Acronis Backup 12.5 User Guide

Acronis Backup 12.5

Update 1

USER GUIDE

Table of contents

1 What's new in Acronis Backup ..........................................................................................7

1.1 What's new in Update 1 ............................................................................................................ 7

1.2 What's new in Acronis Backup 12.5 ........................................................................................... 7

2 Installation ......................................................................................................................9

2.1 Installation overview ................................................................................................................. 9

2.2 Components .............................................................................................................................11

2.3 Software requirements ............................................................................................................13

2.3.1 Supported web browsers ............................................................................................................................. 13

2.3.2 Supported operating systems and environments ...................................................................................... 14

2.3.3 Supported Microsoft SQL Server versions ................................................................................................... 17

2.3.4 Supported Microsoft Exchange Server versions ......................................................................................... 17

2.3.5 Supported Microsoft SharePoint versions .................................................................................................. 17

2.3.6 Supported Oracle Database versions .......................................................................................................... 17

2.3.7 Supported virtualization platforms .............................................................................................................. 18

2.3.8 Linux packages ............................................................................................................................................... 20

2.3.9 Compatibility with encryption software ...................................................................................................... 22

2.4 System requirements ...............................................................................................................23

2.5 Supported file systems ............................................................................................................24

2.6 On-premise deployment ..........................................................................................................26

2.6.1 Installing the management server ............................................................................................................... 26

2.6.2 Adding machines via the web interface ...................................................................................................... 29

2.6.3 Installing agents locally ................................................................................................................................. 33

2.6.4 Managing licenses ......................................................................................................................................... 37

2.7 Cloud deployment ...................................................................................................................38

2.7.1 Preparation .................................................................................................................................................... 38

2.7.2 Proxy server settings ..................................................................................................................................... 39

2.7.3 Installing agents ............................................................................................................................................. 40

2.7.4 Activating the account .................................................................................................................................. 41

2.8 Deploying agents through Group Policy ..................................................................................42

2.9 Updating agents .......................................................................................................................43

2.10 Uninstalling the product ..........................................................................................................43

3 Accessing the backup console ......................................................................................... 45

3.1 Configuring a web browser for Integrated Windows Authentication .....................................45

3.1.1 Adding the console to the list of local intranet sites .................................................................................. 46

3.1.2 Adding the console to the list of trusted sites............................................................................................. 48

4 Backup console views .................................................................................................... 51

5 Backup .......................................................................................................................... 52

5.1 Backup plan cheat sheet ..........................................................................................................53

5.2 Selecting data to back up .........................................................................................................56

5.2.1 Selecting files/folders .................................................................................................................................... 56

5.2.2 Selecting system state .................................................................................................................................. 57

5.2.3 Selecting disks/volumes ................................................................................................................................ 58

5.2.4 Selecting ESXi configuration ......................................................................................................................... 60

5.3 Selecting a destination .............................................................................................................60

5.3.1 About Secure Zone ........................................................................................................................................ 62

5.4 Schedule ...................................................................................................................................64

5.4.1 Schedule by events ....................................................................................................................................... 66

5.4.2 Start conditions ............................................................................................................................................. 67

5.5 Retention rules ........................................................................................................................70

5.6 Encryption ................................................................................................................................71

5.7 Notarization .............................................................................................................................72

5.8 Conversion to a virtual machine ..............................................................................................73

5.8.1 Conversion to a virtual machine in a backup plan ...................................................................................... 74

5.9 Replication ...............................................................................................................................75

5.9.1 Considerations for users with the Advanced license .................................................................................. 76

5.10 Starting a backup manually .....................................................................................................76

5.11 Backup options ........................................................................................................................77

5.11.1 Alerts .............................................................................................................................................................. 79

5.11.2 Backup consolidation .................................................................................................................................... 79

5.11.3 Backup file name ........................................................................................................................................... 79

5.11.4 Backup format ............................................................................................................................................... 82

5.11.5 Backup validation .......................................................................................................................................... 83

5.11.6 Backup start conditions ................................................................................................................................ 84

5.11.7 Changed block tracking (CBT) ....................................................................................................................... 84

5.11.8 Cluster backup mode .................................................................................................................................... 84

5.11.9 Compression level ......................................................................................................................................... 86

5.11.10 Email notifications ......................................................................................................................................... 86

5.11.11 Error handling ................................................................................................................................................ 86

5.11.12 Fast incremental/differential backup .......................................................................................................... 87

5.11.13 File filters ........................................................................................................................................................ 88

5.11.14 File-level backup snapshot ........................................................................................................................... 89

5.11.15 File-level security ........................................................................................................................................... 89

5.11.16 Log truncation................................................................................................................................................ 90

5.11.17 LVM snapshotting ......................................................................................................................................... 90

5.11.18 Mount points ................................................................................................................................................. 90

5.11.19 Multi-volume snapshot ................................................................................................................................. 91

5.11.20 Performance .................................................................................................................................................. 91

5.11.21 Pre/Post commands ...................................................................................................................................... 92

5.11.22 Pre/Post data capture commands ............................................................................................................... 94

5.11.23 SAN hardware snapshots .............................................................................................................................. 95

5.11.24 Scheduling ...................................................................................................................................................... 95

5.11.25 Sector-by-sector backup ............................................................................................................................... 96

5.11.26 Splitting .......................................................................................................................................................... 96

5.11.27 Tape management ........................................................................................................................................ 97

5.11.28 Task failure handling ..................................................................................................................................... 99

5.11.29 Volume Shadow Copy Service (VSS) ............................................................................................................ 99

5.11.30 Volume Shadow Copy Service (VSS) for virtual machines ....................................................................... 100

5.11.31 Weekly backup ............................................................................................................................................ 100

5.11.32 Windows event log ..................................................................................................................................... 100

6 Recovery ..................................................................................................................... 101

6.1 Recovery cheat sheet .............................................................................................................101

6.2 Creating bootable media .......................................................................................................101

6.3 Recovering a machine ............................................................................................................102

6.3.1 Physical machine ......................................................................................................................................... 102

6.3.2 Physical machine to virtual ......................................................................................................................... 104

6.3.3 Virtual machine ........................................................................................................................................... 106

6.3.4 Recovering disks by using bootable media ............................................................................................... 107

6.3.5 Using Universal Restore .............................................................................................................................. 108

6.4 Recovering files ......................................................................................................................110

6.4.1 Recovering files by using the web interface .............................................................................................. 110

6.4.2 Downloading files from the cloud storage ................................................................................................ 111

6.4.3 Verifying file authenticity with Notary Service.......................................................................................... 112

6.4.4 Signing a file with ASign .............................................................................................................................. 113

6.4.5 Recovering files by using bootable media ................................................................................................. 114

6.4.6 Extracting files from local backups ............................................................................................................. 114

6.5 Recovering system state ........................................................................................................115

6.6 Recovering ESXi configuration ...............................................................................................115

6.7 Recovery options ...................................................................................................................116

6.7.1 Backup validation ........................................................................................................................................ 117

6.7.2 Date and time for files ................................................................................................................................ 117

6.7.3 Error handling .............................................................................................................................................. 117

6.7.4 File exclusions .............................................................................................................................................. 118

6.7.5 File-level security ......................................................................................................................................... 118

6.7.6 Flashback...................................................................................................................................................... 118

6.7.7 Full path recovery ........................................................................................................................................ 118

6.7.8 Mount points ............................................................................................................................................... 119

6.7.9 Performance ................................................................................................................................................ 119

6.7.10 Pre/Post commands .................................................................................................................................... 119

6.7.11 SID changing ................................................................................................................................................ 120

6.7.12 VM power management ............................................................................................................................ 121

6.7.13 Windows event log ..................................................................................................................................... 121

7 Operations with backups ............................................................................................. 121

7.1 The Backups tab .....................................................................................................................121

7.2 Mounting volumes from a backup .........................................................................................122

7.3 Deleting backups ....................................................................................................................123

8 Operations with backup plans ...................................................................................... 124

9 The Plans tab ............................................................................................................... 124

9.1 Off-host data processing ........................................................................................................125

9.1.1 Backup replication ....................................................................................................................................... 125

9.1.2 Validation ..................................................................................................................................................... 126

9.1.3 Cleanup ........................................................................................................................................................ 128

9.1.4 Conversion to a virtual machine ................................................................................................................ 129

10 Bootable media ........................................................................................................... 130

10.1 Bootable Media Builder .........................................................................................................130

10.1.1 Linux-based bootable media ...................................................................................................................... 130

10.1.2 WinPE-based bootable media .................................................................................................................... 141

10.2 Connecting to a machine booted from media .......................................................................144

10.3 Registering media on the management server .....................................................................145

10.4 Configuring iSCSI and NDAS devices ......................................................................................146

10.5 Startup Recovery Manager ....................................................................................................147

10.6 Acronis PXE Server .................................................................................................................148

10.6.1 Installing Acronis PXE Server ...................................................................................................................... 148

10.6.2 Setting up a machine to boot from PXE .................................................................................................... 149

10.6.3 Work across subnets ................................................................................................................................... 149

11 Protecting mobile devices ............................................................................................ 150

12 Protecting Microsoft applications ................................................................................. 154

12.1 Prerequisites ..........................................................................................................................155

12.2 Database backup....................................................................................................................156

12.2.1 Selecting SQL databases ............................................................................................................................. 157

12.2.2 Selecting Exchange Server data ................................................................................................................. 157

12.2.3 Protecting Always On Availability Groups (AAG) ...................................................................................... 158

12.2.4 Protecting Database Availability Groups (DAG) ........................................................................................ 159

12.3 Application-aware backup .....................................................................................................161

12.3.1 Required user rights .................................................................................................................................... 161

12.4 Mailbox backup ......................................................................................................................162

12.4.1 Selecting Exchange Server mailboxes ........................................................................................................ 162

12.5 Recovering SQL databases .....................................................................................................163

12.5.1 Recovering system databases .................................................................................................................... 165

12.5.2 Attaching SQL Server databases ................................................................................................................ 165

12.6 Recovering Exchange databases ............................................................................................166

12.6.1 Mounting Exchange Server databases ...................................................................................................... 167

12.7 Recovering Exchange mailboxes and mailbox items .............................................................168

12.7.1 Recovering mailboxes ................................................................................................................................. 169

12.7.2 Recovering mailbox items .......................................................................................................................... 170

12.8 Changing the SQL Server or Exchange Server access credentials ..........................................172

13 Protecting Office 365 mailboxes ................................................................................... 172

13.1 Selecting Office 365 mailboxes ..............................................................................................173

13.2 Recovering Office 365 mailboxes and mailbox items ............................................................174

13.2.1 Recovering mailboxes ................................................................................................................................. 174

13.2.2 Recovering mailbox items .......................................................................................................................... 174

13.3 Changing the Office 365 access credentials ..........................................................................175

14 Protecting Oracle Database .......................................................................................... 175

15 Active Protection ......................................................................................................... 175

16 Special operations with virtual machines ...................................................................... 177

16.1 Running a virtual machine from a backup (Instant Restore) .................................................177

16.1.1 Running the machine .................................................................................................................................. 177

16.1.2 Deleting the machine .................................................................................................................................. 178

16.1.3 Finalizing the machine ................................................................................................................................ 179

16.2 Working in VMware vSphere .................................................................................................179

16.2.1 Replication of virtual machines .................................................................................................................. 179

16.2.2 LAN-free backup .......................................................................................................................................... 184

16.2.3 Using SAN hardware snapshots ................................................................................................................. 187

16.2.4 Using a locally attached storage................................................................................................................. 191

16.2.5 Virtual machine binding .............................................................................................................................. 192

16.2.6 Changing the vSphere access credentials .................................................................................................. 194

16.2.7 Agent for VMware - necessary privileges .................................................................................................. 194

16.3 Machine migration .................................................................................................................197

16.4 Windows Azure and Amazon EC2 virtual machines ..............................................................197

17 Monitoring and reporting ............................................................................................. 198

17.1 Dashboard ..............................................................................................................................198

17.2 Reports ...................................................................................................................................199

17.3 Configuring the severity of alerts ..........................................................................................201

18 Device groups .............................................................................................................. 202

18.1 Creating a static group ...........................................................................................................203

18.2 Adding devices to static groups .............................................................................................203

18.3 Creating a dynamic group ......................................................................................................204

18.4 Applying a backup plan to a group ........................................................................................207

19 Advanced storage options ............................................................................................ 207

19.1 Tape devices ..........................................................................................................................207

19.1.1 What is a tape device? ................................................................................................................................ 207

19.1.2 Overview of tape support ........................................................................................................................... 208

19.1.3 Getting started with a tape device ............................................................................................................. 212

19.1.4 Tape management ...................................................................................................................................... 216

19.2 Storage nodes ........................................................................................................................224

19.2.1 Installing a storage node and a catalog service ........................................................................................ 224

19.2.2 Adding a managed location ........................................................................................................................ 225

19.2.3 Location encryption .................................................................................................................................... 226

19.2.4 Deduplication best practices ...................................................................................................................... 227

19.2.5 Data catalog ................................................................................................................................................. 229

19.2.6 Cataloging best practices ............................................................................................................................ 230

20 System settings ............................................................................................................ 230

20.1 Email server ...........................................................................................................................230

20.2 Email notifications .................................................................................................................231

20.3 Default backup options ..........................................................................................................232

21 Administering user accounts and organization units ..................................................... 232

21.1 On-premise deployment ........................................................................................................232

21.1.1 Administrators and units ............................................................................................................................ 233

21.1.2 Adding administrators ................................................................................................................................ 234

21.1.3 Creating units ............................................................................................................................................... 235

21.2 Cloud deployment .................................................................................................................235

22 Troubleshooting .......................................................................................................... 236

23 Glossary ...................................................................................................................... 238

1 What's new in Acronis Backup

1.1 What's new in Update 1

 Support for Citrix XenServer 7.0, 7.1, 7.2, and Red Hat Virtualization 4.1 (p. 18)  Support for Debian 8.6, 8.7, 8.8, 9, and Ubuntu 17.04  Support for Windows Storage Server 2016  The capability to use a PostgreSQL database with the management server under Linux (p. 29)  A utility for agent mass deployment and upgrade.

For information about how to use this utility, refer to http://kb.acronis.com/content/60137

1.2 What's new in Acronis Backup 12.5

Important These new features are available in on-premise deployments only. They will be propagated to cloud deployments in future releases.

New features available in all on-premise deployments

Backup

 A new backup format (p. 82) that increases the backup speed and reduces the size of backups  Up to five locations for replication in a backup plan (p. 75)  Conversion to a virtual machine in a backup plan (p. 73)  Schedule by events (p. 66)  Setting conditions for backup plan execution (p. 67)  Predefined Grandfather-Father-Son (GFS) backup scheme (p. 64)  SFTP as a backup location (p. 60)  Default backup options stored on the management server (p. 232)  Selection of the backup method (full or incremental) when starting a backup manually (p. 76)  Backup options:

 Email notifications (p. 86):

 Specify the email notifications subject  Notifications are now based on alerts instead of backup activity results. You can

customize the list of alerts that trigger a notification.

 Backup file name (p. 79)  Backup start conditions (p. 84)

Recovery

 Manual disk mapping. The capability to recover individual disks or volumes (p. 102).

Bootable media

 Startup Recovery Manager (p. 147)

Applications

 Backing up Microsoft Exchange Server mailboxes (p. 162)

Virtualization

 The capability to assign a virtual machine to a specific agent (p. 192) (VM binding)

Operations with backups

 Mounting volumes in the read/write mode (p. 122)  ASign allows a backed-up file to be signed by several people (p. 113)

Notifications and alerts

 The capability to configure the severity of an alert (via the configuration file) (p. 201)  Device status is now derived from alerts instead of backup activity results. This covers a wider

range of events, for example, missed backups or ransomware activities.

Acronis Active Protection

 Proactive protection from ransomware by detecting suspicious processes (p. 175)

Usability improvements

 Dashboard - a customizable set of more than 20 widgets that are updated in real time (p. 198)  A new section in the UI shows all backup plans and other plans (p. 124)  The capability to set an encryption password in Backup Monitor (p. 71)

New features available with the Advanced licenses only

Administering

 Customizable reports that can be sent or saved on a schedule (p. 199)  Roles on the management server: create units and assign administrators to them (p. 233)  Group management: built-in and custom groups of devices (p. 202)  Acronis Notary: prove that a file is authentic and unchanged since it was backed up (p. 72)

New backup locations

 Acronis Storage Node with deduplication (p. 224)  Support for tape devices (p. 207)

Bootable media

 Working with bootable media via the backup console (p. 145)  Automated backup and recovery by execution of a predefined or custom script (p. 133)  PXE Server for network boot (p. 148)

Applications

 Support for Database Availability Groups (DAG) in Microsoft Exchange Server (p. 159)  Support for AlwaysOn Availability Group (AAG) in Microsoft SQL Server (p. 158)  Protecting Oracle Database (p. 175)

Virtualization

 Backing up ESXi virtual machines from NetApp hardware snapshots (p. 187)  Backing up Citrix XenServer, Red Hat Virtualization (RHV/RHEV), Kernel-based Virtual Machines

(KVM), and Oracle virtual machines (by installing an agent into the guest system) (p. 11)

Operations with backups

 Conversion to a virtual machine, validation, replication, and retention of backups can be

performed on a schedule by a dedicated agent (p. 125)

 Cataloging - a separate catalog service enables search throughout all backups in managed

locations (p. 229)

2 Installation

2.1 Installation overview

Acronis Backup supports two methods of deployment: on-premise and cloud. The main difference between them is the location of Acronis Backup Management Server.

Acronis Backup Management Server is the central point for managing all of your backups. With the on-premise deployment, it is installed in your local network; with the cloud deployment, it is located in one of the Acronis data centers. The web interface to this server is named a backup console.

Both types of deployment require that a backup agent is installed on each machine that you want to back up. The supported types of storage are also the same. The cloud storage space is sold separately from the Acronis Backup licenses.

On-premise deployment

On-premise deployment means that all of the product components are installed in your local network. This is the only deployment method available with a perpetual license. Also, you have to use this method if your machines are not connected to the Internet.

Management server location

You can install the management server on a machine running either Windows or Linux.

Installation in Windows is recommended because you will be able to deploy agents to other machines from the management server. With the Advanced license, it is possible to create

organizational units and add administrators to them. This way, you can delegate backup management to other people whose access permissions will be strictly limited to the corresponding units.

Installation in Linux is recommended in a Linux-only environment. You will need to install an agent locally on the machines that you want to back up.

Cloud deployment

Cloud deployment means that the management server is located in one of the Acronis data centers. The benefit of this approach is that you do not need to maintain the management server in your local network. You can think of Acronis Backup as of a backup service provided to you by Acronis.

Access to the account server enables you to create user accounts, set service usage quotas for them, and create groups of users (units) to reflect the structure of your organization. Every user can access the backup console, download the required agent, and install it on their machines in minutes.

Administrator accounts can be created at the unit or organization level. Each account has a view scoped to their area of control. Users have access only to their own backups.

The following table summarizes differences between the on-premise and cloud deployments.

On-premise deployment

Cloud deployment

 On-premise management server  Unit and account management with the Advanced

license only

 Both subscription and perpetual licenses can be used  Agent for VMware (Virtual Appliance) and Agent for

VMware (Windows)

 WAN optimization for replication of virtual machines

(replica seeding)

 Bootable Media Builder  Backup and disk management in bootable media  Upgrade from previous versions of Acronis Backup,

including Acronis Backup for VMware

 Participation in the Acronis Customer Experience

Program

 Features introduced in version 12.5, which affects only

on-premise deployments. See "What's new in Acronis Backup 12.5" (p. 7).

 Unit and account management  A subscription license is required  No Agent for VMware (Virtual Appliance)  Mobile backup to cloud

What are you going to

back up?

Which agent to install?

Where to install it?

Agent availability

On-prem

Cloud

Physical machines

Disks, volumes, and files on physical machines running Windows

Agent for Windows

On the machine that will be backed up.

Disks, volumes, and files on physical machines running Linux

Agent for Linux

Disks, volumes, and files on physical machines running macOS

Agent for Mac

Applications

2.2 Components

Agents

Agents are applications that perform data backup, recovery, and other operations on the machines managed by Acronis Backup.

Choose an agent, depending on what you are going to back up. The following table summarizes the information, to help you decide.

Note that Agent for Windows is installed along with Agent for Exchange, Agent for SQL, Agent for Active Directory, and Agent for Oracle. If you install, for example, Agent for SQL, you also will be able to back up the entire machine where the agent is installed.

