster in the
on-premises data protection environment.

For details on the supported on-premises infrastructures and how to employ HYCU
Protégé, see HYCU for Enterprise Clouds documentation.

Prerequisites
l You own the HYCU and HYCU Protégé licenses. For details on how to obtain these
licenses, see HYCU for Enterprise Clouds documentation.
l You have the Administrator role assigned.

Consideration
Minimum requirements for the HYCU backup controller are 4 vCPU cores and 4 GiB of
memory.

Accessing the HYCU Controller Deployment dialog box

To access the HYCU Controller Deployment dialog box, click  on the toolbar, and then
select HYCU Controller Deployment.

Procedure
1. From the Subscription drop-down menu, select the Azure subscription that is
connected with HYCU for Azure and to which you want to deploy the HYCU backup
controller.
2. From the Resource group drop-down menu, select the resource group to which you
want to deploy the HYCU backup controller.
3. From the Location drop-down menu, select the geographic region for the HYCU
backup controller.

i Important Make sure that at least one virtual network is configured in the

selected resource group location.

4. From the Availability Zone drop-down menu, select the zone for the HYCU backup

83
A Deploying a HYCU backup controller

controller.

n Note The selected geographic region determines to which zones you can

deploy the HYCU backup controller. If you do not want to deploy the HYCU backup
controller to any zone, select None.

5. Click Next.

6. In the VM name field, enter a name for the HYCU backup controller.

7. In the vCPU cores field, enter the number of virtual CPUs to be assigned to the HYCU
backup controller multiplied by the number of cores per virtual CPU. The value that you
specify must be a whole number and cannot be higher than 1024.
8. In the Memory field, enter the amount of memory (in GiB) to be assigned to the HYCU
backup controller. The value that you specify must be a whole number and cannot be
higher than 4096.
9. From the Virtual machine type drop-down menu, select the virtual machine type.

n Note The list of available virtual machine types is based on the number of

virtual CPU cores and the amount of memory that you specified. If no virtual
machine type exactly corresponds to the specified values, the closest matches are
shown.

10. Under Network interfaces, you can view the network interface that will be added to the
HYCU backup controller. By default, this is the first network interface from the resource
group that you selected for the HYCU backup controller. If required, you can also
modify network settings.

Modifying network settings

If you want to modify network settings, you can add an additional network interface,
edit an existing network interface, or delete a network interface:

n Note The list of available virtual networks includes only the ones

within the region you selected for the HYCU backup controller.

b. Select the subnet to which the network interface should be assigned.

c. In the Public IP address type field, select the public IP address for the network
interface. You can select among the following options:

Option Description

No public IP address will be assigned to the network

None
interface on the HYCU backup controller.

84
A Deploying a HYCU backup controller

Option Description

A dynamic IP address will be assigned to the network

Dynamic
interface on the HYCU backup controller.

A static IP address will be assigned to the network interface

Static
on the HYCU backup controller.

A preferred public IP address resource that you have

Existing created in Azure will be assigned to the network interface on
the HYCU backup controller.

d. In the Private IP address type field, select the private IP address for the
network interface. You can select between the following options:

Option Description

A dynamic IP address will be assigned to the network

Dynamic
interface on the HYCU backup controller.

A static IP address will be assigned to the network interface

Static
on the HYCU backup controller.

e. Click Add or Save.

l Click  Delete next to the network interface that you want to delete. Keep in
mind that you cannot deploy the HYCU backup controller without a network
interface.

11. Click Deploy.

Accessing the HYCU web user interface

After you deploy the HYCU backup controller, you must perform the following tasks in
Azure to be able to access the HYCU web user interface:

Task Instructions

Create an inbound security rule to allow traffic. Specify the

following settings:

1. Configure a port. l Source port ranges: * (to allow any source port)
l Destination port ranges: 8443
For instructions, see Azure documentation.

2. Create a public For instructions on how to create a public IP address, see
IP address. Azure documentation.

You can access the HYCU web user interface by entering the following URL:

85
A Deploying a HYCU backup controller

https://<HYCUBackupControllerPublicIPAddress>:8443

You can also access the HYCU web user interface by providing a host name instead of a
public IP address. In this case, you must configure an alias record to refer to the public IP
address. For instructions on how to do this, see Azure documentation.

On the logon page, enter your logon name and password. You can use the default user
name and password for initial access:

User name: admin

Password: admin

For security purposes, it is highly recommended that you change the default password.

