What is the first step to start protecting my Azure Blob Storage?
What is the first step to start protecting my Azure Blob Storage?
To get started, you must first register your Azure subscription by logging in and accepting the required permissions. The setup process requires you to authorize the creation of Encryption Keys, which are used to encrypt your backups. Without this authorization, backups will fail for those subscriptions.
I see a note that "Storage is permanently assigned to a resource during first backup". What does this mean?
I see a note that "Storage is permanently assigned to a resource during first backup". What does this mean?
This means that when you configure Storage Rules to direct backups from an Azure Region to a Backup Storage location, that storage is permanently assigned to a resource when its first backup runs. It cannot be modified later.
How can I find a specific file to restore if I don't know which recovery point it's in?
How can I find a specific file to restore if I don't know which recovery point it's in?
The Restore interface has a search function that allows you to search for a blob, folder, or container name across all recovery points of a selected backup set. You can also use "Advanced Options" to search with more specific criteria, such as Blob Tag, File Type, File Size, File Extensions, or Date Modified.
What is the difference between "Include" and "Exclude" rules for backup content?
What is the difference between "Include" and "Exclude" rules for backup content?
When configuring a backup set, you can either choose to exclude specific blobs (based on file types, tags, or prefixes) or choose to include only specific blobs. You can select one or the other, but not both at the same time. The documentation notes that exclusion rules take precedence.
What happens if a backup or restore job fails?
What happens if a backup or restore job fails?
If a job fails, a "Critical" alert will be generated and it will appear in the Alerts section. You can click on the alert to view details which include the target backup set, a description of the failure, and a specific error message and error code. You can also find details about the job by navigating to the "Jobs" page.
What is "Data Lock" and should I use it?
What is "Data Lock" and should I use it?
Data Lock is a feature within a Backup Policy that prevents recovery points from accidental or malicious deletion. You can enable Data Lock when setting the retention rules for a policy. It is recommended to use this feature for enhanced security and to ensure your backups are immutable.
What types of storage accounts does Druva protect?
What types of storage accounts does Druva protect?
We support backup and restore for Standard general-purpose v2 storage accounts and Premium Block Blobs. For more information, read Storage account overview.
Which network configurations are supported for Storage Account backup and restore?
Which network configurations are supported for Storage Account backup and restore?
Backup and restore operations are supported for storage accounts that have "Public network access enabled from all networks", "Public network access enabled on selected networks", and "Public network access Disabled". This allows our service to communicate with the storage endpoint to manage data protection.
We do not protect storage accounts with select IP Addresses (we only support VNets).
Can I back up a Storage account if I have restricted access to specific networks?
Can I back up a Storage account if I have restricted access to specific networks?
Yes. We protect storage accounts that have "Public network access enabled from all networks", "Public network access enabled on selected networks", and "Public network access Disabled". This allows our service to communicate with the storage endpoint to manage data protection.
We do not protect storage accounts with select IP Addresses (we only support VNets).
Does Druva support protection of Azure Data Lake Storage and Hierarchical NameSpaces (HNS)?
Does Druva support protection of Azure Data Lake Storage and Hierarchical NameSpaces (HNS)?
No, not at this time.
Is Long Term Retention or Archive supported for Azure Blob Storage?
Is Long Term Retention or Archive supported for Azure Blob Storage?
No, not yet.
Are system-generated containers supported in Azure Blob Storage?
Are system-generated containers supported in Azure Blob Storage?
No. The following system-generated containers are not supported:
$logs
$web
$system
$blobchangefeed
$restore
$container-delete-history
Which Blob types and tiers are not supported?
Which Blob types and tiers are not supported?
The following Blob types are not supported:
Append blob
Page blob
β
The following Blob tiers are not supported:
Archive
Can I choose which Azure Access Tiers are included in my backup?
Can I choose which Azure Access Tiers are included in my backup?
Yes. During the Backup Content configuration, you must explicitly select Hot, Cool, or Cold tiers. Data residing in unselected tiers will be excluded from the backup job.
Why is the "Restore to Hot tier" option missing for my restore job?
Why is the "Restore to Hot tier" option missing for my restore job?
This option is context-aware. It only appears when the target Storage Account Kind (such as StorageV2) supports the Hot access tier. If the target account is a legacy or specialized type that lacks Hot tier support, the option is suppressed.
Are there extra costs for backing up Cool or Cold tiers?
Are there extra costs for backing up Cool or Cold tiers?
No, Druva does not charge additional fees for these tiers.
However, Microsoft Azure applies data retrieval and API request fees when Enterprise Workloads reads data from Cool or Cold tiers during backup or restore operations. Learn More.
Can I back up blobs in the Archive tier?
Can I back up blobs in the Archive tier?
No. The Archive tier is an offline tier. Blobs must be rehydrated to an online tier (Hot, Cool, or Cold) before They can be accessed for backup.
Why should I restore data to the Hot tier instead of the original tier?
Why should I restore data to the Hot tier instead of the original tier?
Restoring to the Hot tier is a cost-avoidance strategy. Azure charges significantly higher Write API fees for Cool and Cold tiers. Additionally, this allows you to promote the data to an active state if it is needed for immediate use, preventing further access fees associated with lower tiers. Learn More.
Can I change the access tier of a blob during the restore process?
Can I change the access tier of a blob during the restore process?
Yes. During the restore workflow, you can choose to restore blobs to their Original Tier or move them all to the Hot tier for immediate use.
Which encryption types are supported?
Which encryption types are supported?
Platform/Microsoft managed key (PMK/MMK)
Customer managed keys (CMK)
Which encryption type is currently not supported?
Which encryption type is currently not supported?
Customer provided key (CPK).
β
β