What are you going to

back up?

Which agent to install?

Where to install it?

Agent availability

On-prem

Cloud

SQL databases

Agent for SQL

On the machine running Microsoft SQL Server.

Exchange databases and mailboxes

Agent for Exchange

On the machine running the Mailbox role of Microsoft Exchange Server.

If only mailbox backup is required, the agent can be installed on any Windows machine that has network access to the machine running the Client Access role of Microsoft Exchange Server.

mailbox

backup

Microsoft Office 365 mailboxes

Agent for Office 365

On a Windows machine that is connected to the Internet.

Machines running Active Directory Domain Services

Agent for Active Directory

On the domain controller.

Machines running Oracle Database

Agent for Oracle

On the machine running Oracle Database

–

Virtual machines

VMware ESXi virtual machines

Agent for VMware (Windows)

On a Windows machine that has network access to vCenter Server and to the virtual machine storage.*

Agent for VMware (Virtual Appliance)

On the ESXi host.

–

Hyper-V virtual machines

Agent for Hyper-V

On the Hyper-V host.

Virtual machines hosted on Windows Azure

The same as for physical machines**

On the machine that will be backed up.

Virtual machines hosted on Amazon EC2

Citrix XenServer virtual machines

+***

Red Hat Virtualization (RHV/RHEV) virtual machines

Kernel-based Virtual Machines (KVM)

Oracle virtual machines

Mobile devices

Mobile devices running Android

Mobile app for Android

On the mobile device that will be backed up.

–

Mobile devices running iOS

Mobile app for iOS

–

*If your ESXi uses a SAN attached storage, install the agent on a machine connected to the same SAN. The

Component

Function

Where to install it?

Availability

On-prem

Cloud

Management Server

Manages the agents. Provides the web interface to users.

On a machine running Windows or Linux.

–

Monitoring Service

Provides the dashboard and reporting functionality.

On the machine running the management server.

–

Bootable Media Builder

Creates bootable media.

On a machine running Windows or Linux.

–

Backup Monitor

Enables users to monitor backups outside the web interface.

On a machine running Windows or macOS.

Command-Line Tool

Provides the command-line interface.

On a machine running Windows or Linux.

Storage Node

Stores backups. Is required for cataloging and deduplication.

On a machine running Windows.

–

Catalog Service

Performs cataloging of backups on storage nodes.

On a machine running Windows.

–

PXE Server

Enables booting machines into bootable media through the network.

On a machine running Windows.

–

agent will back up the virtual machines directly from the storage rather than via the ESXi host and LAN. For detailed instructions, refer to "LAN-free backup" (p. 184).

**A virtual machine is considered virtual if it is backed up by an external agent. If an agent is installed in the guest system, the backup and recovery operations are the same as with a physical machine. Nevertheless, the machine is counted as virtual when you set quotas for the number of machines in a cloud deployment.

***With an Acronis Backup Advanced Virtual Host license, these virtual machines are considered as virtual (per host licensing is used). With an Acronis Backup Virtual Host license, these machines are considered as physical (per machine licensing is used).

Other components

2.3 Software requirements

2.3.1 Supported web browsers

The web interface supports the following web browsers:

 Google Chrome 29 or later  Mozilla Firefox 23 or later  Opera 16 or later  Windows Internet Explorer 10 or later  Microsoft Edge 25 or later  Safari 8 or later running in the OS X and iOS operating systems

In other web browsers (including Safari browsers running in other operating systems), the user interface might be displayed incorrectly or some functions may be unavailable.

2.3.2 Supported operating systems and environments

2.3.2.1 Agents

Agent for Windows

Windows XP Professional SP3 (x86, x64)

Windows Server 2003 SP1/2003 R2 and later – Standard and Enterprise editions (x86, x64)

Windows Small Business Server 2003/2003 R2

Windows Vista – all editions

Windows Server 2008 – Standard, Enterprise, Datacenter, and Web editions (x86, x64)

Windows Small Business Server 2008

Windows 7 – all editions

Windows Server 2008 R2 – Standard, Enterprise, Datacenter, Foundation, and Web editions

Windows MultiPoint Server 2010/2011/2012

Windows Small Business Server 2011 – all editions

Windows 8/8.1 – all editions (x86, x64), except for the Windows RT editions

Windows Server 2012/2012 R2 – all editions

Windows Storage Server 2003/2008/2008 R2/2012/2012 R2/2016

Windows 10 – Home, Pro, Education, Enterprise, and IoT Enterprise editions

Windows Server 2016 – all installation options, except for Nano Server

Agent for SQL, Agent for Exchange (for database backup and application-aware backup), Agent for Active Directory

Each of these agents can be installed on a machine running any operating system listed above and a supported version of the respective application.

Agent for Exchange (for mailbox backup)

This agent can be installed on a machine with or without Microsoft Exchange Server.

Windows Server 2008 – Standard, Enterprise, Datacenter, and Web editions (x86, x64)

Windows Small Business Server 2008

Windows 7 – all editions

Windows Server 2008 R2 – Standard, Enterprise, Datacenter, Foundation, and Web editions

Windows MultiPoint Server 2010/2011/2012

Windows Small Business Server 2011 – all editions

Windows 8/8.1 – all editions (x86, x64), except for the Windows RT editions

Windows Server 2012/2012 R2 – all editions

Windows Storage Server 2008/2008 R2/2012/2012 R2

Windows 10 – Home, Pro, Education, and Enterprise editions

Windows Server 2016 – all installation options, except for Nano Server

Agent for Office 365

Windows Server 2008 – Standard, Enterprise, Datacenter, and Web editions (x64 only)

Windows Small Business Server 2008

Windows Server 2008 R2 – Standard, Enterprise, Datacenter, Foundation, and Web editions

Windows Small Business Server 2011 – all editions

Windows 8/8.1 – all editions (x64 only), except for the Windows RT editions

Windows Server 2012/2012 R2 – all editions

Windows Storage Server 2008/2008 R2/2012/2012 R2/2016 (x64 only)

Windows 10 – Home, Pro, Education, and Enterprise editions (x64 only)

Windows Server 2016 – all installation options (x64 only), except for Nano Server

Agent for Oracle

Windows Server 2008 – Standard, Enterprise, Datacenter, and Web editions (x86, x64)

Windows Server 2012 – Standard, Enterprise, Datacenter, and Web editions (x86, x64)

Agent for Linux

Linux with kernel from 2.6.9 to 4.9 and glibc 2.3.4 or later

Various x86 and x86_64 Linux distributions, including:

Red Hat Enterprise Linux 4.x, 5.x, 6.x, 7.0, 7.1, 7.2, 7.3

Ubuntu 9.10, 10.04, 10.10, 11.04, 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 14.10, 15.04,

15.10, 16.04, 16.10, 17.04

Fedora 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24

SUSE Linux Enterprise Server 10 and 11

SUSE Linux Enterprise Server 12 – supported on file systems, except for Btrfs

Debian 4, 5, 6, 7.0, 7.2, 7.4, 7.5, 7.6, 7.7, 8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 8.8, 9

CentOS 5.x, 6.x, 7, 7.1, 7.2, 7.3

Oracle Linux 5.x, 6.x, 7.0, 7.1, 7.2, 7.3 – both Unbreakable Enterprise Kernel and Red Hat Compatible Kernel

CloudLinux 5.x, 6.x, 7, 7.1

ClearOS 5.x, 6.x, 7, 7.1

Before installing the product on a system that does not use RPM Package Manager, such as an Ubuntu system, you need to install this manager manually; for example, by running the following command (as the root user): apt-get install rpm

Agent for Mac

OS X Mavericks 10.9

OS X Yosemite 10.10

OS X El Capitan 10.11

macOS Sierra 10.12 – Apple File System (APFS) is not supported

Agent for VMware (Virtual Appliance)

This agent is delivered as a virtual appliance for running on an ESXi host.

VMware ESXi 4.1, 5.0, 5.1, 5.5, 6.0, 6.5

Agent for VMware (Windows)

This agent is delivered as a Windows application for running in any operating system listed above for Agent for Windows with the following exceptions:

 32-bit operating systems are not supported.

 Windows XP, Windows Server 2003/2003 R2, and Windows Small Business Server

2003/2003 R2 are not supported.

Agent for Hyper-V

Windows Server 2008 (x64 only) with Hyper-V

Windows Server 2008 R2 with Hyper-V

Microsoft Hyper-V Server 2008/2008 R2

Windows Server 2012/2012 R2 with Hyper-V

Microsoft Hyper-V Server 2012/2012 R2

Windows 8, 8.1 (x64 only) with Hyper-V

Windows 10 – Pro, Education, and Enterprise editions with Hyper-V

Windows Server 2016 with Hyper-V – all installation options, except for Nano Server

Microsoft Hyper-V Server 2016

2.3.2.2 Management Server (for on-premise deployment only)

In Windows

Windows Server 2008 – Standard, Enterprise, and Datacenter editions (x86, x64)

Windows Small Business Server 2008

Windows 7 – all editions (x86, x64)

Windows Server 2008 R2 – Standard, Enterprise, Datacenter, and Foundation editions

Windows MultiPoint Server 2010/2011/2012

Windows Small Business Server 2011 – all editions

Windows 8/8.1 – all editions (x86, x64), except for the Windows RT editions

Windows Server 2012/2012 R2 – all editions

Windows Storage Server 2008/2008 R2/2012/2012 R2/2016

Windows 10 – Home, Pro, Education, Enterprise, and IoT Enterprise editions

Windows Server 2016 – all installation options, except for Nano Server

In Linux

Linux with kernel from 2.6.18 to 4.9 and glibc 2.3.4 or later

Various x86_64 Linux distributions, including:

Red Hat Enterprise Linux 4.x, 5.x, 6.x, 7.0, 7.1, 7.2, 7.3

Ubuntu 9.10, 10.04, 10.10, 11.04, 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 14.10, 15.04,

15.10, 16.04, 16.10, 17.04

Fedora 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24

SUSE Linux Enterprise Server 10, 11, 12

Debian 4, 5, 6, 7.0, 7.2, 7.4, 7.5, 7.6, 7.7, 8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 8.8, 9

CentOS 5.x, 6.x, 7, 7.1, 7.2, 7.3

Oracle Linux 5.x, 6.x, 7.0, 7.1, 7.2, 7.3 – both Unbreakable Enterprise Kernel and Red Hat Compatible Kernel

CloudLinux 5.x, 6.x, 7, 7.1

2.3.2.3 Storage Node (for on-premise deployment only)

Windows Server 2008 – Standard, Enterprise, and Datacenter editions (x64 only)

Windows Small Business Server 2008

Windows 7 – all editions (x64 only)

Windows Server 2008 R2 – Standard, Enterprise, Datacenter, and Foundation editions

Windows MultiPoint Server 2010/2011/2012

Windows Small Business Server 2011 – all editions

Windows 8/8.1 – all editions (x64 only), except for the Windows RT editions

Windows Server 2012/2012 R2 – all editions

Windows Storage Server 2008/2008 R2/2012/2012 R2/2016

Windows 10 – Home, Pro, Education, and Enterprise editions

Windows Server 2016 – all installation options, except for Nano Server

2.3.3 Supported Microsoft SQL Server versions

 Microsoft SQL Server 2016  Microsoft SQL Server 2014  Microsoft SQL Server 2012  Microsoft SQL Server 2008 R2  Microsoft SQL Server 2008  Microsoft SQL Server 2005

2.3.4 Supported Microsoft Exchange Server versions

 Microsoft Exchange Server 2016 – all editions.  Microsoft Exchange Server 2013 – all editions, Cumulative Update 1 (CU1) and later.  Microsoft Exchange Server 2010 – all editions, all service packs. Mailbox backup and granular

recovery from database backups are supported starting with Service Pack 1 (SP1).

 Microsoft Exchange Server 2007 – all editions, all service packs. Mailbox backup and granular

recovery from database backups are not supported.

2.3.5 Supported Microsoft SharePoint versions

Acronis Backup 12.5 supports the following Microsoft SharePoint versions:

 Microsoft SharePoint 2013  Microsoft SharePoint Server 2010 SP1  Microsoft SharePoint Foundation 2010 SP1  Microsoft Office SharePoint Server 2007 SP2*  Microsoft Windows SharePoint Services 3.0 SP2*

*In order to use SharePoint Explorer with these versions, you need a SharePoint recovery farm to attach the databases to.

The backups or databases from which you extract data must originate from the same SharePoint version as the one where SharePoint Explorer is installed.

2.3.6 Supported Oracle Database versions

 Oracle Database version 11g, all editions  Oracle Database version 12c, all editions.

Only single-instance configurations are supported.

Platform

Backup at a hypervisor

level (agentless backup)

Backup from inside a

guest OS

VMware

VMware vSphere versions: 4.1, 5.0, 5.1, 5.5,

6.0, 6.5

VMware vSphere editions:

VMware vSphere Essentials*

VMware vSphere Essentials Plus*

VMware vSphere Standard*

VMware vSphere Advanced

VMware vSphere Enterprise

VMware vSphere Enterprise Plus

VMware vSphere Hypervisor (Free ESXi)**

VMware Server (VMware Virtual server)

VMware Workstation

VMware ACE

VMware Player

Microsoft

Windows Server 2008 (x64) with Hyper-V

Windows Server 2008 R2 with Hyper-V

Microsoft Hyper-V Server 2008/2008 R2

Windows Server 2012/2012 R2 with Hyper-V

Microsoft Hyper-V Server 2012/2012 R2

Windows 8, 8.1 (x64) with Hyper-V

Windows 10 with Hyper-V

Windows Server 2016 with Hyper-V – all installation options, except for Nano Server

Microsoft Hyper-V Server 2016

Microsoft Virtual PC 2004 and 2007

Windows Virtual PC

Microsoft Virtual Server 2005

Citrix

Citrix XenServer 4.1.5, 5.5, 5.6, 6.0, 6.1, 6.2, 6.5,

7.0, 7.1, 7.2

Only fully virtualized

(aka HVM) guests

2.3.7 Supported virtualization platforms

The following table summarizes how various virtualization platforms are supported.

Platform

Backup at a hypervisor

level (agentless backup)

Backup from inside a

guest OS

Red Hat and Linux

Red Hat Enterprise Virtualization (RHEV) 2.2,

3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6

Red Hat Virtualization (RHV) 4.0, 4.1

Kernel-based Virtual Machines (KVM)

Parallels

Parallels Workstation

Parallels Server 4 Bare Metal

Oracle

Oracle VM Server 3.0 and 3.3

Oracle VM VirtualBox 4.x

Amazon

Amazon EC2 instances

Microsoft Azure

Azure virtual machines

* In these editions, the HotAdd transport for virtual disks is supported on vSphere 5.0 and later. On version 4.1, backups may run slower.

** Backup at a hypervisor level is not supported for vSphere Hypervisor because this product restricts access to Remote Command Line Interface (RCLI) to read-only mode. The agent works during the vSphere Hypervisor evaluation period while no serial key is entered. Once you enter a serial key, the agent stops functioning.

Limitations

 Fault tolerant machines

Agent for VMware backs up a fault tolerant machine only if fault tolerance was enabled in VMware vSphere 6.0 and later. If you upgraded from an earlier vSphere version, it is enough to disable and enable fault tolerance for each machine. If you are using an earlier vSphere version, install an agent in the guest operating system.

 Independent disks and RDM

Agent for VMware does not back up Raw Device Mapping (RDM) disks in physical compatibility mode or independent disks. The agent skips these disks and adds warnings to the log. You can avoid the warnings by excluding independent disks and RDMs in physical compatibility mode from the backup plan. If you want to back up these disks or data on these disks, install an agent in the guest operating system.

 Pass-through disks

Agent for Hyper-V does not back up pass-through disks. During backup, the agent skips these disks and adds warnings to the log. You can avoid the warnings by excluding pass-through disks from the backup plan. If you want to back up these disks or data on these disks, install an agent in the guest operating system.

 Encrypted virtual machines (introduced in VMware vSphere 6.5)

 Encrypted virtual machines are backed up in an unencrypted state. If encryption is critical to

you, enable encryption of backups when creating a backup plan (p. 71).

 Recovered virtual machines are always unencrypted. You can manually enable encryption

after the recovery is complete.

 If you back up encrypted virtual machines, we recommend that you also encrypt the virtual

machine where Agent for VMware is running. Otherwise, operations with encrypted machines may be slower than expected. Apply the VM Encryption Policy to the agent's machine by using vSphere Web Client.

 Encrypted virtual machines will be backed up via LAN, even if you configure the SAN

transport mode for the agent. The agent will fall back on the NBD transport because VMware does not support SAN transport for backing up encrypted virtual disks.

 Secure Boot (introduced in VMware vSphere 6.5)

Secure Boot is disabled after a virtual machine is recovered as a new virtual machine. You can manually enable this option after the recovery is complete.

2.3.8 Linux packages

To add the necessary modules to the Linux kernel, the setup program needs the following Linux packages:

 The package with kernel headers or sources. The package version must match the kernel version.  The GNU Compiler Collection (GCC) compiler system. The GCC version must be the one with

which the kernel was compiled.

 The Make tool.  The Perl interpreter.

The names of these packages vary depending on your Linux distribution.

In Red Hat Enterprise Linux, CentOS, and Fedora, the packages normally will be installed by the setup program. In other distributions, you need to install the packages if they are not installed or do not have the required versions.

Are the required packages already installed?

To check whether the packages are already installed, perform these steps:

1. Run the following command to find out the kernel version and the required GCC version:

cat /proc/version

This command returns lines similar to the following: Linux version 2.6.35.6 and gcc version 4.5.1

2. Run the following command to check whether the Make tool and the GCC compiler are installed:

make -v gcc -v

For gcc, ensure that the version returned by the command is the same as in the gcc version in step 1. For make, just ensure that the command runs.

3. Check whether the appropriate version of the packages for building kernel modules is installed:

 In Red Hat Enterprise Linux, CentOS, and Fedora, run the following command:

yum list installed | grep kernel-devel

 In Ubuntu, run the following commands:

dpkg --get-selections | grep linux-headers

Linux

distribution

Package names

How to install

Red Hat Enterprise Linux

kernel-devel gcc make

The setup program will download and install the packages automatically by using your Red Hat subscription.

perl

Run the following command:

yum install perl

CentOS

Fedora

kernel-devel gcc make

The setup program will download and install the packages automatically.

perl

Run the following command:

yum install perl

Ubuntu

linux-headers linux-image gcc make perl

Run the following commands:

sudo apt-get update sudo apt-get install linux-headers-`uname -r` sudo apt-get install linux-image-`uname -r` sudo apt-get install gcc-<package version> sudo apt-get install make sudo apt-get install perl

dpkg --get-selections | grep linux-image

In either case, ensure that the package versions are the same as in Linux version in step 1.

4. Run the following command to check whether the Perl interpreter is installed:

perl --version

If you see the information about the Perl version, the interpreter is installed.

Installing the packages from the repository

The following table lists how to install the required packages in various Linux distributions.

The packages will be downloaded from the distribution's repository and installed.

For other Linux distributions, please refer to the distribution's documentation regarding the exact names of the required packages and the ways to install them.

Installing the packages manually

You may need to install the packages manually if:

 The machine does not have an active Red Hat subscription or Internet connection.  The setup program cannot find the kernel-devel or gcc version corresponding to the kernel

version. If the available kernel-devel is more recent than your kernel, you need to either update the kernel or install the matching kernel-devel version manually.

 You have the required packages on the local network and do not want to spend time for

automatic search and downloading.

Obtain the packages from your local network or a trusted third-party website, and install them as follows:

 In Red Hat Enterprise Linux, CentOS, or Fedora, run the following command as the root user:

rpm -ivh PACKAGE_FILE1 PACKAGE_FILE2 PACKAGE_FILE3

 In Ubuntu, run the following command:

sudo dpkg -i PACKAGE_FILE1 PACKAGE_FILE2 PACKAGE_FILE3

Example: Installing the packages manually in Fedora 14

Follow these steps to install the required packages in Fedora 14 on a 32-bit machine:

1. Run the following command to determine the kernel version and the required GCC version:

cat /proc/version

The output of this command includes the following:

Linux version 2.6.35.6-45.fc14.i686 gcc version 4.5.1

2. Obtain the kernel-devel and gcc packages that correspond to this kernel version:

kernel-devel-2.6.35.6-45.fc14.i686.rpm gcc-4.5.1-4.fc14.i686.rpm

3. Obtain the make package for Fedora 14:

make-3.82-3.fc14.i686

4. Install the packages by running the following commands as the root user:

rpm -ivh kernel-devel-2.6.35.6-45.fc14.i686.rpm rpm -ivh gcc-4.5.1.fc14.i686.rpm rpm -ivh make-3.82-3.fc14.i686

You can specify all these packages in a single rpm command. Installing any of these packages may require installing additional packages to resolve dependencies.