86
Provide feedback
For any suggestions and comments regarding this product or its documentation, send us
an e-mail to:

info@hycu.com

We will be glad to hear from you!

www.hycu.com

The Product Manager's Desk Reference, Third Edition
From Everand
The Product Manager's Desk Reference, Third Edition
Steven Haines
No ratings yet
MC Afee Grant Number
No ratings yet
MC Afee Grant Number
5 pages
Azure
No ratings yet
Azure
108 pages
Manual Testing Assignment
No ratings yet
Manual Testing Assignment
16 pages
1.1 Library of 800+ Useful Email Phrases
50% (2)
1.1 Library of 800+ Useful Email Phrases
32 pages
Back Up Azure Virtual Machines To A Recovery Services Vault PDF
No ratings yet
Back Up Azure Virtual Machines To A Recovery Services Vault PDF
712 pages
DD OS 5.2 Command Reference Guide
No ratings yet
DD OS 5.2 Command Reference Guide
330 pages
HYCU Protégé For Azure: Implementation Guide
No ratings yet
HYCU Protégé For Azure: Implementation Guide
19 pages
HYCU UserGuide 4.3.1
No ratings yet
HYCU UserGuide 4.3.1
316 pages
HYCU UserGuide 4.1.3
No ratings yet
HYCU UserGuide 4.1.3
258 pages
HYCU_UserGuide
No ratings yet
HYCU_UserGuide
277 pages
HYCU For AWS User Guide
No ratings yet
HYCU For AWS User Guide
96 pages
HYCU Data Protection for Enterprise Clouds
No ratings yet
HYCU Data Protection for Enterprise Clouds
42 pages
Azure Security Document
No ratings yet
Azure Security Document
712 pages
Az 104t00a Enu Powerpoint 10
No ratings yet
Az 104t00a Enu Powerpoint 10
28 pages
Lesson - 06 - Monitor and Backup Azure Resources
No ratings yet
Lesson - 06 - Monitor and Backup Azure Resources
57 pages
Introduction To Azure Fundamentals
No ratings yet
Introduction To Azure Fundamentals
15 pages
HYCU UserGuide
No ratings yet
HYCU UserGuide
95 pages
HYCU_TroubleshootingGuide
No ratings yet
HYCU_TroubleshootingGuide
36 pages
All About Microsoft Azure
No ratings yet
All About Microsoft Azure
18 pages
Get Started - Azure Backup
No ratings yet
Get Started - Azure Backup
3 pages
Learning Path 1
No ratings yet
Learning Path 1
10 pages
Giant Image Parts A4
No ratings yet
Giant Image Parts A4
6 pages
Azure Backup Onprem & Cloud - v2
No ratings yet
Azure Backup Onprem & Cloud - v2
13 pages
005 Business Continuity DR EDM
No ratings yet
005 Business Continuity DR EDM
35 pages
Azure Interview
No ratings yet
Azure Interview
73 pages
LP 1493
No ratings yet
LP 1493
20 pages
EOS - Infra Migration Partner-Led Workshop
No ratings yet
EOS - Infra Migration Partner-Led Workshop
74 pages
Project 1 - Comprehensive Cloud Plan - Sa
No ratings yet
Project 1 - Comprehensive Cloud Plan - Sa
10 pages
Microsoft Certified Azure Fundamentals AZ-900 Quick Reference Sheet
No ratings yet
Microsoft Certified Azure Fundamentals AZ-900 Quick Reference Sheet
45 pages
SC 100t00a Enu Powerpoint 02
No ratings yet
SC 100t00a Enu Powerpoint 02
74 pages
Conversational Azure Backup Best Practices PDF
No ratings yet
Conversational Azure Backup Best Practices PDF
28 pages
M07 BackupAutomation Handouts
No ratings yet
M07 BackupAutomation Handouts
13 pages
HYCU Toc
No ratings yet
HYCU Toc
3 pages
005 Continuity
No ratings yet
005 Continuity
26 pages
Azure - Intro To Azure Security (2017)
No ratings yet
Azure - Intro To Azure Security (2017)
19 pages
Azure Fundamentals (AZ-900)
No ratings yet
Azure Fundamentals (AZ-900)
56 pages
Az 104t00a Enu Powerpoint 10
No ratings yet
Az 104t00a Enu Powerpoint 10
29 pages
CHIAMAKA FIRST EVENT
No ratings yet
CHIAMAKA FIRST EVENT
27 pages
Design Azure Security