2.3.9 Compatibility with encryption software

There are no limitations on backing up and recovering data that is encrypted by file-level encryption software.

Disk-level encryption software encrypts data on the fly. This is why data contained in the backup is not encrypted. Disk-level encryption software often modifies system areas: boot records, or partition tables, or file system tables. These factors affect disk-level backup and recovery, the ability of the recovered system to boot and access to Secure Zone.

You can back up the data encrypted by the following disk-level encryption software:

 Microsoft BitLocker Drive Encryption  McAfee Endpoint Encryption  PGP Whole Disk Encryption.

To ensure reliable disk-level recovery, follow the common rules and software-specific recommendations.

Common installation rule

The strong recommendation is to install the encryption software before installing the backup agents.

The way of using Secure Zone

Secure Zone must not be encrypted with disk-level encryption. This is the only way to use Secure Zone:

1. Install the encryption software; then, install the agent.

2. Create Secure Zone.

3. Exclude Secure Zone when encrypting the disk or its volumes.

Components to be installed

Occupied disk space

Minimum memory

consumption

Agent for Windows

850 MB

150 MB

Agent for Windows and one of the following agents:

 Agent for SQL  Agent for Exchange

950 MB

170 MB

Agent for Windows and one of the following agents:

 Agent for VMware (Windows)  Agent for Hyper-V

1170 MB

180 MB

Agent for Office 365

500 MB

170 MB

Agent for Linux

720 MB

130 MB

Agent for Mac

500 MB

150 MB

For on-premise deployments only

Management Server in Windows

1.7 GB

200 MB

Management Server in Linux

0.6 GB

200 MB

Management Server and Agent for Windows

2.4 GB

360 MB

Common backup rule

You can do a disk-level backup in the operating system. Do not try to back up using bootable media.

Software-specific recovery procedures

Microsoft BitLocker Drive Encryption

To recover a system that was encrypted by BitLocker:

1. Boot from the bootable media.

2. Recover the system. The recovered data will be unencrypted.

3. Reboot the recovered system.

4. Turn on BitLocker.

If you only need to recover one partition of a multi-partitioned disk, do so under the operating system. Recovery under bootable media may make the recovered partition undetectable for Windows.

McAfee Endpoint Encryption and PGP Whole Disk Encryption

You can recover an encrypted system partition by using bootable media only.

If the recovered system fails to boot, rebuild Master Boot Record as described in the following Microsoft knowledge base article: https://support.microsoft.com/kb/2622803

2.4 System requirements

The following table summarizes disk space and memory requirements for typical installation cases. The installation is performed with the default settings.

Management Server and agents on a machine running Windows, Microsoft SQL Server, Microsoft Exchange Server, and Active Directory Domain Services

3.35 GB

400 MB

Management Server and Agent for Linux

1.2 GB

340 MB

Storage Node and Agent for Windows

 64-bit platform only  To use deduplication, minimum 8 GB of RAM are required.

For more information, see "Deduplication best practices" (p.

227).

1.1 GB

330 MB

While backing up, an agent typically consumes about 350 MB of memory (measured during a 500-GB

File system

Supported by

Limitations

Agents

Win-PE

bootable

media

Linux-based

bootable media

Mac bootable

media

FAT16/32

All agents

+ + +

No limitations

NTFS + +

ext2/ext3/ext4

+ + -

HFS+

Agent for Mac

- - +

JFS

Agent for Linux

- + -

Files cannot be excluded

from a disk backup

volume backup). The peak consumption may reach 2 GB, depending on the amount and type of data being processed.

Bootable media or a disk recovery with a reboot requires at least 1 GB of memory.

A management server with one registered machine consumes 200 MB of memory. Each of the newly registered machines adds about 4 MB. Thus, a server with 100 registered machines consumes approximately 600 MB above the operating system and running applications. The maximum number of registered machines is 900-1000. This limitation originates from the management server's embedded SQLite.

You can overcome this limitation by specifying an external Microsoft SQL Server instance during the management server installation. With an external SQL database, up to 2000 machines can be registered without significant performance degradation.

2.5 Supported file systems

A backup agent can back up any file system that is accessible from the operating system where the agent is installed. For example, Agent for Windows can back up and recover an ext4 file system if the corresponding driver is installed in Windows.

The following table summarizes the file systems that can be backed up and recovered. The limitations apply to both the agents and bootable media.

File system

Supported by

Limitations

Agents

Win-PE

bootable

media

Linux-based

bootable media

Mac bootable

media

ReiserFS3

- + -

ReiserFS4

- + -

 Files cannot be

excluded from a disk backup

 Volumes cannot be

resized during a recovery

ReFS

All agents

+ + +

XFS + +

Linux swap

Agent for Linux

- + -

No limitations

The software automatically switches to the sector-by-sector mode when backing up drives with unrecognized or unsupported file systems. A sector-by-sector backup is possible for any file system that:

 is block-based  spans a single disk  has a standard MBR/GPT partitioning scheme

If the file system does not meet these requirements, the backup fails.

2.6 On-premise deployment

An on-premise deployment includes a number of software components that are described in the "Components" (p. 11) section. The diagram below illustrates the component interaction and the ports required for this interaction. The arrow direction shows which component initiates a connection.

2.6.1 Installing the management server

2.6.1.1 Installation in Windows

To install the management server

1. Log on as an administrator and start the Acronis Backup setup program.

2. [Optional] To change the language the setup program is displayed in, click Setup language.

3. Accept the terms of the license agreement and select whether the machine will participate in the

Acronis Customer Experience Program (CEP).

4. Leave the default setting Install a backup agent and Acronis Backup Management Server.

5. Do any of the following:

 Click Install Acronis Backup.

This is the easiest way to install the product. Most of the installation parameters will be set to their default values.

The following components will be installed:

 Management Server  Monitoring Service  Agent for Windows  Other agents (Agent for Hyper-V, Agent for Exchange, Agent for SQL, and Agent for

Active Directory), if the respective hypervisor or application is detected on the machine

 Bootable Media Builder  Command-Line Tool  Backup Monitor

 Click Customize installation settings to configure the setup.

You will be able to select the components to be installed and to specify additional parameters. For details, refer to "Customizing installation settings" (p. 27).

 Click Create .mst and .msi files for unattended installation to extract the installation

packages. Review or modify the installation settings that will be added to the .mst file, and then click Generate. Further steps of this procedure are not required.

If you want to deploy agents through Group Policy, refer to "Deploying agents through Group Policy" (p. 42).

6. Proceed with the installation.

7. After the installation completes, click Close.

Customizing installation settings

This section describes settings that can be changed during installation.

Common settings

 The components to be installed.  The folder where the product will be installed.  The accounts under which the services will run.

You can choose one of the following:

 Use Service User Accounts (default for the agent service)

Service User Accounts are Windows system accounts that are used to run services. The advantage of this setting is that the domain security policies do not affect these accounts' user rights. By default, the agent runs under the Local System account.

 Create a new account (default for the management server service and the storage node

service) The account names will be Acronis Agent User, AMS User, and ASN User for the agent,

management server, and the storage node services, respectively.

 Use the following account

If you install the product on a domain controller, the setup program prompts you to specify existing accounts (or the same account) for each service. For security reasons, the setup program does not automatically create new accounts on a domain controller.

Also, choose this setting if you want the management server to use an existing Microsoft SQL server installed on a different machine and use Windows Authentication for the SQL Server.

If you chose the Create a new account or Use the following account option, ensure that the domain security policies do not affect the related accounts' rights. If an account is deprived of the user rights assigned during the installation, the component may work incorrectly or not work.

Management server installation

 The database to be used by the management server.

By default, the built-in SQLite database is used. You can select any edition of Microsoft SQL Server 2012, Microsoft SQL Server 2014, or Microsoft SQL Server 2016. The instance you choose can also be used by other programs.

Before selecting an instance installed on another machine, ensure that SQL Server Browser Service and the TCP/IP protocol are enabled on that machine. For instructions on how to start SQL Server Browser Service, refer to: http://msdn.microsoft.com/en-us/library/ms189093.aspx. You can enable the TCP/IP protocol by using a similar procedure.

 The port that will be used by a web browser to access the management server (by default, 9877)

and the port that will be used for communication between the product components (by default,

7780). Changing the latter port after the installation will require re-registering of all of the components.

Windows Firewall is configured automatically during the installation. If you use a different firewall, ensure that the ports are open for both incoming and outgoing requests through that firewall.

 Whether the agents and other components will access the management server by using its host

name or the IP address.

By default, the host name is specified. You may need to change this setting if DNS is unable to resolve the host name to the IP address, which results in a component registration failure.

Agent installation

 Whether the agent will connect to the Internet through an HTTP proxy server, when backing up

to and recovering from the cloud storage.

If a proxy server is required, specify its host name or IP address and the port number.

2.6.1.2 Installation in Linux

Preparation

1. Before installing the product on a system that does not use RPM Package Manager, such as an

Ubuntu system, you need to install this manager manually; for example, by running the following command (as the root user): apt-get install rpm.

2. If you want to install Agent for Linux along with the management server, ensure that the

necessary Linux packages (p. 20) are installed on the machine.

3. Choose the database to be used by the management server.

By default, the built-in SQLite database is used. As an alternative, you can use PostgreSQL. For information about how to configure the management server for using PostgreSQL, refer to http://kb.acronis.com/content/60395.

Note If you switch to PostgreSQL after the management server has been working for some time, you will have to add devices, configure backup plans and other settings from scratch.

Installation

To install the management server

1. As the root user, run the installation file.

2. Accept the terms of the license agreement.

3. [Optional] Select the components that you want to install.

By default, the following components will be installed:

 Management Server  Agent for Linux  Bootable Media Builder

4. Specify the port that will be used by a web browser to access the management server. The

default value is 9877.

5. Specify the port that will be used for communication between the product components. The

default value is 7780.

6. Click Next to proceed with the installation.

7. After the installation completes, select Open web console, and then click Exit. The backup

console will open in your default web browser.

2.6.2 Adding machines via the web interface

To start adding a machine to the management server, click All devices > Add.

If the management server is installed in Linux, you will be asked to select the setup program based on the type of the machine that you want to add. Once the setup program is downloaded, run it locally on that machine.

The operations described later in this section are possible if the management server is installed in Windows. In most cases, the agent will be silently deployed to the selected machine.

2.6.2.1 Adding a machine running Windows

Preparation

1. For successful installation on a remote machine running Windows XP, the option Control panel >

Folder options > View > Use simple file sharing must be disabled on that machine.

For successful installation on a remote machine running Windows Vista or later, the option Control panel > Folder options > View > Use Sharing Wizard must be disabled on that machine.

2. For successful installation on a remote machine that is not a member of an Active Directory

domain, User Account Control (UAC) must be disabled (p. 31).

3. File and Printer Sharing must be enabled on the remote machine. To access this option:

 On a machine running Windows XP with Service Pack 2 or Windows 2003 Server: go to

Control panel > Windows Firewall > Exceptions > File and Printer Sharing.

 On a machine running Windows Vista, Windows Server 2008, Windows 7, or later: go to

Control panel > Windows Firewall > Network and Sharing Center > Change advanced sharing settings.

4. Acronis Backup uses TCP ports 445 and 25001 for remote installation. Also, it uses TCP port 9876

for remote installation and for communication between the components.

Port 445 is automatically opened when you enable File and Printer Sharing. Ports 9876 and 25001 are automatically opened through Windows Firewall. If you use a different firewall, make sure that these three ports are open (added to exceptions) for both incoming and outgoing requests.

After the remote installation is complete, you can remove ports 445 and 25001 from exceptions. Port 25001 is automatically closed through Windows Firewall. Port 9876 needs to remain open.

Adding the machine

1. Click All devices > Add.

2. Click Windows or the button that corresponds to the application that you want to protect.

Depending on the button you click, one of the following options is selected:

 Agent for Windows  Agent for Hyper-V  Agent for SQL + Agent for Windows  Agent for Exchange + Agent for Windows

If you clicked Microsoft Exchange Server > Exchange mailboxes, and at least one Agent for Exchange is already registered, you are taken directly to step 5.

 Agent for Active Directory + Agent for Windows  Agent for Office 365

3. Specify the host name or IP address of the machine, and the credentials of an account with

administrative privileges on that machine.

4. Click Add.

5. If you clicked Microsoft Exchange Server > Exchange mailboxes in step 2, specify the machine

where the Client Access server role (CAS) of Microsoft Exchange Server is enabled. For more information, refer to "Mailbox backup" (p. 162).

Requirements on User Account Control (UAC)

On a machine that is running Windows Vista or later and is not a member of an Active Directory domain, centralized management operations (including remote installation) require that UAC be disabled.

To disable UAC

Do one of the following depending on the operating system:

 In a Windows operating system prior to Windows 8:

Go to Control panel > View by: Small icons > User Accounts > Change User Account Control Settings, and then move the slider to Never notify. Then, restart the machine.

 In any Windows operating system:

1. Open Registry Editor.

2. Locate the following registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System

3. For the EnableLUA value, change the setting to 0.

4. Restart the machine.

2.6.2.2 Adding a machine running Linux

1. Click All devices > Add.

2. Click Linux. This will download the installation file.

3. On the machine that you want to protect, run the setup program locally (p. 35).

2.6.2.3 Adding a machine running OS X

1. Click All devices > Add.

2. Click Mac. This will download the installation file.

3. On the machine that you want to protect, run the setup program locally (p. 35).

2.6.2.4 Adding a vCenter or an ESXi host

There are three methods of adding a vCenter or a stand-alone ESXi host to the management server:

 Deploying Agent for VMware (Virtual Appliance) (p. 32)

This method is recommended in most cases. The virtual appliance will be automatically deployed to every host managed by the vCenter you specify. You can select the hosts and customize the virtual appliance settings.

 Installing Agent for VMware (Windows) (p. 32)

You may want to install Agent for VMware on a physical machine running Windows for the purpose of an offloaded or LAN-free backup. The agent will be automatically deployed to the machine you specify.

 Offloaded backup

Use if your production ESXi hosts are so heavily loaded that running the virtual appliances is not desirable.

 LAN-free backup

If your ESXi uses a SAN attached storage, install the agent on a machine connected to the same SAN. The agent will back up the virtual machines directly from the storage rather than via the ESXi host and LAN. For detailed instructions, refer to "LAN-free backup" (p. 184).

 Registering an already installed Agent for VMware (p. 32)

Use this method if you installed Agent for VMware (Windows) manually, deployed Agent for VMware (Virtual Appliance) from an OVF template (p. 35), or had to re-install the management server.

Deploying Agent for VMware (Virtual Appliance) via the web interface

1. Click All devices > Add.

2. Click VMware ESXi.

3. Select Deploy as a virtual appliance to each host of a vCenter.

4. Specify the address and access credentials for the vCenter Server or stand-alone ESXi host. We

recommend using an account that has the Administrator role assigned. Otherwise, provide an account with the necessary privileges (p. 194) on the vCenter Server or ESXi.

5. [Optional] Click Settings to customize the deployment settings:

 ESXi hosts that you want to deploy the agent to (only if a vCenter Server was specified in the

previous step).

 The virtual appliance name.  The datastore where the appliance will be located.  The resource pool or vApp that will contain the appliance.  The network that the virtual appliance's network adapter will be connected to.  Network settings of the virtual appliance. You can choose DHCP auto configuration or specify

the values manually, including a static IP address.

6. Click Deploy.

Installing Agent for VMware (Windows)

Preparation

Follow the preparatory steps described in the "Adding a machine running Windows" (p. 30) section.

Installation

1. Click All devices > Add.

2. Click VMware ESXi.

3. Select Remotely install on a machine running Windows.

4. Specify the host name or IP address of the machine, and the credentials of an account with

administrative privileges on that machine. Click Connect.

5. Specify the address and credentials for the vCenter Server or stand-alone ESXi host, and then

click Connect. We recommend using an account that has the Administrator role assigned. Otherwise, provide an account with the necessary privileges (p. 194) on the vCenter Server or ESXi.

6. Click Install to install the agent.

Registering an already installed Agent for VMware

This section describes registering Agent for VMware via the web interface.

Alternative registration methods:

 You can register Agent for VMware (Virtual Appliance) by specifying the management server in

the virtual appliance UI. See step 3 under "Configuring the virtual appliance" in the "Deploying Agent for VMware (Virtual Appliance) from an OVF template" (p. 35) section.

 Agent for VMware (Windows) is registered during its local installation (p. 33).

To register Agent for VMware

1. Click All devices > Add.

2. Click VMware ESXi.

3. Select Register an already installed agent.

4. If you register Agent for VMware (Windows), specify the host name or IP address of the machine

where the agent is installed, and credentials of an account with administrative privileges on that machine.

If you register Agent for VMware (Virtual Appliance), specify the host name or IP address of the virtual appliance, and credentials for the vCenter Server or the stand-alone ESXi host where the appliance is running.

Click Connect.

5. Specify the host name or IP address of the vCenter Server or the ESXi host, and credentials to

access it, and then click Connect. We recommend using an account that has the Administrator role assigned. Otherwise, provide an account with the necessary privileges (p. 194) on the vCenter Server or ESXi.

6. Click Register to register the agent.

2.6.3 Installing agents locally

2.6.3.1 Installation in Windows

To install Agent for Windows, Agent for Hyper-V, Agent for Exchange, Agent for SQL, or Agent for Active Directory

1. Log on as an administrator and start the Acronis Backup setup program.

2. [Optional] To change the language the setup program is displayed in, click Setup language.

3. Accept the terms of the license agreement and select whether the machine will participate in the

Acronis Customer Experience Program (CEP).

4. Select Install a backup agent.

5. Do any of the following:

 Click Install Acronis Backup.

This is the easiest way to install the product. Most of the installation parameters will be set to their default values.

The following components will be installed:

 Agent for Windows  Other agents (Agent for Hyper-V, Agent for Exchange, Agent for SQL, and Agent for

Active Directory), if the respective hypervisor or application is detected on the machine

 Bootable Media Builder  Command-Line Tool  Backup Monitor

 Click Customize installation settings to configure the setup.

You will be able to select the components to be installed and to specify additional parameters. For details, refer to "Customizing installation settings" (p. 27).

 Click Create .mst and .msi files for unattended installation to extract the installation

packages. Review or modify the installation settings that will be added to the .mst file, and then click Generate. Further steps of this procedure are not required.

If you want to deploy agents through Group Policy, proceed as described in "Deploying agents through Group Policy" (p. 42).

6. Specify the management server where the machine with the agent will be registered: a. Specify the host name or IP address of the machine where the management server is

installed.

b. Specify credentials of a management server administrator. You can use the current Windows

session credentials or explicitly specify the user name and password.

If you are logged on not as a management server administrator, you still can register the machine, by leaving the default Connect to the management server as option.

c. Click Done.

7. If prompted, select whether the machine with the agent will be added to the organization or to

one of the units.

This prompt appears if you administer more than one unit, or an organization with at least one unit. Otherwise, the machine will be silently added to the unit you administer or to the organization. For more information, refer to "Administrators and units" (p. 233).

8. Proceed with the installation.

9. After the installation completes, click Close.

10. If you installed Agent for Exchange, you will be able to back up Exchange databases. If you want

to back up Exchange mailboxes, open the backup console, click Add > Microsoft Exchange Server > Exchange mailboxes, and then specify the machine where the Client Access server role (CAS) of Microsoft Exchange Server is enabled. For more information, refer to "Mailbox backup" (p. 162).

To install Agent for VMware (Windows), Agent for Office 365, Agent for Oracle, or Agent for Exchange on a machine without Microsoft Exchange Server

1. Log on as an administrator and start the Acronis Backup setup program.

2. [Optional] To change the language the setup program is displayed in, click Setup language.

3. Accept the terms of the license agreement and select whether the machine will participate in the

Acronis Customer Experience Program (CEP).

4. Select Install a backup agent, and then click Customize installation settings.

5. Next to What to install, click Change.

6. Select the check box corresponding to the agent that you want to install. Clear the check boxes

for the components that you do not want to install. Click Done to continue.

7. Specify the management server where the agent will be registered: a. Next to Acronis Backup Management Server, click Specify. b. Specify the host name or IP address of the machine where the management server is

installed.

c. Specify credentials of a management server administrator. You can use the current Windows

session credentials or explicitly specify the user name and password.

If you are logged on not as a management server administrator, you still can register the machine, by leaving the default Connect to the management server as option.

d. Click Done.

8. If prompted, select whether the machine with the agent will be added to the organization or to

one of the units.

9. [Optional] Change other installation settings as described in "Customizing installation settings" (p.

27).

10. Click Install to proceed with the installation.

11. After the installation completes, click Close.

12. [Only when installing Agent for VMware (Windows)] Perform the procedure described in the

"Registering an already installed Agent for VMware" (p. 32) section.

13. [Only when installing Agent for Exchange] Open the backup console, click Add > Microsoft

Exchange Server > Exchange mailboxes, and then specify the machine where the Client Access server role (CAS) of Microsoft Exchange Server is enabled. For more information, refer to "Mailbox backup" (p. 162).

2.6.3.2 Installation in Linux

Preparation

1. Before installing the product on a system that does not use RPM Package Manager, such as an

Ubuntu system, you need to install this manager manually; for example, by running the following command (as the root user): apt-get install rpm.

2. Ensure that the necessary Linux packages (p. 20) are installed on the machine.

Installation

To install Agent for Linux

1. As the root user, run the appropriate installation file (an .i686 or an .x86_64 file).

2. Accept the terms of the license agreement.

3. Clear the Acronis Backup Management Server check box, and then click Next.

4. Specify the host name or IP address of the machine where the management server is installed.

5. Click Next to proceed with the installation.

6. After the installation completes, click Exit.

Troubleshooting information is provided in the file: /usr/lib/Acronis/BackupAndRecovery/HOWTO.INSTALL

2.6.3.3 Installation in OS X

To install Agent for Mac

1. Double-click the installation file (.dmg).

2. Wait while the operating system mounts the installation disk image.

3. Double-click Install.

4. Follow the on-screen instructions.

2.6.3.4 Deploying Agent for VMware (Virtual Appliance) from an OVF

template

After the management server is installed, the virtual appliance's OVF package is located in the folder %ProgramFiles%\Acronis\ESXAppliance (in Windows) or /usr/lib/Acronis/ESXAppliance (in Linux).

The folder contains one .ovf file and two .vmdk files. Ensure that these files can be accessed from the machine running the vSphere Client.

Deploying the OVF template

1. Start the vSphere Client and log on to the vCenter Server.

2. On the File menu, click Deploy OVF Template.

3. In Source, specify the path to the virtual appliance's OVF package.

4. Review the OVF Template Details and click Next.

5. In Name and Location, type the name for the appliance or leave the default name of

AcronisESXAppliance.

6. In Host / Cluster, select the ESXi host that the appliance will be deployed to.

7. [Optional] In Resource Pool, select the resource pool that will contain the appliance.

8. In Storage, leave the default datastore unless it does not have enough space for the virtual

appliance. In this case, select another datastore. Skip this step if there is only one datastore on the server.

9. In Disk Format, select any required value. The disk format does not affect the appliance

performance.

10. In Network mapping, select the bridged mode for the network adapter.

11. Review the summary, and then click Finish. After the successful deployment is reported, close

the progress window.

Configuring the virtual appliance

1. Starting the virtual appliance

In the vSphere Client, display the Inventory, right-click the virtual appliance's name, and then select Power > Power On. Select the Console tab. On the welcome screen, click Close.

2. vCenter/ESX(i)

Under Agent options, in vCenter/ESX(i), click Change and specify the vCenter Server name or IP address. The agent will be able to back up and recover any virtual machine managed by the vCenter Server.

If you do not use a vCenter Server, specify the name or IP address of the ESXi host whose virtual machines you want to back up and recover. Normally, backups run faster when the agent backs up virtual machines hosted on its own host.

Specify the credentials that the agent will use to connect to the vCenter Server or ESXi. We recommend using an account that has the Administrator role assigned. Otherwise, provide an account with the necessary privileges (p. 194) on the vCenter Server or ESXi.

You can click Check connection to ensure the access credentials are correct.

3. Acronis Backup Management Server

Under Agent options, in Acronis Backup Management Server, click Change.

Specify the host name or IP address of the machine where the management server is installed, and the access credentials for that machine.

4. Time zone

Under Virtual machine, in Time zone, click Change. Select the time zone of your location to ensure that the scheduled operations run at the appropriate time.

The virtual appliance is ready to work. In addition, you can change the following settings:

 Network settings

The agent's network connection is configured automatically by using Dynamic Host Configuration Protocol (DHCP). To change the default configuration, under Agent options, in eth0, click Change and specify the desired network settings.

 Local storages

You can attach an additional disk to the virtual appliance so the Agent for VMware can back up to this locally attached storage. This kind of backup is normally faster than a backup via LAN and it does not consume the network bandwidth.

The virtual disk size must be at least 10 GB. Add the disk by editing the settings of the virtual machine and click Refresh. The Create storage link becomes available. Click this link, select the disk, and then specify a label for it.

Be careful when adding an already existing disk. Once the storage is created, all data previously contained on this disk will be lost.

2.6.4 Managing licenses

Licensing of Acronis Backup is based on the number of the backed-up physical machines and virtualization hosts. Both subscription and perpetual licenses can be used. A subscription expiration period starts when you register it on the Acronis site.

To start using Acronis Backup, you need to add at least one license key to the management server. A license is automatically assigned to a machine when a backup plan is applied.

Licenses can also be assigned and revoked manually. Manual operations with licenses are available only to organization administrators (p. 233).

To add a license key

1. Click Settings > Licenses.

2. Click Add keys.

3. Enter the license keys.

4. Click Add.

5. To activate a subscription, you must be signed in. If you entered at least one subscription key,

enter the email address and password of your Acronis account, and then click Sign in. If you entered only perpetual keys, skip this step.

6. Click Done.

Tip If you have already registered the subscription keys, the management server can import them from your Acronis account. To synchronize the subscription keys, click Sync and sign in.

Managing perpetual licenses

To assign a perpetual license to a machine

1. Click Settings > Licenses.

2. Select a perpetual license.

The software displays the license keys that correspond to the selected license.

3. Select the key to assign.

4. Click Assign.

The software displays the machines that the selected key can be assigned to.

5. Select the machine, and then click Done.

To revoke a perpetual license from a machine

1. Click Settings > Licenses.

2. Select a perpetual license.

The software displays the license keys that correspond to the selected license. The machine that the key is assigned to is shown in the Assigned to column.

3. Select the license key to revoke.

4. Click Revoke.

5. Confirm your decision.

The revoked key will remain in the license keys list. It can be assigned to another machine.

Managing subscription licenses

To assign a subscription license to a machine

1. Click Settings > Licenses.

2. Select a subscription license.

The software displays the machines that the selected license is already assigned to.

3. Click Assign.

The software displays the machines that the selected license can be assigned to.

4. Select the machine, and then click Done.

To revoke a subscription license from a machine

1. Click Settings > Licenses.

2. Select a subscription license.

The software displays machines that the selected license is already assigned to.

3. Select the machine to revoke the license from.

4. Click Revoke license.

5. Confirm your decision.

2.7 Cloud deployment

2.7.1 Preparation

Step 1

Choose the agent, depending on what you are going to back up. For the information about the agents, refer to the "Components" (p. 11) section.

Step 2

Download the setup program. To find the download links, click All devices > Add.

The Add devices page provides web installers for each agent that is installed in Windows. A web installer is a small executable file that downloads the main setup program from the Internet and saves it as a temporary file. This file is deleted immediately after the installation.

If you want to store the setup programs locally, download a package containing all agents for installation in Windows by using the link at the bottom of the Add devices page. Both 32-bit and 64-bit packages are available. These packages enable you to customize the list of components to install. These packages also enable unattended installation, for example, via Group Policy. This advanced scenario is described in "Deploying agents through Group Policy" (p. 42).

Installation in Linux and OS X is performed from ordinary setup programs.

All setup programs require an Internet connection to register the machine in the backup service. If there is no Internet connection, the installation will fail.

Step 3

Before the installation, ensure that your firewalls and other components of your network security system (such as a proxy sever) allow both inbound and outbound connections through the following TCP ports:

 443 and 8443 These ports are used for accessing the backup console, registering the agents,

downloading the certificates, user authorization, and downloading files from the cloud storage.

 7770...7800 The agents use these ports to communicate with the backup management server.  44445 The agents use this port for data transfer during backup and recovery.

If a proxy server is enabled in your network, refer to the "Proxy server settings" (p. 39) section to understand whether you need to configure these settings on each machine that runs a backup agent.

2.7.2 Proxy server settings

The backup agents can transfer data through an HTTP proxy server.

The agent installation requires an Internet connection. If a proxy server is configured in Windows (Control panel > Internet Options > Connections), the setup program reads the proxy server settings from the registry and uses them automatically. In Linux and OS X, you must specify the proxy settings before the installation.

Use the procedures below to specify the proxy settings before the agent installation or to change them at a later time.

In Linux

1. Create the file /etc/Acronis/Global.config and open it in a text editor.

2. Copy and paste the following lines into the file:

<?xml version="1.0" ?> <registry name="Global"> <key name="HttpProxy"> <value name="Enabled" type="Tdword">"1"</value> <value name="Host" type="TString">"proxy.company.com"</value> <value name="Port" type="Tdword">"443"</value> </key> </registry>

3. Replace proxy.company.com with your proxy server host name/IP address, and 443 with the

decimal value of the port number.

4. Save the file.

5. If the backup agent is not installed yet, you can now install it. Otherwise, restart the agent by

executing the following command in any directory:

sudo service acronis_mms restart

In OS X

1. Create the file /Library/Application Support/Acronis/Registry/Global.config and open it in a

text editor, such as Text Edit.

2. Copy and paste the following lines into the file:

3. Replace proxy.company.com with your proxy server host name/IP address, and 443 with the

decimal value of the port number.

4. Save the file.

5. If the backup agent is not installed yet, you can now install it. Otherwise, do the following to

restart the agent:

a. Go to Applications > Utilities > Terminal b. Run the following commands:

sudo launchctl stop acronis_mms sudo launchctl start acronis_mms

In Windows

1. Create a new text document and open it in a text editor, such as Notepad.

2. Copy and paste the following lines into the file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Acronis\Global\HttpProxy] "Enabled"=dword:00000001 "Host"="proxy.company.com" "Port"=dword:000001bb

3. Replace proxy.company.com with your proxy server host name/IP address, and 000001bb

with the hexadecimal value of the port number. For example, 000001bb is port 443.

4. Save the document as proxy.reg.

5. Run the file as an administrator.

6. Confirm that you want to edit the Windows registry.

7. If the backup agent is not installed yet, you can now install it. Otherwise, do the following to

restart the agent:

a. In the Start menu, click Run, and then type: cmd b. Click OK. c. Run the following commands:

net stop mms net start mms

2.7.3 Installing agents

In Windows

1. Ensure that the machine is connected to the Internet.

2. Log on as an administrator and start the setup program.

3. Click Install.

4. Specify the credentials of the account to which the machine should be assigned.

5. Click Show proxy settings if you want to verify or change the proxy server host name/IP address

and port. Otherwise, skip this step. If a proxy server is enabled in Windows, it is detected and used automatically.

6. [Only when installing Agent for VMware] Specify the address and access credentials for the

vCenter Server or stand-alone ESXi host whose virtual machines the agent will back up. We recommend using an account that has the Administrator role assigned. Otherwise, provide an account with the necessary privileges (p. 194) on the vCenter Server or ESXi.

7. [Only when installing on a domain controller] Specify the user account under which the agent

service will run. For security reasons, the setup program does not automatically create new accounts on a domain controller.

8. Click Start installation.

You can change the installation path and the account for the agent service by clicking Customize

installation settings on the first step of the installation wizard.

In Linux

1. Ensure that the machine is connected to the Internet.

2. As the root user, run the installation file.

3. Specify the credentials of the account to which the machine should be assigned.

4. Select the check boxes for the agents that you want to install. The following agents are available:

 Agent for Linux  Agent for Virtuozzo

Agent for Virtuozzo cannot be installed without Agent for Linux.

5. Complete the installation procedure.

Troubleshooting information is provided in the file:

/usr/lib/Acronis/BackupAndRecovery/HOWTO.INSTALL

In OS X

1. Ensure that the machine is connected to the Internet.

2. Double-click the installation file (.dmg).

3. Wait while the operating system mounts the installation disk image.

4. Double-click Install.

5. If prompted, provide administrator credentials.

6. Specify the credentials of the account to which the machine should be assigned.

7. Complete the installation procedure.

2.7.4 Activating the account

When an administrator creates an account for you, an email message is sent to your email address. The message contains the following information:

 An account activation link. Сlick the link and set the password for the account. Remember your

 A link to the backup console login page. Use this link to access the console in future. The login

and password are the same as in the previous step.

2.8 Deploying agents through Group Policy

You can centrally install (or deploy) Agent for Windows onto machines that are members of an Active Directory domain, by using Group Policy.

In this section, you will find out how to set up a Group Policy object to deploy agents onto machines in an entire domain or in its organizational unit.

Every time a machine logs on to the domain, the resulting Group Policy object will ensure that the agent is installed and registered.

Prerequisites

Before proceeding with agent deployment, ensure that:

 You have an Active Directory domain with a domain controller running Microsoft Windows

Server 2003 or later.

 You are a member of the Domain Admins group in the domain.  You have downloaded the All agents for installation in Windows setup program. The download

link is available on the Add devices page in the backup console.

Step 1: Creating the .mst transform and extracting the installation package

1. Log on as an administrator on any machine in the domain.

2. Create a shared folder that will contain the installation packages. Ensure that domain users can

access the shared folder—for example, by leaving the default sharing settings for Everyone.

3. Copy the setup program to the folder you created.

4. Start the setup program.

5. Click Create .mst and .msi files for unattended installation.

6. If prompted, specify the credentials of the account to which the machines should be assigned.

7. Review or modify the installation settings that will be added to the .mst file.

8. Click Generate.

As a result, the .mst transform is generated and the .msi and .cab installation packages are extracted to the folder you created. You can now move or delete the setup program .exe file.

Step 2: Setting up the Group Policy objects

1. Log on to the domain controller as a domain administrator; if the domain has more than one

domain controller, log on to any of them as a domain administrator.

2. If you are planning to deploy the agent in an organizational unit, ensure that the organizational

unit exists in the domain. Otherwise, skip this step.

3. In the Start menu, point to Administrative Tools, and then click Active Directory Users and

Computers (in Windows Server 2003) or Group Policy Management (in Windows Server 2008 and Windows Server 2012).

4. In Windows Server 2003:

 Right-click the name of the domain or organizational unit, and then click Properties. In the

dialog box, click the Group Policy tab, and then click New.

In Windows Server 2008 and Windows Server 2012:

 Right-click the name of the domain or organizational unit, and then click Create a GPO in this

domain, and Link it here.

5. Name the new Group Policy object Agent for Windows.

6. Open the Agent for Windows Group Policy object for editing, as follows:

 In Windows Server 2003, click the Group Policy object, and then click Edit.  In Windows Server 2008 and Windows Server 2012, under Group Policy Objects, right-click

the Group Policy object, and then click Edit.

7. In the Group Policy object editor snap-in, expand Computer Configuration.

8. In Windows Server 2003 and Windows Server 2008:

 Expand Software Settings.

In Windows Server 2012:

 Expand Policies > Software Settings.

9. Right-click Software installation, then point to New, and then click Package.

10. Select the agent's .msi installation package in the shared folder that you previously created, and

then click Open.

11. In the Deploy Software dialog box, click Advanced, and then click OK.

12. On the Modifications tab, click Add, and then select the .mst transform that you previously

created.

13. Click OK to close the Deploy Software dialog box.

2.9 Updating agents

To find the agent version, select the machine, and then click Details.

You can update agents by repeating their installation in any available way. To update multiple agents simultaneously, use the following procedure.

To update agents by using the Agents tab

1. [Only in on-premise deployments] Update the management server.

2. Click Settings > Agents.

The software displays the list of machines. The machines with outdated agent versions are marked with an orange exclamation mark.

3. Select the machines that you want to update the agents on. The machines must be online.

4. Click Update agent.

The update progress is shown on the Activities tab.

2.10 Uninstalling the product

If you want to remove individual product components from a machine, run the setup program, choose to modify the product, and clear the selection of the components that you want to remove. The links to the setup programs are present on the Downloads page (click the account icon in the top-right corner > Downloads).

If you want to remove all of the product components from a machine, follow the steps described below.

Warning In on-premise deployments, please do not uninstall the management server by mistake. The backup console will become unavailable. You will no longer be able to back up and recover all machines that are registered on the management server.

In Windows

1. Log on as an administrator.

2. Go to Control panel, and then select Programs and Features (Add or Remove Programs in

Windows XP) > Acronis Backup > Uninstall.

3. [Optional] Select the Remove the logs and configuration settings check box.

Keep this check box cleared if you are uninstalling an agent and are planning to install it again. If you select the check box, the machine may be duplicated in the backup console and the backups of the old machine may not be associated with the new machine.

4. Confirm your decision.

5. If you are planning to install the agent again, skip this step. Otherwise, in the backup console,

click Settings > Agents, select the machine where the agent was installed, and then click Delete.

In Linux

1. As the root user, run /usr/lib/Acronis/BackupAndRecovery/uninstall/uninstall.

2. [Optional] Select the Clean up all product traces (Remove the product's logs, tasks, vaults, and

configuration settings) check box.

3. Confirm your decision.

4. If you are planning to install the agent again, skip this step. Otherwise, in the backup console,

click Settings > Agents, select the machine where the agent was installed, and then click Delete.

In OS X

1. Double-click the installation file (.dmg).

2. Wait while the operating system mounts the installation disk image.

3. Inside the image, double-click Uninstall.

4. If prompted, provide administrator credentials.

5. Confirm your decision.

6. If you are planning to install the agent again, skip this step. Otherwise, in the backup console,

click Settings > Agents, select the machine where the agent was installed, and then click Delete.

Removing Agent for VMware (Virtual Appliance)

1. Start the vSphere Client and log on to the vCenter Server.

2. If the virtual appliance (VA) is powered on, right-click it, and then click Power > Power Off.

Confirm your decision.

3. If the VA uses a locally attached storage on a virtual disk and you want to preserve data on that

disk, do the following:

a. Right-click the VA, and then click Edit Settings. b. Select the disk with the storage, and then click Remove. Under Removal Options, click

Remove from virtual machine.

c. Click OK.

As a result, the disk remains in the datastore. You can attach the disk to another VA.

4. Right-click the VA, and then click Delete from Disk. Confirm your decision.

5. If you are planning to install the agent again, skip this step. Otherwise, in the backup console,

click Settings > Agents, select the virtual appliance, and then click Delete.

3 Accessing the backup console

To access the backup console, enter the login page address into the web browser address bar, and then sign in as described below.

On-premise deployment

The login page address is the IP address or name of the machine where the management server is installed.

In Windows

If the management server is installed in Windows, there are two ways to sign in to the backup console:

 Сlick Sign in to sign in as the current Windows user.

This is the easiest way to sign in from the same machine where the management server is installed.

If the management server is installed on a different machine, this method works on the conditions that:

 The machine you are signing in from is in the same Active Directory domain as the

management server.

 You are logged on as a domain user.

We recommend configuring your web browser for Integrated Windows Authentication (p. 45). Otherwise, the browser will ask for a user name and password.

 Сlick Enter user name and password, and then specify the user name and password.

In any case, your account must be in the list of the management server administrators. By default, this list contains the Administrators group on the machine running the management server. For more information, refer to "Administrators and units" (p. 233).

In Linux

If the management server is installed in Linux, specify the user name "root" and the password of the root user.

Cloud deployment

The login page address is https://backup.acronis.com/. The user name and password are those of your Acronis account.

If your account was created by the backup administrator, you need to activate the account and set the password by clicking the link in your activation email.

Changing the language

When logged in, you can change the language of the web interface by clicking the account icon in the top-right corner.

3.1 Configuring a web browser for Integrated Windows

Authentication

Integrated Windows Authentication is possible if you access the backup console from a machine running Windows and any supported browser (p. 13).

We recommend configuring your web browser for Integrated Windows Authentication. Otherwise, the browser will ask for a user name and password.

Configuring Internet Explorer, Microsoft Edge, Opera, and Google Chrome

If the machine running the browser is in the same Active Directory domain as the machine running the management server, add the console's login page to the list of Local intranet sites.

Otherwise, add the console's login page to the list of Trusted sites and enable the Automatic logon with current user name and password setting.