100% (1)
Design Azure Security
885 pages
Microsoft Azure IAAS Solutions Ebook
No ratings yet
Microsoft Azure IAAS Solutions Ebook
51 pages
AZURE
No ratings yet
AZURE
28 pages
Microsoft Azure Overview
100% (1)
Microsoft Azure Overview
12 pages
Microsoft Cloud Lessons Learned
No ratings yet
Microsoft Cloud Lessons Learned
12 pages
Azure Introduction
No ratings yet
Azure Introduction
97 pages
Azure Learning
No ratings yet
Azure Learning
16 pages
Original
No ratings yet
Original
14 pages
Azure Discovery Day
No ratings yet
Azure Discovery Day
117 pages
AZ-900T00A-ENU-PowerPoint-02
No ratings yet
AZ-900T00A-ENU-PowerPoint-02
63 pages
Azure Backup Datasheet PDF
No ratings yet
Azure Backup Datasheet PDF
2 pages
Azure Backup Datasheet
No ratings yet
Azure Backup Datasheet
2 pages
Fundamentals of azure
No ratings yet
Fundamentals of azure
5 pages
AZURE ADMINISTRATOR-COURSE CONTENT
No ratings yet
AZURE ADMINISTRATOR-COURSE CONTENT
6 pages
AZ 104T00A ENU PowerPoint - 02
No ratings yet
AZ 104T00A ENU PowerPoint - 02
39 pages
PoC Guide VM Migration To Azure Final
0% (1)
PoC Guide VM Migration To Azure Final
72 pages
Az 104t00a Enu Powerpoint 02
No ratings yet
Az 104t00a Enu Powerpoint 02
31 pages
04 Apr 2020 - Azure Fundamentals Part1
No ratings yet
04 Apr 2020 - Azure Fundamentals Part1
29 pages
Microsoft Services Hub: Webcast Series: Azure Technical Update Briefing Call
No ratings yet
Microsoft Services Hub: Webcast Series: Azure Technical Update Briefing Call
37 pages
Dokumen - Pub - Microsoft Azure in Action Meap v06
100% (1)
Dokumen - Pub - Microsoft Azure in Action Meap v06
341 pages
AZ 104T00A ENU PowerPoint - 10
100% (1)
AZ 104T00A ENU PowerPoint - 10
24 pages
ModernBiz Customer Presentation Azure PDF
No ratings yet
ModernBiz Customer Presentation Azure PDF
30 pages
Implementing Azure Backup PDF
No ratings yet
Implementing Azure Backup PDF
7 pages
005 Azure Continuity
No ratings yet
005 Azure Continuity
20 pages
Google Cloud Professional Cloud Security Engineer 100+ Practice Exam Questions with Detailed Answers
From Everand
Google Cloud Professional Cloud Security Engineer 100+ Practice Exam Questions with Detailed Answers
vivian njoroge
No ratings yet
3.1 How To Compose Clear Email Messages
No ratings yet
3.1 How To Compose Clear Email Messages
4 pages
Veeam Ransomware Trends Report 2022
No ratings yet
Veeam Ransomware Trends Report 2022
24 pages
Dell Emc Powerprotect Ddve in The Azure Cloud: Installation and Administration Guide
No ratings yet
Dell Emc Powerprotect Ddve in The Azure Cloud: Installation and Administration Guide
49 pages
Dell Emc Powerprotect DD Virtual Edition On Microsoft Azure: Technical White Paper
No ratings yet
Dell Emc Powerprotect DD Virtual Edition On Microsoft Azure: Technical White Paper
28 pages
AWS VTL Tape Gateway For Veeam Tape Backup Job
No ratings yet
AWS VTL Tape Gateway For Veeam Tape Backup Job
51 pages
Veeam Rental Licensing and Usage Reporting: Reference Guide
No ratings yet
Veeam Rental Licensing and Usage Reporting: Reference Guide
36 pages
MHVTL
No ratings yet
MHVTL
6 pages
Veeam Cloud Data Management Platform: Pricing For Veeam Cloud & Service Provider (VCSP) Partners
No ratings yet
Veeam Cloud Data Management Platform: Pricing For Veeam Cloud & Service Provider (VCSP) Partners
2 pages
NetBackup7.5 AdminGuide OpsCenter
No ratings yet
NetBackup7.5 AdminGuide OpsCenter
1,106 pages
Actifio On Vault Configuration
No ratings yet
Actifio On Vault Configuration
34 pages
NetApp Tools and Resources