The step-by-step instructions are provided later in this section. Because these browsers use Windows settings, it is also possible to configure them by using Group Policy in an Active Directory domain.

Configuring Mozilla Firefox

1. In Firefox, navigate to the URL about:config, and then click the I accept the risk button.

2. In the Search field, search for the network.negotiate-auth.trusted-uris preference.

3. Double-click the preference, and then enter the address of the backup console login page.

4. Repeat steps 2-3 for the network.automatic-ntlm-auth.trusted-uris preference.

5. Close the about:config window.

3.1.1 Adding the console to the list of local intranet sites

1. Go to Control Panel > Internet Options.

2. On the Security tab, select Local intranet.

3. Click Sites.

4. In Add this website to the zone, enter the address of the backup console login page, and then

click Add.

5. Click Close.

6. Click OK.

3.1.2 Adding the console to the list of trusted sites

1. Go to Control Panel > Internet Options.

2. On the Security tab, select Trusted sites, and then click Custom Level.

3. Under Logon, select Automatic logon with current user name and password, and then click OK.

4. On the Security tab, with Trusted sites still selected, click Sites.

5. In Add this website to the zone, enter the address of the backup console login page, and then

click Add.

6. Click Close.

7. Click OK.

4 Backup console views

The backup console has two views: a simple view and a table view. To switch between the views, click the corresponding icon in the top right corner.

The simple view supports a small number of machines.

The table view is enabled automatically when the number of machines becomes large.

Both views provide access to the same features and operations. This document describes access to operations from the table view.

5 Backup

A backup plan is a set of rules that specify how the given data will be protected on a given machine.

A backup plan can be applied to multiple machines at the time of its creation, or later.

To create the first backup plan

1. Select the machines that you want to back up.

2. Click Backup.

The software displays a new backup plan template.

3. [Optional] To modify the backup plan name, click the default name.

4. [Optional] To modify the plan parameters, click the corresponding section of the backup plan

panel.

5. [Optional] To modify the backup options, click the gear icon.

6. Click Create.

To apply an existing backup plan

1. Select the machines that you want to back up.

2. Click Backup. If a common backup plan is already applied to the selected machines, click Add

backup plan.

The software displays previously created backup plans.

WHAT TO BACK UP

ITEMS TO BACK UP

Selection methods

WHERE TO BACK

SCHEDULE

Backup schemes

(not for Cloud)

HOW LONG TO KEEP

Disks/volumes

(physical machines)

Direct selection (p. 58)

Policy rules (p. 58)

File filters (p. 88)

Cloud (p. 60)

Local folder (p.

60)

Network folder

(p. 60)

SFTP server (p.

60)*

NFS (p. 60)*

Secure Zone (p.

60)*

Managed

location (p. 60)*

Tape device (p.

60)*

Always incremental

(Single-file) (p. 64)*

Always full (p. 64)

Weekly full, Daily

incremental (p. 64)

Monthly full, Weekly

differential, Daily

incremental (GFS) (p.

64)

Custom (F-D-I) (p. 64)

By backup age

(single rule/per

backup set) (p. 70)

By number of

backups (p. 70)

By total size of

backups (p. 70)*

Keep indefinitely (p.

70)

3. Select a backup plan to apply.

4. Click Apply.

5.1 Backup plan cheat sheet

Important Some of the features described in this section were introduced in version 12.5, which affects only on-premise deployments. These features are not yet available in cloud deployments. For more information, refer to "What's new in Acronis Backup 12.5" (p. 7).

The following table summarizes the available backup plan parameters. Use the table to create a backup plan that best fits your needs.

WHAT TO BACK UP

ITEMS TO BACK UP

Selection methods

WHERE TO BACK

SCHEDULE

Backup schemes

(not for Cloud)

HOW LONG TO KEEP

Disks/volumes

(virtual machines)

Policy rules (p. 58)

File filters (p. 88)

Cloud (p. 60)

Local folder (p.

60)

Network folder

(p. 60)

SFTP server (p.

60)*

NFS (p. 60)*

Managed

location (p. 60)*

Tape device (p.

60)*

Files (physical

machines only)

Direct selection (p. 56)

Policy rules (p. 56)

File filters (p. 88)

Cloud (p. 60)

Local folder (p.

60)

Network folder

(p. 60)

SFTP server (p.

60)*

NFS (p. 60)*

Secure Zone (p.

60)*

Managed

location (p. 60)*

Tape device (p.

60)

Always full (p. 64)

Weekly full, Daily

incremental (p. 64)

Monthly full, Weekly

differential, Daily

incremental (GFS) (p.

64)

Custom (F-D-I) (p. 64)

ESXi configuration

Direct selection (p. 60)

Local folder (p.

60)

Network folder

(p. 60)

SFTP server (p.

60)

NFS (p. 60)*

System state (in

cloud deployments

only)

Direct selection (p. 57)

Cloud (p. 60)

Local folder (p.

60)

Network folder

(p. 60)

Always full (p. 64)

Weekly full, daily incremental (p. 64) Custom (F-I) (p. 64)

SQL databases

Direct selection (p. 157)

Cloud (p. 60) Local folder (p.

60)

Network folder

(p. 60)

Managed

location (p. 60)*

Tape device (p.

60)

Exchange databases

Direct selection (p. 157)

WHAT TO BACK UP

ITEMS TO BACK UP

Selection methods

WHERE TO BACK

SCHEDULE

Backup schemes

(not for Cloud)

HOW LONG TO KEEP

Exchange mailboxes

Direct selection (p. 162)

Cloud (p. 60) Local folder (p.

60)

Network folder

(p. 60)

Managed

location (p. 60)*

Always incremental

(Single-file) (p. 64)

Office 365 mailboxes

Direct selection (p. 173)

By backup age

(single rule/per

backup set) (p. 70)

By number of

backups (p. 70)

Keep indefinitely (p.

70)

* See the limitations below.

Limitations

SFTP server and tape device

 These locations cannot be a destination for disk-level backups of machines running macOS.  These locations cannot be a destination for application-aware backups.  The Always incremental (single-file) backup scheme is not available when backing up to these

locations.

 The By total size of backups retention rule is not available for these locations.

NFS

 Backup to NFS shares is not available in Windows.

Secure Zone

 Secure Zone cannot be created on a Mac.

Managed location

 A managed location cannot be a destination if the backup scheme is set to Always incremental

(single-file) and encryption is enabled in the backup plan.

 A managed location with enabled deduplication or encryption cannot be selected as the

destination:

 If the backup scheme is set to Always incremental (single-file)  If the backup format is set to Version 12  For disk-level backups of machines running macOS  For backups of Exchange mailboxes and Office 365 mailboxes.

 The By total size of backups retention rule is not available for a managed location with enabled

deduplication.

Always incremental (single-file)

 The Always incremental (single-file) backup scheme is not available when backing up to an SFTP

By total size of backups

 The By total size of backups retention rule is not available:

server or a tape device.

 If the backup scheme is set to Always incremental (single-file)  When backing up to an SFTP server, a tape device, or a managed location with enabled

deduplication.

5.2 Selecting data to back up

5.2.1 Selecting files/folders

File-level backup is available only for physical machines.

A file-level backup is not sufficient for recovery of the operating system. Choose file backup if you plan to protect only certain data (the current project, for example). This will reduce the backup size, thus saving storage space.

There are two ways of selecting files: directly on each machine or by using policy rules. Either method allows you to further refine the selection by setting the file filters (p. 88).

Direct selection

1. In What to back up, select Files/folders.

2. Click Items to back up.

3. In Select items for backup, select Directly.

4. For each of the machines included in the backup plan: a. Click Select files and folders. b. Click Local folder or Network folder.

The share must be accessible from the selected machine.

c. Browse to the required files/folders or enter the path and click the arrow button. If

prompted, specify the user name and password for the shared folder.

Backing up a folder with anonymous access is not supported.

d. Select the required files/folders. e. Click Done.

Using policy rules

1. In What to back up, select Files/folders.

2. Click Items to back up.

3. In Select items for backup, select Using policy rules.

4. Select any of the predefined rules, type your own rules, or combine both.

The policy rules will be applied to all of the machines included in the backup plan. If no data meeting at least one of the rules is found on a machine when the backup starts, the backup will fail on that machine.

5. Click Done.

Selection rules for Windows

 Full path to a file or folder, for example D:\Work\Text.doc or C:\Windows.  Templates:

 [All Files] selects all files on all volumes of the machine.  [All Profiles Folder] selects the folder where all user profiles are located (typically,

C:\Users or C:\Documents and Settings).

 Environment variables:

 %ALLUSERSPROFILE% selects the folder where the common data of all user profiles is

located (typically, C:\ProgramData or C:\Documents and Settings\All Users).

 %PROGRAMFILES% selects the Program Files folder (for example, C:\Program Files).  %WINDIR% selects the folder where Windows is located (for example, C:\Windows).

You can use other environment variables or a combination of environment variables and text. For example, to select the Java folder in the Program Files folder, type: %PROGRAMFILES%\Java.

Selection rules for Linux

 Full path to a file or directory. For example, to back up file.txt on the volume /dev/hda3

mounted on /home/usr/docs, specify /dev/hda3/file.txt or /home/usr/docs/file.txt.

 /home selects the home directory of the common users.  /root selects the root user's home directory.  /usr selects the directory for all user-related programs.  /etc selects the directory for system configuration files.

 Templates:

 [All Profiles Folder] selects /home. This is the folder where all user profiles are

located by default.

Selection rules for OS X

 Full path to a file or directory.  Templates:

 [All Profiles Folder] selects /Users. This is the folder where all user profiles are

located by default.

Examples:

 To back up file.txt on your desktop, specify /Users/<username>/Desktop/file.txt, where

<username> is your user name.

 To back up all users' home directories, specify /Users.  To back up the directory where the applications are installed, specify /Applications.

5.2.2 Selecting system state

System state backup is available for machines running Windows Vista and later.

To back up system state, in What to back up, select System state.

A system state backup is comprised of the following files:

 Task scheduler configuration  VSS Metadata Store  Performance counter configuration information  MSSearch Service  Background Intelligent Transfer Service (BITS)  The registry  Windows Management Instrumentation (WMI)  Component Services Class registration database

5.2.3 Selecting disks/volumes

A disk-level backup contains a copy of a disk or a volume in a packaged form. You can recover individual disks, volumes, or files from a disk-level backup. A backup of an entire machine is a backup of all its disks.

There are two ways of selecting disks/volumes: directly on each machine or by using policy rules. You can exclude files from a disk backup by setting the file filters (p. 88).

Direct selection

Direct selection is available only for physical machines.

1. In What to back up, select Disks/volumes.

2. Click Items to back up.

3. In Select items for backup, select Directly.

4. For each of the machines included in the backup plan, select the check boxes next to the disks or

volumes to back up.

5. Click Done.

Using policy rules

1. In What to back up, select Disks/volumes.

2. Click Items to back up.

3. In Select items for backup, select Using policy rules.

4. Select any of the predefined rules, type your own rules, or combine both.

5. Click Done.

Rules for Windows, Linux, and OS X

 [All volumes] selects all volumes on machines running Windows and all mounted volumes on

machines running Linux or OS X.

Rules for Windows

 Drive letter (for example C:\) selects the volume with the specified drive letter.  [Fixed Volumes (Physical machines)] selects all volumes of physical machines, other than

removable media. Fixed volumes include volumes on SCSI, ATAPI, ATA, SSA, SAS, and SATA devices, and on RAID arrays.

 [BOOT+SYSTEM] selects the system and boot volumes. This combination is the minimal set of

data that ensures recovery of the operating system from the backup.

 [Disk 1] selects the first disk of the machine, including all volumes on that disk. To select

another disk, type the corresponding number.

Rules for Linux

 /dev/hda1 selects the first volume on the first IDE hard disk.  /dev/sda1 selects the first volume on the first SCSI hard disk.  /dev/md1 selects the first software RAID hard disk.

To select other basic volumes, specify /dev/xdyN, where:

 "x" corresponds to the disk type

 "y" corresponds to the disk number (a for the first disk, b for the second disk, and so on)  "N" is the volume number.

To select a logical volume, specify its name along with the volume group name. For example, to back up two logical volumes, lv_root and lv_bin, both of which belong to the volume group vg_mymachine, specify:

/dev/vg_mymachine/lv_root /dev/vg_mymachine/lv_bin

Rules for OS X

 [Disk 1] Selects the first disk of the machine, including all volumes on that disk. To select

another disk, type the corresponding number.

5.2.3.1 What does a disk or volume backup store?

A disk or volume backup stores a disk or a volume file system as a whole and includes all of the information necessary for the operating system to boot. It is possible to recover disks or volumes as a whole from such backups as well as individual folders or files.

With the sector-by-sector (raw mode) backup option (p. 96) enabled, a disk backup stores all the disk sectors. The sector-by-sector backup can be used for backing up disks with unrecognized or unsupported file systems and other proprietary data formats.

Windows

A volume backup stores all files and folders of the selected volume independent of their attributes (including hidden and system files), the boot record, the file allocation table (FAT) if it exists, the root and the zero track of the hard disk with the master boot record (MBR).

A disk backup stores all volumes of the selected disk (including hidden volumes such as the vendor's maintenance partitions) and the zero track with the master boot record.

The following items are not included in a disk or volume backup (as well as in a file-level backup):

 The swap file (pagefile.sys) and the file that keeps the RAM content when the machine goes into

hibernation (hiberfil.sys). After recovery, the files will be re-created in the appropriate place with the zero size.

 If the backup is performed under the operating system (as opposed to bootable media or backing

up virtual machines at a hypervisor level):

 Windows shadow storage. The path to it is determined in the registry value VSS Default

Provider which can be found in the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBa ckup. This means that in operating systems starting with Windows Vista, Windows Restore

Points are not backed up.

 If the Volume Shadow Copy Service (VSS) backup option (p. 99) is enabled, files and folders

that are specified in the

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToSn apshot registry key.

Linux

A volume backup stores all files and directories of the selected volume independent of their attributes, a boot record, and the file system super block.

A disk backup stores all disk volumes as well as the zero track with the master boot record.

Mac

A disk or volume backup stores all files and directories of the selected disk or volume, plus a description of the volume layout.

The following items are excluded:

 System metadata, such as the file system journal and Spotlight index  The Trash  Time machine backups

Physically, disks and volumes on a Mac are backed up at a file level. Bare metal recovery from disk and volume backups is possible, but the sector-by-sector backup mode is not available.

5.2.4 Selecting ESXi configuration

A backup of an ESXi host configuration enables you to recover an ESXi host to bare metal. The recovery is performed under bootable media.

The virtual machines running on the host are not included in the backup. They can be backed up and recovered separately.

A backup of an ESXi host configuration includes:

 The bootloader and boot bank partitions of the host.  The host state (configuration of virtual networking and storage, SSL keys, server network settings,

and local user information).

 Extensions and patches installed or staged on the host.  Log files.

Prerequisites

 SSH must be enabled in the Security Profile of the ESXi host configuration.  You must know the password for the 'root' account on the ESXi host.

To select an ESXi configuration

1. Click Devices > All machines, and then select the ESXi hosts that you want to back up.

2. Click Backup.

3. In What to back up, select ESXi configuration.

4. In ESXi 'root' password, specify a password for the 'root' account on each of the selected hosts

or apply the same password to all of the hosts.

5.3 Selecting a destination

To select a backup location

1. Click Where to back up.

2. Do one of the following:

 Select a previously used or predefined backup location

 Click Add location, and then specify a new backup location.

Supported locations

 Cloud storage

Backups will be stored in the cloud data center.

 Local folder

If a single machine is selected, browse to a folder on the selected machine or type the folder path.

If multiple machines are selected, type the folder path. Backups will be stored in this folder on each of the selected physical machines or on the machine where the agent for virtual machines is installed. If the folder does not exist, it will be created.

 Network folder

This is a folder shared via SMB/CIFS/DFS.

Browse to the required shared folder or enter the path in the following format:

 For SMB/CIFS shares: \\<host name>\<path>\ or smb://<host name>/<path>/  For DFS shares: \\<full DNS domain name>\<DFS root>\<path>

For example, \\example.company.com\shared\files

Then, click the arrow button. If prompted, specify the user name and password for the shared folder.

Backing up to a folder with anonymous access is not supported.

 NFS folder (available for machines running Linux or OS X)

Browse to the required NFS folder or enter the path in the following format: nfs://<host name>/<exported folder>:/<subfolder>

Then, click the arrow button.

It is not possible to back up to an NFS folder protected with a password.

 Secure Zone (available if it is present on each of the selected machines)

Secure Zone is a secure partition on a disk of the backed-up machine. This partition has to be created manually prior to configuring a backup. For information about how to create Secure Zone, its advantages and limitations, refer to "About Secure Zone" (p. 62).

 SFTP

Type the SFTP server name or address. The following notations are supported:

sftp://<server> sftp://<server>/<folder>

After entering the user name and password, you can browse the server folders.

In either notation, you can also specify the port, user name, and password:

sftp://<server>:<port>/<folder> sftp://<user name>@<server>:<port>/<folder> sftp://<user name>:<password>@<server>:<port>/<folder>

If the port number is not specified, port 22 is used.

Users, for whom SFTP access with no password is configured, cannot back up to SFTP.

Backing up to FTP servers is not supported.

Advanced storage options

Note This functionality is available only with the Acronis Backup Advanced license.

 Storage node

A storage node is a server designed to optimize the usage of various resources (such as the corporate storage capacity, the network bandwidth, and the production servers' CPU load) that are required to protect enterprise data. This goal is achieved by organizing and managing the locations that serve as dedicated storages of the enterprise backups (managed locations).

You can select a previously created location or create a new one by clicking Add location > Storage node. For information about the settings, refer to "Adding a managed location" (p. 225).

 Tape

If a tape device is attached to the backed-up machine or to a storage node, the location list shows the default tape pool. This pool is created automatically.

You can select the default pool or create a new one by clicking Add location > Tape. For information about pool settings, refer to "Creating a pool" (p. 218).

5.3.1 About Secure Zone

Secure Zone is a secure partition on a disk of the backed-up machine. It can store backups of disks or files of this machine.

Should the disk experience a physical failure, the backups located in the Secure Zone may be lost. That's why Secure Zone should not be the only location where a backup is stored. In enterprise environments, Secure Zone can be thought of as an intermediate location used for backup when an ordinary location is temporarily unavailable or connected through a slow or busy channel.

Why use Secure Zone?

Secure Zone:

 Enables recovery of a disk to the same disk where the disk's backup resides.  Offers a cost-effective and handy method for protecting data from software malfunction, virus

attack, human error.

 Eliminates the need for a separate media or network connection to back up or recover the data.

This is especially useful for roaming users.

 Can serve as a primary destination when using replication of backups.

Limitations

 Secure Zone cannot be organized on a Mac.  Secure Zone is a partition on a basic disk. It cannot be organized on a dynamic disk or created as

a logical volume (managed by LVM).

 Secure Zone is formatted with the FAT32 file system. Because FAT32 has a 4-GB file size limit,

larger backups are split when saved to Secure Zone. This does not affect the recovery procedure and speed.

 Secure Zone does not support the single-file backup format (p. 238). When you change the

destination to Secure Zone in a backup plan that has the Always incremental (Single-file) backup scheme, the scheme is changed to Weekly full, daily incremental.

How creating Secure Zone transforms the disk

 Secure Zone is always created at the end of the hard disk.  If there is no or not enough unallocated space at the end of the disk, but there is unallocated

space between volumes, the volumes will be moved to add more unallocated space to the end of the disk.

 When all unallocated space is collected but it is still not enough, the software will take free space

from the volumes you select, proportionally reducing the volumes' size.

 However, there should be free space on a volume, so that the operating system and applications

can operate; for example, create temporary files. The software will not decrease a volume where free space is or becomes less than 25 percent of the total volume size. Only when all volumes on the disk have 25 percent or less free space, will the software continue decreasing the volumes proportionally.

As is apparent from the above, specifying the maximum possible Secure Zone size is not advisable. You will end up with no free space on any volume, which might cause the operating system or applications to work unstably and even fail to start.

Important Moving or resizing the volume from which the system is booted requires a reboot.

How to create Secure Zone

1. Select the machine that you want to create Secure Zone on.

2. Click Details > Create Secure Zone.

3. Under Secure Zone disk, click Select, and then select a hard disk (if several) on which to create

the zone.

The software calculates the maximum possible size of Secure Zone.

4. Enter the Secure Zone size or drag the slider to select any size between the minimum and the

maximum ones.

The minimum size is approximately 50 MB, depending on the geometry of the hard disk. The maximum size is equal to the disk's unallocated space plus the total free space on all of the disk's volumes.

5. If all unallocated space is not enough for the size you specified, the software will take free space

from the existing volumes. By default, all volumes are selected. If you want to exclude some volumes, click Select volumes. Otherwise, skip this step.

6. [Optional] Enable the Password protection switch and specify a password.

The password will be required to access the backups located in Secure Zone. Backing up to Secure Zone does not require a password, unless the backup if performed under bootable media.

7. Click Create.

The software displays the expected partition layout. Click OK.

8. Wait while the software creates Secure Zone.

You can now choose Secure Zone in Where to back up when creating a backup plan.

How to delete Secure Zone

1. Select a machine with Secure Zone.

2. Click Details.

3. Click the gear icon next to Secure Zone, and then click Delete.

4. [Optional] Specify the volumes to which the space freed from the zone will be added. By default,

all volumes are selected.

The space will be distributed equally among the selected volumes. If you do not select any volumes, the freed space will become unallocated.

Resizing the volume from which the system is booted requires a reboot.

5. Click Delete.

As a result, Secure Zone will be deleted along with all backups stored in it.

5.4 Schedule

The scheduling parameters depend on the backup destination.

When backing up to cloud storage

By default, backups are performed on a daily basis, Monday to Friday. You can select the time to run the backup.

If you want to change the backup frequency, move the slider, and then specify the backup schedule.

You can schedule the backup to run by events, instead of by time. To do this, select the event type in the schedule selector. For more information, refer to "Schedule by events" (p. 66).

Important The first backup is full, which means that it is the most time-consuming. All subsequent backups are incremental and take significantly less time.

When backing up to other locations

You can choose one of the predefined backup schemes or create a custom scheme. A backup scheme is a part of the backup plan that includes the backup schedule and the backup methods.

In Backup scheme, select one of the following:

 [Only for disk-level backups] Always incremental (single-file)

By default, backups are performed on a daily basis, Monday to Friday. You can select the time to run the backup.

If you want to change the backup frequency, move the slider, and then specify the backup schedule.

The backups use the new single-file backup format (p. 238).

This scheme is not available when backing up to a tape device, an SFTP server, or Secure Zone.

 Always full

By default, backups are performed on a daily basis, Monday to Friday. You can select the time to run the backup.

If you want to change the backup frequency, move the slider, and then specify the backup schedule.

All backups are full.

 Weekly full, Daily incremental

By default, backups are performed on a daily basis, Monday to Friday. You can modify the days of the week and the time to run the backup.

A full backup is created once a week. All other backups are incremental. The day on which the full backup is created depends on the Weekly backup option (click the gear icon, then Backup options > Weekly backup).

 Monthly full, Weekly differential, Daily incremental (GFS)

By default, incremental backups are performed on a daily basis, Monday to Friday; differential backups are performed every Saturday; full backups are performed on the first day of each month. You can modify these schedules and the time to run the backup.

This backup scheme is displayed as a Custom scheme on the backup plan panel.

 Custom

Specify schedules for full, differential, and incremental backups.

Differential backup is not available when backing up SQL data, Exchange data, or system state.

With any backup scheme, you can schedule the backup to run by events, instead of by time. To do this, select the event type in the schedule selector. For more information, refer to "Schedule by events" (p. 66).

Additional scheduling options

With any destination, you can do the following:

 Specify the backup start conditions, so that a scheduled backup is performed only if the

conditions are met. For more information, refer to "Start conditions" (p. 67).

 Set a date range for when the schedule is effective. Select the Run the plan within a date range

check box, and then specify the date range.

 Disable the schedule. While the schedule is disabled, the retention rules are not applied unless a

backup is started manually.

 Introduce a delay from the scheduled time. The delay value for each machine is selected

randomly and ranges from zero to the maximum value you specify. You may want to use this setting when backing up multiple machines to a network location, to avoid excessive network load.

Click the gear icon, then Backup options > Scheduling. Select Distribute backup start times within a time window, and then specify the maximum delay. The delay value for each machine is determined when the backup plan is applied to the machine and remains the same until you edit the backup plan and change the maximum delay value.

Note In cloud deployments, this option is enabled by default, with the maximum delay set to 30 minutes.

WHAT TO BACK UP

Upon time

since last

backup

When a user

logs on to

the system

When a user

logs off the

system

On the system

startup

On the system

shutdown

On Windows

Event Log

event

Disks/volumes or files (physical machines)

Windows,

Linux

Windows

Windows,

Linux

Windows

Disks/volumes (virtual machines)

Windows,

Linux

– – – – –

ESXi configuration

Windows,

Linux

– – – – –

Office 365 mailboxes

Windows

– – –

–

Windows

Exchange databases and mailboxes

Windows

– – –

–

Windows

SQL databases

Windows

– – –

–

Windows

In on-premise deployments, by default all backups start exactly as scheduled.

5.4.1 Schedule by events

When setting up a schedule for a backup plan, you can select the event type in the schedule selector. The backup will be launched as soon as the event occurs.

You can choose one of the following events:

 Upon time since last backup

This is the time since the completion of the last successful backup within the same backup plan. You can specify the length of time.

 When a user logs on to the system

By default, logging on of any user will initiate a backup. You can change any user to a specific user account.

 When a user logs off the system

By default, logging off of any user will initiate a backup. You can change any user to a specific user account.

Note The backup will not run at a system shutdown because shutting down is not the same as logging off.

 On the system startup  On the system shutdown  On Windows Event Log event

You must specify the event properties (p. 66).

The table below lists the events available for various data under Windows and Linux. On a Mac, scheduling by events is not supported.

5.4.1.1 On Windows Event Log event

You can schedule a backup to start when a certain Windows event has been recorded in one of the event logs, such as the Application, Security, or System log.

For example, you may want to set up a backup plan that will automatically perform an emergency full backup of your data as soon as Windows discovers that your hard disk drive is about to fail.

To browse the events and view the event properties, use the Event Viewer snap-in available in the Computer Management console. To be able to open the Security log, you must be a member of the Administrators group.

Event properties

Log name

Specifies the name of the log. Select the name of a standard log (Application, Security, or System) from the list, or type a log name—for example: Microsoft Office Sessions

Event source

Specifies the event source, which typically indicates the program or the system component that caused the event—for example: disk

Event type

Specifies the event type: Error, Warning, Information, Audit success, or Audit failure.

Event ID

Specifies the event number, which typically identifies the particular kind of events among events from the same source.

For example, an Error event with Event source disk and Event ID 7 occurs when Windows discovers a bad block on a disk, whereas an Error event with Event source disk and Event ID 15 occurs when a disk is not ready for access yet.

Example: "Bad block" emergency backup

One or more bad blocks that have suddenly appeared on a hard disk usually indicate that the hard disk drive will soon fail. Suppose that you want to create a backup plan that will back up hard disk data as soon as such a situation occurs.

When Windows detects a bad block on a hard disk, it records an event with the event source disk and the event number 7 into the System log; the type of this event is Error.

When creating the plan, type or select the following in the Schedule section:

 Log name: System  Event source: disk  Event type: Error  Event ID: 7

Important To ensure that such a backup will complete despite the presence of bad blocks, you must make the backup ignore bad blocks. To do this, in Backup options, go to Error handling, and then select the Ignore bad sectors check box.

5.4.2 Start conditions

These settings add more flexibility to the scheduler, enabling it to execute a backup with respect to certain conditions. With multiple conditions, all of them must be met simultaneously to enable a backup to start.

To access these settings, click Show start conditions when setting up a schedule for a backup plan.

The scheduler behavior, in case the condition (or any of multiple conditions) is not met, is defined by the Backup start conditions (p. 84) backup option. To handle the situation when the conditions are

not met for too long and further delaying the backup is becoming risky, you can set the time interval

WHAT TO BACK UP

User is idle (p.

68)

The backup

location's host is

available (p. 68)

Users logged off

(p. 69)

Fits the time

interval (p. 69)

Disks/volumes or files (physical machines)

Windows

Windows, Linux

Windows

Windows, Linux

Disks/volumes (virtual machines)

–

Windows, Linux

–

Windows, Linux

ESXi configuration

–

Windows, Linux

–

Office 365 mailboxes

–

Windows

–

Exchange databases and mailboxes

–

Windows

–

SQL databases

–

Windows

–

after which the backup will run irrespective of the condition.

The table below lists the start conditions available for various data under Windows and Linux. On a Mac, start conditions are not supported.

5.4.2.1 User is idle

"User is idle" means that a screen saver is running on the machine or the machine is locked.

Example

Run the backup on the machine every day at 21:00, preferably when the user is idle. If the user is still active by 23:00, run the backup anyway.

 Schedule: Daily, Run every day. Start at: 21:00.  Condition: User is idle.  Backup start conditions: Wait until the conditions are met, Start the backup anyway after 2

hour(s).

As a result,

(1) If the user becomes idle before 21:00, the backup will start at 21:00.

(2) If the user becomes idle between 21:00 and 23:00, the backup will start immediately after the user becomes idle.

(3) If the user is still active at 23:00, the backup will start at 23:00.

5.4.2.2 The backup location's host is available

"The backup location's host is available" means that the machine hosting the destination for storing backups is available over the network.

This condition is effective for network folders, the cloud storage, and locations managed by a storage node.

This condition does not cover the availability of the location itself — only the host availability. For example, if the host is available, but the network folder on this host is not shared or the credentials for the folder are no longer valid, the condition is still considered met.

Example

Data is backed up to a network folder every workday at 21:00. If the machine that hosts the folder is not available at that moment (for instance, due to maintenance work), you want to skip the backup and wait for the scheduled start on the next workday.

 Schedule: Daily, Run Monday to Friday. Start at: 21:00.  Condition: The backup location's host is available.  Backup start conditions: Skip the scheduled backup.

As a result:

(1) If 21:00 comes and the host is available, the backup will start immediately.

(2) If 21:00 comes but the host is unavailable, the backup will start on the next workday if the host is available.

(3) If the host is never available on workdays at 21:00, the backup will never start.

5.4.2.3 Users logged off

Enables you to put a backup on hold until all users log off from Windows.

Example

Run the backup at 20:00 every Friday, preferably when all users are logged off. If one of the users is still logged on at 23:00, run the backup anyway.

 Schedule: Weekly, on Fridays. Start at: 20:00.  Condition: Users logged off.  Backup start conditions: Wait until the conditions are met, Start the backup anyway after 3

hour(s).

As a result:

(1) If all users are logged off at 20:00, the backup will start at 20:00.

(2) If the last user logs off between 20:00 and 23:00, the backup will start immediately after the user logs off.

(3) If any user is still logged on at 23:00, the backup will start at 23:00.

5.4.2.4 Fits the time interval

Restricts a backup start time to a specified interval.

Example

A company uses different locations on the same network-attached storage for backing up users' data and servers. The workday starts at 08:00 and ends at 17:00. Users' data should be backed up as soon as the users log off, but not earlier than 16:30. Every day at 23:00 the company's servers are backed up. So, all the users' data should preferably be backed up before this time, in order to free network bandwidth. It is assumed that backing up user's data takes no more than one hour, so the latest backup start time is 22:00. If a user is still logged on within the specified time interval, or logs off at any other time – do not back up the users' data, i.e., skip backup execution.

 Event: When a user logs off the system. Specify the user account: Any user.

 Condition: Fits the time interval from 16:30 to 22:00.  Backup start conditions: Skip the scheduled backup.

As a result:

(1) if the user logs off between 16:30 and 22:00, the backup will start immediately following the logging off.

(2) if the user logs off at any other time, the backup will be skipped.

5.5 Retention rules

1. Click How long to keep.

2. In Cleanup, choose one of the following:

 By backup age (default)

Specify how long to keep backups created by the backup plan. By default, the retention rules are specified for each backup set (p. 238) separately. If you want to use a single rule for all backups, click Switch to single rule for all backup sets.

 By number of backups

Specify the maximum number of backups to keep.

 By total size of backups

Specify the maximum total size of backups to keep.

This setting is not available with the Always incremental (single-file) backup scheme, or when backing up to the cloud storage, an SFTP server, or a tape device.

 Keep backups indefinitely

3. Select when to start the cleanup:

 After backup (default)

The retention rules will be applied after a new backup is created.

 Before backup

The retention rules will be applied before a new backup is created.

This setting is not available when backing up Microsoft SQL Server clusters or Microsoft Exchange Server clusters.

What else you need to know

 The last backup created by the backup plan always will be kept, even if a retention rule violation

is detected. Please do not try to delete the only backup you have by applying the retention rules before backup.

 Backups stored on tapes are not deleted until the tape is overwritten.  If, according to the backup scheme and backup format, each backup is stored as a separate file,

this file cannot be deleted until the lifetime of all its dependent (incremental and differential) backups expires. This requires extra space for storing backups whose deletion is postponed. Also, the backup age, number, or size of backups may exceed the values you specify.

This behavior can be changed by using the "Backup consolidation" (p. 79) backup option.

5.6 Encryption

We recommend that you encrypt all backups that are stored in the cloud storage, especially if your company is subject to regulatory compliance.

Important There is no way to recover encrypted backups if you lose or forget the password.

Encryption in a backup plan

To enable encryption, specify the encryption settings when creating a backup plan. After a backup plan is applied, the encryption settings cannot be modified. To use different encryption settings, create a new backup plan.

To specify the encryption settings in a backup plan

1. On the backup plan panel, enable the Encryption switch.

2. Specify and confirm the encryption password.

3. Select one of the following encryption algorithms:

 AES 128 – the backups will be encrypted by using the Advanced Encryption Standard (AES)

algorithm with a 128-bit key.

 AES 192 – the backups will be encrypted by using the AES algorithm with a 192-bit key.  AES 256 – the backups will be encrypted by using the AES algorithm with a 256-bit key.

4. Click OK.

Encryption as a machine property

This option is intended for administrators who handle backups of multiple machines. If you need a unique encryption password for each machine or if you need to enforce encryption of backups regardless of the backup plan encryption settings, save the encryption settings on each machine individually. The backups will be encrypted using the AES algorithm with a 256-bit key.

Saving the encryption settings on a machine affects the backup plans in the following way:

 Backup plans that are already applied to the machine. If the encryption settings in a backup

plan are different, the backups will fail.

 Backup plans that will be applied to the machine later. The encryption settings saved on a

machine will override the encryption settings in a backup plan. Any backup will be encrypted, even if encryption is disabled in the backup plan settings.

This option can be used on a machine running Agent for VMware. However, be careful if you have more than one Agent for VMware connected to the same vCenter Server. It is mandatory to use the same encryption settings for all of the agents, because there is a kind of load balancing among them.

After the encryption settings are saved, they can be changed or reset as described below.

Important If a backup plan that runs on this machine has already created backups, changing the encryption settings will cause this plan to fail. To continue backing up, create a new plan.

To save the encryption settings on a machine

1. Log on as an administrator (in Windows) or the root user (in Linux).

2. Run the following script:

 In Windows: <installation_path>\PyShell\bin\acropsh.exe -m manage_creds

--set-password <encryption_password>

Here, <installation_path> is the backup agent installation path. By default, it is %ProgramFiles%\BackupClient in cloud deployments and %ProgramFiles%\Acronis in on-premise deployments.

 In Linux: /usr/sbin/acropsh -m manage_creds --set-password <encryption_password>

To reset the encryption settings on a machine

1. Log on as an administrator (in Windows) or root user (in Linux).

2. Run the following script:

 In Windows: <installation_path>\PyShell\bin\acropsh.exe -m manage_creds --reset

Here, <installation_path> is the backup agent installation path. By default, it is %ProgramFiles%\BackupClient in cloud deployments and %ProgramFiles%\Acronis in on-premise deployments.

 In Linux: /usr/sbin/acropsh -m manage_creds --reset

To change the encryption settings by using Backup Monitor

1. Log on as an administrator in Windows or macOS.

2. Сlick the Backup Monitor icon in the notification area (in Windows) or the menu bar (in macOS).

3. Click the gear icon.

4. Click Encryption.

5. Do one of the following:

 Select Set a specific password for this machine. Specify and confirm the encryption

password.

 Select Use encryption settings specified in the backup plan.

6. Click OK.

How the encryption works

The AES cryptographic algorithm operates in the Cipher-block chaining (CBC) mode and uses a randomly generated key with a user-defined size of 128, 192 or 256 bits. The larger the key size, the longer it will take for the program to encrypt the backups and the more secure your data will be.

The encryption key is then encrypted with AES-256 using an SHA-256 hash of the password as a key. The password itself is not stored anywhere on the disk or in the backups; the password hash is used for verification purposes. With this two-level security, the backup data is protected from any unauthorized access, but recovering a lost password is not possible.

5.7 Notarization

Important This feature was introduced in version 12.5, which affects only on-premise deployments. This feature is not yet available in cloud deployments. For more information, refer to "What's new in Acronis Backup 12.5" (p.

7).

Notarization enables you to prove that a file is authentic and unchanged since it was backed up. We recommend that you enable notarization when backing up your legal document files or other files that require proved authenticity.

Notarization is available only for file-level backups. Files that have a digital signature are skipped, because they do not need to be notarized.

Notarization is not available:

 If the backup format is set to Version 11

 If the backup destination is Secure Zone  If the backup destination is a managed location with enabled deduplication or encryption

How to use notarization

To enable notarization of all files selected for backup (except for the files that have a digital signature), enable the Notarization switch when creating a backup plan.

When configuring recovery, the notarized files will be marked with a special icon, and you can verify the file authenticity (p. 112).

How it works

During a backup, the agent calculates the hash codes of the backed-up files, builds a hash tree (based on the folder structure), saves the tree in the backup, and then sends the hash tree root to the notary service. The notary service saves the hash tree root in the Ethereum blockchain database to ensure that this value does not change.

When verifying the file authenticity, the agent calculates the hash of the file, and then compares it with the hash that is stored in the hash tree inside the backup. If these hashes do not match, the file is considered not authentic. Otherwise, the file authenticity is guaranteed by the hash tree.

To verify that the hash tree itself was not compromised, the agent sends the hash tree root to the notary service. The notary service compares it with the one stored in the blockchain database. If the hashes match, the selected file is guaranteed to be authentic. Otherwise, the software displays a message that the file is not authentic.

5.8 Conversion to a virtual machine

Conversion to a virtual machine is available only for disk-level backups. If a backup includes the system volume and contains all of the information necessary for the operating system to start, the resulting virtual machine can start on its own. Otherwise, you can add its virtual disks to another virtual machine.

To perform a conversion, you need an ESXi or Hyper-V host and a backup agent (Agent for VMware or Agent for Hyper-V) that manages this host.

Conversion methods

 Regular conversion

There are two ways to configure a regular conversion:

 Make the conversion a part of a backup plan (p. 74)

The conversion will be performed after each backup (if configured for the primary location) or after each replication (if configured for the second and further locations).

 Create a separate conversion plan (p. 129)

This method enables you to specify a separate conversion schedule.

 Recovery to a new virtual machine (p. 104)

This method enables you to choose disks for recovery and adjust the settings for each virtual disk. Use this method to perform the conversion once or occasionally, for example, to perform a physical-to-virtual migration (p. 197).

Regular conversion vs. running a virtual machine from a backup

Both operations provide you with a virtual machine that can be started in seconds if the original machine fails.

Regular conversion takes CPU and memory resources. Files of the virtual machine constantly occupy space on the datastore (storage). This may be not practical if a production host is used for conversion. However, the virtual machine performance is limited only by the host resources.

In the second case, the resources are consumed only while the virtual machine is running. The datastore (storage) space is required only to keep changes to the virtual disks. However, the virtual machine may run slower, because the host does not access the virtual disks directly, but communicates with the agent that reads data from the backup. In addition, the virtual machine is temporary. Making the machine permanent is possible only for ESXi.

5.8.1 Conversion to a virtual machine in a backup plan

You can configure the conversion to a virtual machine from any backup or replication location that is present in a backup plan. The conversion will be performed after each backup or replication.

To perform the conversion, you need an ESXi or Hyper-V host and a backup agent (Agent for VMware or Agent for Hyper-V) that manages this host.

Please note the following limitations:

 Agent for VMware (Windows) and Agent for Hyper-V cannot convert backups stored on NFS  Backups stored in Secure Zone can be converted only by the agent running on the same machine.

Setting up a conversion to a virtual machine in a backup plan

1. Decide from which backup location you want to perform the conversion.

2. On the backup plan panel, click Convert to VM under this location.

3. Enable the Conversion switch.

4. In Convert to, select the type of the target virtual machine. You can select one of the following:

 VMware ESXi  Microsoft Hyper-V

5. Click Host, select the target host, and then specify the new machine name template.

The default name is [Machine Name]_converted.