No ratings yet
NetApp Tools and Resources
42 pages
Configuration Issue With Netbackup Realtime Protection 4.5 and Alternate Client Backup
No ratings yet
Configuration Issue With Netbackup Realtime Protection 4.5 and Alternate Client Backup
4 pages
Troubleshooting CM
No ratings yet
Troubleshooting CM
6 pages
Oracle Work Flow Mailer Set Up Procedures
No ratings yet
Oracle Work Flow Mailer Set Up Procedures
11 pages
Unit I Cyber Law IX Details
No ratings yet
Unit I Cyber Law IX Details
31 pages
Module 3 Basic Computer Concepts
No ratings yet
Module 3 Basic Computer Concepts
23 pages
Sy Enc50122 User Manual
No ratings yet
Sy Enc50122 User Manual
23 pages
Introduction To Administering New Features in PAN-OS 6.1 FINAL
No ratings yet
Introduction To Administering New Features in PAN-OS 6.1 FINAL
55 pages
Public Key Infrastructure (PKI) : Providing Secure Communications and Authentication Over An Open Network
No ratings yet
Public Key Infrastructure (PKI) : Providing Secure Communications and Authentication Over An Open Network
18 pages
Instant Messaging System
No ratings yet
Instant Messaging System
17 pages
Epselon Banner Brochure
No ratings yet
Epselon Banner Brochure
4 pages
Onedrive For Business Instructor Guide Eval
No ratings yet
Onedrive For Business Instructor Guide Eval
42 pages
Chapter 6 Threads
No ratings yet
Chapter 6 Threads
24 pages
EcoStruxure Hybrid DCS Licensing Guide - Eng - EIO0000001261.12
No ratings yet
EcoStruxure Hybrid DCS Licensing Guide - Eng - EIO0000001261.12
50 pages
Module 1 and 2: F.L. Vargas College Inc
No ratings yet
Module 1 and 2: F.L. Vargas College Inc
6 pages
Introduction To Embedded Systems
No ratings yet
Introduction To Embedded Systems
50 pages
Circuit-Switching and Packet-Switching Networks
No ratings yet
Circuit-Switching and Packet-Switching Networks
5 pages
Frost Sullivan Advanced Malware Analysis Report
No ratings yet
Frost Sullivan Advanced Malware Analysis Report
7 pages
Btec HND in Computing Database Design & Development Submitted by
No ratings yet
Btec HND in Computing Database Design & Development Submitted by
5 pages
Secure File Sharing Using RSA and AES
No ratings yet
Secure File Sharing Using RSA and AES
6 pages
Infra Pentesting
No ratings yet
Infra Pentesting
13 pages
4.3-4 M4.3-R4: Introduction To Ict Resources: DURATION: 03 Hours MARKS: 100
No ratings yet
4.3-4 M4.3-R4: Introduction To Ict Resources: DURATION: 03 Hours MARKS: 100
7 pages
Supercomputer Power Log (FLOPS 10 Y)
No ratings yet
Supercomputer Power Log (FLOPS 10 Y)
4 pages
Cambridge International Examinations: 0417/12 Information and Communication Technology
No ratings yet
Cambridge International Examinations: 0417/12 Information and Communication Technology
16 pages
Auditing Assignment 2
No ratings yet
Auditing Assignment 2
8 pages
Digital Signal Processing: Labno9
No ratings yet
Digital Signal Processing: Labno9
8 pages
192505
No ratings yet
192505
32 pages
Evolution of Media PPT Final
100% (2)
Evolution of Media PPT Final
50 pages
TSN 2201 Computer Networks: Lecture 01-Introduction
No ratings yet
TSN 2201 Computer Networks: Lecture 01-Introduction
64 pages
Network Sample Question Answers
0% (1)
Network Sample Question Answers
3 pages
Security Operations Engineer: Position Overview
No ratings yet
Security Operations Engineer: Position Overview
2 pages
Cell-Free Massive MIMO Versus Small Cells1
No ratings yet
Cell-Free Massive MIMO Versus Small Cells1
17 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.