6. [Optional] Click Agent that will perform conversion, and then select an agent.

7. [Optional] You can also do the following:

 Click Datastore for ESXi or Path for Hyper-V, and then select the datastore (storage) for the

virtual machine.

 Change the disk provisioning mode. The default setting is Thin for VMware ESXi and

Dynamically expanding for Hyper-V.

 Сlick VM settings to change the memory size, the number of processors, and the network

connections of the virtual machine.

8. Click Done.

5.9 Replication

This section describes backup replication as a part of the backup plan. For information about creating a separate replication plan, refer to "Off-host data processing" (p. 125).

If you enable backup replication, each backup will be copied to another location immediately after creation. If earlier backups were not replicated (for example, the network connection was lost), the software also replicates all of the backups that appeared after the last successful replication.

Replicated backups do not depend on the backups remaining in the original location and vice versa. You can recover data from any backup, without access to other locations.

Usage examples

 Reliable disaster recovery

Store your backups both on-site (for immediate recovery) and off-site (to secure the backups from local storage failure or a natural disaster).

 Using the cloud storage to protect data from a natural disaster

Replicate the backups to the cloud storage by transferring only the data changes.

 Keeping only the latest recovery points

Delete older backups from a fast storage according to retention rules, in order to not overuse expensive storage space.

Supported locations

You can replicate a backup from any of these locations:

 A local folder  A network folder  Secure Zone  An SFTP server  Locations managed by a storage node

You can replicate a backup to any of these locations:

 A local folder  A network folder  The cloud storage  An SFTP server  Locations managed by a storage node  A tape device

To enable replication of backups

1. On the backup plan panel, click Add location.

The Add location control is shown only if replication is supported from the last selected location.

2. Specify the location where the backups will be replicated.

3. [Optional] In How long to keep, change the retention rules for the chosen location, as described

in "Retention rules" (p. 70).

4. [Optional] In Convert to VM, specify the settings for conversion to a virtual machine, as

described in "Conversion to a virtual machine" (p. 73).

5. [Optional] Repeat steps 1-4 for all locations where you want to replicate the backups. Up to five

consecutive locations are supported, including the primary one.

5.9.1 Considerations for users with the Advanced license

Tip

You can set up replication of backups from the cloud storage by creating a separate replication plan. For more information, refer to "Off-host data processing" (p. 125).

Restrictions

 Replicating backups from a location managed by a storage node to a local folder is not supported.

A local folder means a folder on the machine with the agent that created the backup.

 Replicating backups to a managed location with enabled deduplication is not supported for

backups that have the Version 12 backup format (p. 82).

Which machine performs the operation?

Replicating a backup from any location is initiated by the agent that created the backup and is performed:

 By that agent, if the location is not managed by a storage node.  By the corresponding storage node, if the location is managed. However, replication of a backup

from the managed location to the cloud storage is performed by the agent that created the backup.

As follows from the above description, the operation will be performed only if the machine with the agent is powered on.

Replicating backups between managed locations

Replicating a backup from one managed location to another managed location is performed by the storage node.

If deduplication is enabled for the target location (possibly on a different storage node), the source storage node sends only those blocks of data that are not present in the target location. In other words, like an agent, the storage node performs deduplication at the source. This saves network traffic when you replicate data between geographically separated storage nodes.

5.10 Starting a backup manually

1. Select a machine that has at least one applied backup plan.

2. Click Backup.

3. If more than one backup plans are applied, select the backup plan.

4. Do one of the following:

 To run an incremental backup, click Run now. This is the only option if the backup

destination is cloud storage.

 To run a full backup, click the arrow on the Run now button, and then select Full.

The first backup created by a backup plan is always full.

The backup progress is shown in the Status column for the machine.

5.11 Backup options

Disk-level backup

File-level backup

Virtual

machines

SQL and

Exchange

Windows

Linux

macOS Windows

Linux

macOS

ESXi Hyper-V

Windows

Alerts (p. 79)

+ + + + + + + + +

Backup consolidation (p. 79)

+ + + + + + + + -

Backup file name (p. 79)

+ + + + + + + + +

Backup format (p. 82)

+ + + + + + + + +

Backup validation (p. 83)

+ + + + + + + + +

Backup start conditions (p. 84)

+ + - + + - + + +

Changed block tracking (CBT) (p. 84)

+ - - - - - + + -

Cluster backup mode (p. 84)

- - - - - - - - +

Compression level (p. 86)

+ + + + + + + + +

Email notifications (p. 86)

+ + + + + + + + +

Error handling (p. 86)

Re-attempt, if an error occurs

+ + + + + + + + +

Do not show messages and dialogs while processing (silent mode)

+ + + + + + + + +

Ignore bad sectors

+ + + + + + + + -

Re-attempt, if an error occurs during VM snapshot creation

- - - - - - + + -

To modify the backup options, click the gear icon next to the backup plan name, and then click

Backup options.

Availability of the backup options

The set of available backup options depends on:

 The environment the agent operates in (Windows, Linux, macOS).  The type of the data being backed up (disks, files, virtual machines, application data).  The backup destination (the cloud storage, local or network folder).

The following table summarizes the availability of the backup options.

Disk-level backup

File-level backup

Virtual

machines

SQL and

Exchange

Windows

Linux

macOS Windows

Linux

macOS

ESXi Hyper-V

Windows

Fast incremental/differential backup (p. 87)

+ + + - - - - - -

File filters (p. 88)

+ + + + + + + + -

File-level backup snapshot (p.

89)

- - - + + + - - -

File-level security (p. 89)

- - - + - - - - -

Log truncation (p. 90)

- - - - - - + + SQL only

LVM snapshotting (p. 90)

- + - - - - - - -

Mount points (p. 90)

- - - + - - - - -

Multi-volume snapshot (p. 91)

+ - - + - - - - -

Performance (p. 91)

+ + + + + + + + +

Pre/Post commands (p. 92)

+ + + + + + + + +

Pre/Post data capture commands (p. 94)

+ + + + + + - - +

SAN hardware snapshots (p.

95)

- - - - - - + - -

Scheduling (p. 95)

Distribute start times within a time window

+ + + + + + + + +

Limit the number of simultaneously running backups

- - - - - - + + -

Sector-by-sector backup (p.

96)

+ + - - - - + + -

Splitting (p. 96)

+ + + + + + + + +

Tape management (p. 97)

+ + + + + + + + +

Task failure handling (p. 99)

+ + + + + + + + +

Volume Shadow Copy Service (VSS) (p. 99)

+ - - + - - - + +

Volume Shadow Copy Service (VSS) for virtual machines (p.

100)

- - - - - - + + -

Weekly backup (p. 100)

+ + + + + + + + +

Windows event log (p. 100)

+ - - + - - + + +

5.11.1 Alerts

Always incremental (single-file)

Other backup schemes

No successful backups for a specified number of consecutive days

The preset is: Disabled.

This option determines whether to generate an alert if no successful backups were performed by the backup plan for a specified period of time. In addition to failed backups, the software counts backups that did not run on schedule (missed backups).

The alerts are generated on a per-machine basis and are displayed on the Alerts tab.

You can specify the number of consecutive days without backups after which the alert is generated.

5.11.2 Backup consolidation

This option defines whether to consolidate backups during cleanup or to delete entire backup chains.

This option is not effective if any of the following is true:

 The backup destination is a tape device or the cloud storage.  The backup scheme is set to Always incremental (single-file).  The backup format (p. 82) is set to Version 12.

Backups stored on tapes cannot be consolidated. Backups stored in the cloud storage, as well as version 12 and single-file backups, are always consolidated because their inner structure makes for fast and easy consolidation.

The preset is: Disabled.

Consolidation is the process of combining two or more subsequent backups into a single backup.

If this option is enabled, a backup that should be deleted during cleanup is consolidated with the next dependent backup (incremental or differential).

Otherwise, the backup is retained until all dependent backups become subject to deletion. This helps avoid the potentially time-consuming consolidation, but requires extra space for storing backups whose deletion is postponed. The backups' age or number can exceed the values specified in the retention rules.

Important Please be aware that consolidation is just a method of deletion, but not an alternative to deletion. The resulting backup will not contain data that was present in the deleted backup and was absent from the retained incremental or differential backup.

5.11.3 Backup file name

This option defines the names of the backup files created by the backup plan.

These names can be seen in a file manager when browsing the backup location.

What is a backup file?

Each backup plan creates one or more files in the backup location, depending on which backup scheme and which backup format (p. 82) are used. The following table lists the files that can be created per machine or mailbox.

Version 11 backup format

One .tib file and one .xml metadata file

Multiple .tib files and one .xml metadata file

(traditional format)

Version 12 backup format

One .tibx file per backup chain (a full or differential backup, and all incremental

backups that depend on it)

All files have the same name, with or without the addition of a timestamp or a sequence number. You can define this name (referred to as the backup file name) when creating or editing a backup plan.

After you change a backup file name, the next backup will be a full backup, unless you specify a file name of an existing backup of the same machine. If the latter is the case, a full, incremental, or differential backup will be created according to the backup plan schedule.

Note that it is possible to set backup file names for locations that cannot be browsed by a file manager (such as the cloud storage or a tape device). This makes sense if you want to see the custom names on the Backups tab.

Where can I see backup file names?

Select the Backups tab, and then select the group of backups.

 The default backup file name is shown on the Details panel.  If you set a non-default backup file name, it will be shown directly on the Backups tab, in the

Name column.

Limitations for backup file names

 A backup file name cannot end with a digit.

In the default backup file name, to prevent the name from ending with a digit, the letter "A" is appended. When creating a custom name, always make sure that it does not end with a digit. When using variables, the name must not end with a variable, because a variable might end with a digit.

 A backup file name cannot contain the following symbols: ()&?*$<>":\|/#, line endings (\n), and

tabs (\t).

Default backup file name

The default backup file name is [Machine Name]-[Plan ID]-[Unique ID]A.

The default backup file name for mailbox backup is [Mailbox ID]_mailbox_[Plan ID]A.

The name consists of the following variables:

 [Machine Name] This variable is replaced with the name of the machine (the same name that is

shown in the backup console) for all types of backed up data, except for Office 365 mailboxes. For Office 365 mailboxes, it is replaced with the mailbox user's principal name (UPN).

 [Plan ID] This variable is replaced with a unique identifier of a backup plan. This value does not

change if the plan is renamed.

 [Unique ID] This variable is replaced with a unique identifier of the selected machine or

mailbox. This value does not change if the machine is renamed or the mailbox UPN is changed.

 [Mailbox ID] This variable is replaced with the mailbox UPN.  "A" is a safeguard letter that is appended to prevent the name from ending with a digit.

The diagram below shows the default backup file name.

The diagram below shows the default backup file name for mailboxes.

Names without variables

If you change the backup file name to MyBackup, the backup files will look like the following examples. Both examples assume daily incremental backups scheduled at 14:40, starting from September 13, 2016.

For the Version 12 format with the Always incremental (single-file) backup scheme:

MyBackup.tibx

For the Version 12 format with other backup schemes:

MyBackup.tibx MyBackup-0001.tibx MyBackup-0002.tibx ...

For the Version 11 format with the Always incremental (single-file) backup scheme:

MyBackup.xml MyBackup.tib

For the Version 11 format with other backup schemes:

MyBackup.xml MyBackup_2016_9_13_14_49_20_403F.tib MyBackup_2016_9_14_14_43_00_221F.tib MyBackup_2016_9_15_14_45_56_300F.tib ...

Using variables

Besides the variables that are used by default, you can use the [Plan name] variable, which is replaced with the name of the backup plan.

If multiple machines or mailboxes are selected for backup, the backup file name must contain the [Machine Name], the [Mailbox ID], or the [Unique ID] variable.

Backup file name vs. simplified file naming

Using plain text and/or variables, you can construct the same file names as in earlier Acronis Backup versions. However, simplified file names cannot be reconstructed—in version 12, a file name will have a time stamp unless a single-file format is used.

Usage examples

 View user-friendly file names

You want to easily distinguish backups when browsing the backup location with a file manager.

 Continue an existing sequence of backups

Let's assume a backup plan is applied to a single machine, and you have to remove this machine from the backup console or to uninstall the agent along with its configuration settings. After the machine is re-added or the agent is reinstalled, you can force the backup plan to continue backing up to the same backup or backup sequence. Just go this option, click Select, and select the required backup.

The Browse button shows the backups in the location selected in the Where to back up section of the backup plan panel. It cannot browse anything outside this location.

 Upgrade from previous product versions

If during the upgrade a backup plan did not migrate automatically, recreate the plan and point it to the old backup file. If only one machine is selected for backup, click Browse, and then select the required backup. If multiple machines are selected for backup, re-create the old backup file name by using variables.

5.11.4 Backup format

This option defines the format of the backups created by the backup plan. You can choose between the new format (Version 12) designed for faster backup and recovery, and the legacy format (Version

11) preserved for backward compatibility and special cases. After the backup plan is applied, this

option cannot be modified.

This option is not effective for mailbox backups. Mailbox backups always have the new format.

The preset is: Automatic selection.

You can select one of the following:

 Automatic selection

Version 12 will be used unless the backup plan appends backups to the ones created by earlier

Always incremental (single-file)

Other backup schemes

Version 11 backup

format

One .tib file and one .xml metadata file

Multiple .tib files and one .xml metadata file

(traditional format)

Version 12 backup format

One .tibx file per backup chain (a full or differential backup, and all incremental

backups that depend on it)

product versions.

 Version 12

A new format recommended in most cases for fast backup and recovery. Each backup chain (a full or differential backup, and all incremental backups that depend on it) is saved to a single .tibx file.

With this format, the retention rule By total size of backups is not effective.

 Version 11

A legacy format to be used in a new backup plan that appends backups to the ones created by earlier product versions.

Also, use this format (with any backup scheme except for Always incremental (single-file)) if you want full, incremental, and differential backups to be separate files.

This format is automatically selected if the backup destination (or a replication destination) is a managed location with enabled deduplication. If you change the format to Version 12, the backups will fail.

Backup format and backup files

For backup locations that can be browsed with a file manager (such as local or network folders), the backup format determines the number of files and their extension. You can define the file names by using the backup file name (p. 79) option. The following table lists the files that can be created per machine or mailbox.

5.11.5 Backup validation

Validation is an operation that checks the possibility of data recovery from a backup. When this option is enabled, each backup created by the backup plan is validated immediately after creation.

The preset is: Disabled.

Validation calculates a checksum for every data block that can be recovered from the backup. The only exception is validation of file-level backups that are located in the cloud storage. These backups are validated by checking consistency of the metadata saved in the backup.

Validation is a time-consuming process, even for an incremental or differential backup, which are small in size. This is because the operation validates not only the data physically contained in the backup, but all of the data recoverable by selecting the backup. This requires access to previously created backups.

While the successful validation means a high probability of successful recovery, it does not check all factors that influence the recovery process. If you back up the operating system, we recommend performing a test recovery under the bootable media to a spare hard drive or running a virtual machine from the backup (p. 177) in the ESXi or Hyper-V environment.

5.11.6 Backup start conditions

This option is effective in Windows and Linux operating systems.

This option determines the program behavior in case a backup is about to start (the scheduled time comes or the event specified in the schedule occurs), but the condition (or any of multiple conditions) is not met. For more information about conditions refer to "Start conditions" (p. 67).

The preset is: Wait until the conditions are met.

Wait until the conditions are met

With this setting, the scheduler starts monitoring the conditions and launches the backup as soon as the conditions are met. If the conditions are never met, the backup will never start.

To handle the situation when the conditions are not met for too long and further delaying the backup is becoming risky, you can set the time interval after which the backup will run irrespective of the condition. Select the Start the backup anyway after check box and specify the time interval. The backup will start as soon as the conditions are met OR the maximum time delay lapses, depending on which comes first.

Skip the scheduled backup

Delaying a backup might be unacceptable, for example, when you need to back up data strictly at the specified time. Then it makes sense to skip the backup rather than wait for the conditions, especially if the backups occur relatively often.

5.11.7 Changed block tracking (CBT)

This option is effective for disk-level backups of virtual machines and of physical machines running Windows.

The preset is: Enabled.

This option determines whether to use Changed Block Tracking (CBT) when performing an incremental or differential backup.

The CBT technology accelerates the backup process. Changes to the disk content are continuously tracked at the block level. When a backup starts, the changes can be immediately saved to the backup.

5.11.8 Cluster backup mode

This option are effective for database-level backup of Microsoft SQL Server and Microsoft Exchange Server.

This options are effective only if the cluster itself (Microsoft SQL Server Always On Availability Groups (AAG) or Microsoft Exchange Server Database Availability Group (DAG)) is selected for backup, rather than the individual nodes or databases inside of it. If you select individual items inside the cluster, the backup will not be cluster-aware and only the selected copies of the items will be backed up.

Microsoft SQL Server

This option determines the backup mode for SQL Server Always On Availability Groups (AAG). For this option to be effective, Agent for SQL must be installed on all of the AAG nodes. For more information

about backing up Always On Availability Groups, refer to "Protecting Always On Availability Groups (AAG)" (p. 158).

The preset is: Secondary replica if possible.

You can choose one of the following:

 Secondary replica if possible

If all secondary replicas are offline, the primary replica is backed up. Backing up the primary replica may slow down the SQL Server operation, but the data will be backed up in the most recent state.

 Secondary replica

If all secondary replicas are offline, the backup will fail. Backing up secondary replicas does not affect the SQL server performance and allows you to extend the backup window. However, passive replicas may contain information that is not up-to-date, because such replicas are often set to be updated asynchronously (lagged).

 Primary replica

If the primary replica is offline, the backup will fail. Backing up the primary replica may slow down the SQL Server operation, but the data will be backed up in the most recent state.

Regardless of the value of this option, to ensure the database consistency, the software skips databases that are not in the SYNCHRONIZED or SYNCHRONIZING states when the backup starts. If all databases are skipped, the backup fails.

Microsoft Exchange Server

This option determines the backup mode for Exchange Server Database Availability Groups (DAG). For this option to be effective, Agent for Exchange must be installed on all of the DAG nodes. For more information about backing up Database Availability Groups, refer to "Protecting Database Availability Groups (DAG)" (p. 159).

The preset is: Passive copy if possible.

You can choose one of the following:

 Passive copy if possible

If all passive copies are offline, the active copy is backed up. Backing up the active copy may slow down the Exchange Server operation, but the data will be backed up in the most recent state.

 Passive copy

If all passive copies are offline, the backup will fail. Backing up passive copies does not affect the Exchange server performance and allows you to extend the backup window. However, passive copies may contain information that is not up-to-date, because such copies are often set to be updated asynchronously (lagged).

 Active copy

If the active copy is offline, the backup will fail. Backing up the active copy may slow down the Exchange Server operation, but the data will be backed up in the most recent state.

Regardless of the value of this option, to ensure the database consistency, the software skips databases that are not in the HEALTHY or ACTIVE states when the backup starts. If all databases are skipped, the backup fails.

5.11.9 Compression level

The option defines the level of compression applied to the data being backed up. The available levels are: None, Normal, High.

The preset is: Normal.

A higher compression level means that the backup process takes longer, but the resulting backup occupies less space.

The optimal data compression level depends on the type of data being backed up. For example, even maximum compression will not significantly reduce the backup size if the backup contains essentially compressed files, such as .jpg, .pdf or .mp3. However, formats such as .doc or .xls will be compressed well.

5.11.10 Email notifications

The option enables you to set up email notifications about events that occur during backup.

This option is available only in on-premise deployments. In cloud deployments, the settings are configured per account when an account is created.

The preset is: Use the global settings.

You can either use the global settings, or override them with custom values that will be specific for this plan only. The global settings are configured as described in "Email notifications" (p. 231).

Important When the global settings are changed, all backup plans that use the global settings are affected.

Before enabling this option, ensure that the Email server (p. 230) settings are configured.

To customize email notifications for a backup plan

1. Select Customize the settings for this backup plan.

2. In the Recipients' email addresses field, type the destination email address. You can enter

several addresses separated by semicolons.

3. [Optional] In Subject, change the email notification subject.

You can use the following variables:

 [Alert] - alert summary.  [Device] - device name.  [Plan] - the name of the plan that generated the alert.  [ManagementServer] - the host name of the machine where the management server is

installed.

 [Unit] - the name of the unit to which the machine belongs.

The default subject is [Alert] Device: [Device] Plan: [Plan]

4. Select the check boxes for the events that you want to receive notifications about. You can select

from the list of all alerts that occur during backup, grouped by severity.

5.11.11 Error handling

These options enable you to specify how to handle errors that might occur during backup.

Re-attempt, if an error occurs

The preset is: Enabled. Number of attempts: 30. Interval between attempts: 30 seconds.

When a recoverable error occurs, the program re-attempts to perform the unsuccessful operation. You can set the time interval and the number of attempts. The attempts will be stopped as soon as the operation succeeds OR the specified number of attempts are performed, depending on which comes first.

For example, if the backup destination on the network becomes unavailable or not reachable, the program will attempt to reach the destination every 30 seconds, but no more than 30 times. The attempts will be stopped as soon as the connection is resumed OR the specified number of attempts is performed, depending on which comes first.

Note If the cloud storage is selected as the primary or the second destination, the option value is automatically set to Enabled. Number of attempts: 300.

Do not show messages and dialogs while processing (silent mode)

The preset is: Enabled.

With the silent mode enabled, the program will automatically handle situations requiring user interaction (except for handling bad sectors, which is defined as a separate option). If an operation cannot continue without user interaction, it will fail. Details of the operation, including errors, if any, can be found in the operation log.

Ignore bad sectors

The preset is: Disabled.

When this option is disabled, each time the program comes across a bad sector, the backup activity will be assigned the Interaction required status. In order to back up the valid information on a rapidly dying disk, enable ignoring bad sectors. The rest of the data will be backed up and you will be able to mount the resulting disk backup and extract valid files to another disk.

Re-attempt, if an error occurs during VM snapshot creation

The preset is: Enabled. Number of attempts: 3. Interval between attempts: 5 minutes.

When taking a virtual machine snapshot fails, the program re-attempts to perform the unsuccessful operation. You can set the time interval and the number of attempts. The attempts will be stopped as soon as the operation succeeds OR the specified number of attempts are performed, depending on which comes first.

5.11.12 Fast incremental/differential backup

This option is effective for incremental and differential disk-level backup.

The preset is: Enabled.

Incremental or differential backup captures only data changes. To speed up the backup process, the program determines whether a file has changed or not by the file size and the date/time when the file was last modified. Disabling this feature will make the program compare the entire file contents to those stored in the backup.

5.11.13 File filters

File filters define which files and folders to skip during the backup process.

File filters are available for both disk-level and file-level backup, unless stated otherwise.

To enable file filters

1. Select the data to back up.

2. Click the gear icon next to the backup plan name, and then click Backup options.

3. Select File filters.

4. Use any of the options described below.

Exclude files matching specific criteria

There are two options that function in an inverse manner.

 Back up only files matching the following criteria

Example: If you select to back up the entire machine and specify C:\File.exe in the filter criteria, only this file will be backed up.

Note This filter is not effective for file-level backup unless the backup destination is cloud storage.

 Do not back up files matching the following criteria

Example: If you select to back up the entire machine and specify C:\File.exe in the filter criteria, only this file will be skipped.

It is possible to use both options simultaneously. The latter option overrides the former, i.e. if you specify C:\File.exe in both fields, this file will be skipped during a backup.

Criteria

 Full path

Specify the full path to the file or folder, starting with the drive letter (when backing up Windows) or the root directory (when backing up Linux or OS X).

Both in Windows and Linux/OS X, you can use a forward slash in the file or folder path (as in

C:/Temp/File.tmp). In Windows, you can also use the traditional backslash (as in C:\Temp\File.tmp).

 Name

Specify the name of the file or folder, such as Document.txt. All files and folders with that name will be selected.

The criteria are not case-sensitive. For example, by specifying C:\Temp, you will also select C:\TEMP, C:\temp, and so on.

You can use one or more wildcard characters (*, **, and ?) in the criterion. These characters can be used both within the full path and in the file or folder name.

The asterisk (*) substitutes for zero or more characters in a file name. For example, the criterion Doc*.txt matches files such as Doc.txt and Document.txt

The double asterisk (**) substitutes for zero or more characters in a file name and path, including the slash character. For example, the criterion **/Docs/**.txt matches all txt files in all subfolders of all folders Docs.

The question mark (?) substitutes for exactly one character in a file name. For example, the criterion Doc?.txt matches files such as Doc1.txt and Docs.txt, but not the files Doc.txt or Doc11.txt

Exclude hidden files and folders

Select this check box to skip files and folders that have the Hidden attribute (for file systems that are supported by Windows) or that start with a period (.) (for file systems in Linux, such as Ext2 and Ext3). If a folder is hidden, all of its contents (including files that are not hidden) will be excluded.

Exclude system files and folders

This option is effective only for file systems that are supported by Windows. Select this check box to skip files and folders with the System attribute. If a folder has the System attribute, all of its contents (including files that do not have the System attribute) will be excluded.

Tip You can view file or folder attributes in the file/folder properties or by using the attrib command. For more information, refer to the Help and Support Center in Windows.

5.11.14 File-level backup snapshot

This option is effective only for file-level backup.

This option defines whether to back up files one by one or by taking an instant data snapshot.

Note Files that are stored on network shares are always backed up one by one.

The preset is: Create snapshot if it is possible.

You can select one of the following:

 Create a snapshot if it is possible

Back up files directly if taking a snapshot is not possible.

 Always create a snapshot

The snapshot enables backing up of all files including files opened for exclusive access. The files will be backed up at the same point in time. Choose this setting only if these factors are critical, that is, backing up files without a snapshot does not make sense. If a snapshot cannot be taken, the backup will fail.

 Do not create a snapshot

Always back up files directly. Trying to back up files that are opened for exclusive access will result in a read error. Files in the backup may be not time-consistent.

5.11.15 File-level security

This option is effective only for file-level backup in Windows.

This option defines whether to back up NTFS permissions for files along with the files.

The preset is: Enabled.

When this option is enabled, files and folders are backed up with the original permissions to read, write or execute the files for each user or user group. If you recover a secured file/folder on a machine without the user account specified in the permissions, you may not be able to read or modify this file.

If this option is disabled, the recovered files and folders will inherit the permissions from the folder to which they are recovered or from the disk, if recovered to the root.

Alternatively, you can disable recovery (p. 118) of the security settings. The result will be the same the files will inherit the permissions from the parent folder.

5.11.16 Log truncation

This option is effective for backup of Microsoft SQL Server databases and for disk-level backup with enabled Microsoft SQL Server application backup.

This option defines whether the SQL Server transaction logs are truncated after a successful backup.

The preset is: Enabled.

When this option is enabled, a database can be recovered only to a point in time of a backup created by this software. Disable this option if you back up transaction logs by using the native backup engine of Microsoft SQL Server. You will be able to apply the transaction logs after a recovery and thus recover a database to any point in time.

5.11.17 LVM snapshotting

This option is effective only for physical machines.

This option is effective for disk-level backup of volumes managed by Linux Logical Volume Manager (LVM). Such volumes are also called logical volumes.

This option defines how a snapshot of a logical volume is taken. The backup software can do this on its own or rely on Linux Logical Volume Manager (LVM).

The preset is: By the backup software.

 By the backup software. The snapshot data is kept mostly in RAM. The backup is faster and

unallocated space on the volume group is not required. Therefore, we recommend changing the preset only if you are experiencing problems with backing up logical volumes.

 By LVM. The snapshot is stored on unallocated space of the volume group. If the unallocated

space is missing, the snapshot will be taken by the backup software.

5.11.18 Mount points

This option is effective only in Windows for a file-level backup of a data source that includes mounted volumes or cluster shared volumes.

This option is effective only when you select for backup a folder that is higher in the folder hierarchy than the mount point. (A mount point is a folder on which an additional volume is logically attached.)

 If such folder (a parent folder) is selected for backup, and the Mount points option is enabled, all

files located on the mounted volume will be included in the backup. If the Mount points option is disabled, the mount point in the backup will be empty.

During recovery of a parent folder, the mount point content will or will not be recovered, depending on whether the Mount points option for recovery (p. 119) is enabled or disabled.

 If you select the mount point directly, or select any folder within the mounted volume, the

selected folders will be considered as ordinary folders. They will be backed up regardless of the state of the Mount points option and recovered regardless of the state of the Mount points option for recovery (p. 119).

The preset is: Disabled.

Tip. You can back up Hyper-V virtual machines residing on a cluster shared volume by backing up the required files or the entire volume with file-level backup. Just power off the virtual machines to be sure that they are backed up in a consistent state.

Example

Let's assume that the C:\Data1\ folder is a mount point for the mounted volume. The volume contains folders Folder1 and Folder2. You create a backup plan for file-level backup of your data.

If you select the check box for volume C and enable the Mount points option, the C:\Data1\ folder in your backup will contain Folder1 and Folder2. When recovering the backed-up data, be aware of proper using the Mount points option for recovery (p. 119).

If you select the check box for volume C, and disable the Mount points option, the C:\Data1\ folder in your backup will be empty.

If you select the check box for the Data1, Folder1 or Folder2 folder, the checked folders will be included in the backup as ordinary folders, regardless of the state of the Mount points option.

5.11.19 Multi-volume snapshot

This option is effective only for Windows operating systems.

This option applies to disk-level backup. This option also applies to file-level backup when the file-level backup is performed by taking a snapshot. (The "File-level backup snapshot" (p. 89) option determines whether a snapshot is taken during file-level backup).

This option determines whether to take snapshots of multiple volumes at the same time or one by one.

The preset is: Enabled.

When this option is enabled, snapshots of all volumes being backed up are created simultaneously. Use this option to create a time-consistent backup of data spanning multiple volumes; for instance, for an Oracle database.

When this option is disabled, the volumes' snapshots are taken one after the other. As a result, if the data spans several volumes, the resulting backup may be not consistent.

5.11.20 Performance

Process priority

This option defines the priority of the backup process in the operating system.

The available settings are: Low, Normal, High.

The preset is: Low (in Windows, corresponds to Below normal).

The priority of a process running in a system determines the amount of CPU and system resources allocated to that process. Decreasing the backup priority will free more resources for other applications. Increasing the backup priority might speed up the backup process by requesting the operating system to allocate more resources like the CPU to the backup application. However, the resulting effect will depend on the overall CPU usage and other factors like disk in/out speed or network traffic.

This option sets the priority of the backup process (service_process.exe) in Windows and the

Pre-backup

command

Backup

Post-backup

command

niceness of the backup process (service_process) in Linux and OS X.

Output speed during backup

This option enables you to limit the hard drive writing speed (when backing up to a local folder) or the speed of transferring the backup data through the network (when backing up to a network share or to cloud storage).

The preset is: Disabled.

When this option is enabled, you can specify the maximum allowed output speed in KB/second.

5.11.21 Pre/Post commands

The option enables you to define the commands to be automatically executed before and after the backup procedure.

The following scheme illustrates when pre/post commands are executed.

Examples of how you can use the pre/post commands:

 Delete some temporary files from the disk before starting backup.  Configure a third-party antivirus product to be started each time before the backup starts.  Selectively copy backups to another location. This option may be useful because the replication

configured in a backup plan copies every backup to subsequent locations.

The agent performs the replication after executing the post-backup command.

The program does not support interactive commands, i.e. commands that require user input (for

Check box

Selection

Fail the backup if the command execution fails*

Selected

Cleared

Selected

Cleared

Do not back up until the command execution is complete

Selected

Cleared

Result

Preset

Perform the backup only after the command is successfully executed. Fail the backup if the command execution fails.

Perform the backup after the command is executed despite execution failure or success.

N/A

Perform the backup concurrently with the command execution and irrespective of the command execution result.

example, "pause").

5.11.21.1 Pre-backup command

To specify a command/batch file to be executed before the backup process starts

1. Enable the Execute a command before the backup switch.

2. In the Command... field, type a command or browse to a batch file. The program does not

support interactive commands, i.e. commands that require user input (for example, "pause".)

3. In the Working directory field, specify a path to a directory where the command/batch file will

be executed.

4. In the Arguments field specify the command’s execution arguments, if required.

5. Depending on the result you want to obtain, select the appropriate options as described in the

table below.

6. Click Done.

* A command is considered failed if its exit code is not equal to zero.

5.11.21.2 Post-backup command

To specify a command/executable file to be executed after the backup is completed

1. Enable the Execute a command after the backup switch.

2. In the Command... field, type a command or browse to a batch file.

3. In the Working directory field, specify a path to a directory where the command/batch file will

be executed.

4. In the Arguments field, specify the command execution arguments, if required.

5. Select the Fail the backup if the command execution fails check box if successful execution of

the command is critical for you. The command is considered failed if its exit code is not equal to zero. If the command execution fails, the backup status will be set to Error.

When the check box is not selected, the command execution result does not affect the backup failure or success. You can track the command execution result by exploring the Activities tab.

6. Click Done.

5.11.22 Pre/Post data capture commands

<---------------------------- Backup ---------------------------->

Pre-backup

command

Pre-data

capture

command

Data

capture

Post-data

capture

command

Post-backup

command

Check box

Selection

Fail the backup if the command execution fails*

Selected

Cleared

Selected

Cleared

Do not perform the data capture until the command execution is complete

Selected

Cleared

Result

Preset

Perform the data capture only after the command is successfully executed. Fail the backup if the command execution fails.

Perform the data capture after the command is executed despite execution failure or success.

N/A

Perform the data capture concurrently with the command and irrespective of the command execution result.

The option enables you to define the commands to be automatically executed before and after data capture (that is, taking the data snapshot). Data capture is performed at the beginning of the backup procedure.

The following scheme illustrates when the pre/post data capture commands are executed.

If the Volume Shadow Copy Service option (p. 99) is enabled, the commands' execution and the Microsoft VSS actions will be sequenced as follows:

"Before data capture” commands -> VSS Suspend -> Data capture -> VSS Resume -> "After data capture" commands.

By using the pre/post data capture commands, you can suspend and resume a database or application that is not compatible with VSS. Because the data capture takes seconds, the database or application idle time will be minimal.

5.11.22.1 Pre-data capture command

To specify a command/batch file to be executed before data capture

1. Enable the Execute a command before the data capture switch.

2. In the Command... field, type a command or browse to a batch file. The program does not

support interactive commands, i.e. commands that require user input (for example, "pause".)

3. In the Working directory field, specify a path to a directory where the command/batch file will

be executed.

4. In the Arguments field specify the command’s execution arguments, if required.

5. Depending on the result you want to obtain, select the appropriate options as described in the

table below.

6. Click Done.

* A command is considered failed if its exit code is not equal to zero.

5.11.22.2 Post-data capture command

Check box

Selection

Fail the backup if the command execution fails*

Selected

Cleared

Selected

Cleared

Do not back up until the command execution is complete

Selected

Cleared

Result

Preset

Continue the backup only after the command is successfully executed.

Continue the backup after the command is executed despite command execution failure or success.

N/A

Continue the backup concurrently with the command execution and irrespective of the command execution result.

To specify a command/batch file to be executed after data capture

1. Enable the Execute a command after the data capture switch.

2. In the Command... field, type a command or browse to a batch file. The program does not

support interactive commands, i.e. commands that require user input (for example, "pause".)

3. In the Working directory field, specify a path to a directory where the command/batch file will

be executed.

4. In the Arguments field specify the command’s execution arguments, if required.

5. Depending on the result you want to obtain, select the appropriate options as described in the

table below.

6. Click Done.

* A command is considered failed if its exit code is not equal to zero.

5.11.23 SAN hardware snapshots

This option is effective for backups of VMware ESXi virtual machines.

The preset is: Disabled.

This option determines whether to use the SAN snapshots when performing a backup.

If this option is disabled, the virtual disk content will be read from a VMware snapshot. The snapshot will be kept for the whole duration of the backup.

If this option is enabled, the virtual disk content will be read from a SAN snapshot. A VMware snapshot will be created and kept briefly, to bring the virtual disks into a consistent state. If reading from a SAN snapshot is not possible, the backup will fail.

Prior to enabling this option, please check and carry out the requirements listed in "Using SAN hardware snapshots" (p. 187).

5.11.24 Scheduling

This option defines whether backups start as scheduled or with a delay, and how many virtual machines are backed up simultaneously.

The preset is:

 On-premise deployment: Start all backups exactly as scheduled.  Cloud deployment: Distribute backup start times within a time window. Maximum delay: 30

minutes.

You can select one of the following:

 Start all backups exactly as scheduled

Backups of physical machines will start exactly as scheduled. Virtual machines will be backed up one by one.

 Distribute start times within a time window

Backups of physical machines will start with a delay from the scheduled time. The delay value for each machine is selected randomly and ranges from zero to the maximum value you specify. You may want to use this setting when backing up multiple machines to a network location, to avoid excessive network load. The delay value for each machine is determined when the backup plan is applied to the machine and remains the same until you edit the backup plan and change the maximum delay value.

Virtual machines will be backed up one by one.

 Limit the number of simultaneously running backups by

This option is available only when a backup plan is applied to multiple virtual machines. This option defines how many virtual machines an agent can back up simultaneously when executing the given backup plan.

If, according to the backup plan, an agent has to start backing up multiple machines at once, it will choose two machines. (To optimize the backup performance, the agent tries to match machines stored on different storages.) Once any of the two backups is completed, the agent chooses the third machine and so on.

You can change the number of virtual machines for an agent to simultaneously back up. The maximum value is 10.

Backups of physical machines will start exactly as scheduled.

5.11.25 Sector-by-sector backup

The option is effective only for disk-level backup.

This option defines whether an exact copy of a disk or volume on a physical level is created.

The preset is: Disabled.

If this option is enabled, all disk or volume's sectors will be backed up, including unallocated space and those sectors that are free of data. The resulting backup will be equal in size to the disk being backed up (if the "Compression level" (p. 86) option is set to None). The software automatically switches to the sector-by-sector mode when backing up drives with unrecognized or unsupported file systems.

5.11.26 Splitting

This option is effective for the Always full; Weekly full, Daily incremental; Monthly full, Weekly differential, Daily incremental (GFS), and Custom backup schemes.

This option enables you to select the method of splitting of large backups into smaller files.

The preset is: Automatic.

The following settings are available:

 Automatic

A backup will be split if it exceeds the maximum file size supported by the file system.

 Fixed size

Enter the desired file size or select it from the drop-down list.

5.11.27 Tape management

These options are effective when the backup destination is a tape device.

Enable file recovery from disk backups stored on tapes

The preset is: Disabled.

If this check box is selected, at each backup, the software creates supplementary files on a hard disk of the machine where the tape device is attached. File recovery from disk backups is possible as long as these supplementary files are intact. The files are deleted automatically when the tape storing the respective backups is erased (p. 222), removed (p. 223) or overwritten.

The supplementary files' locations are as follows:

 In Windows XP and Server 2003: %ALLUSERSPROFILE%\Application

Data\Acronis\BackupAndRecovery\TapeLocation.

 In Windows Vista and later versions of

Windows: %PROGRAMDATA%\Acronis\BackupAndRecovery\TapeLocation.

 In Linux: /var/lib/Acronis/BackupAndRecovery/TapeLocation.

The space occupied by these supplementary files depends on the number of files in the respective backup. For a full backup of a disk containing approximately 20,000 files (the typical workstation disk backup), the supplementary files occupy around 150 MB. A full backup of a server containing 250,000 files may produce around 700 MB of supplementary files. So if you are certain that you will not need to recover individual files, you can leave the check box cleared to save the disk space.

When you configure an application-aware disk-level backup (p. 161), the Enable file recovery from disk backups stored on tapes check box is automatically selected. You can clear it only if you change the backup destination or disable application-aware backup.

If the supplementary files were not created during backup, or have been deleted, you still can create them by rescanning (p. 221) the tapes where the backup is stored.

Move a tape back to the slot after each successful backup of each machine

The preset is: Enabled.

If you disable this option, a tape will remain in the drive after an operation with the tape is completed. Otherwise, the software will move the tape back to the slot where it was before the operation. If, according to the backup plan, other operations follow the backup (such as the backup validation or replication to another location), the tapes will be moved back to their slots after completion of these operations.

If both this option and the Eject tapes after each successful backup of each machine option are enabled, the tape will be ejected.

Eject tapes after each successful backup of each machine

Variable syntax

Variable description

Available values

[Resource Name]

Backups of each machine will be stored on a separate tape set.

Names of the machines registered on the management server.

[Backup Type]

Full, incremental, and differential backups will be stored on separate tape sets.

full, inc, diff

[Resource Type]

Backups of machines of each type will be stored on a separate tape set.

Server essentials, Server, Workstation, Physical machine, VMware Virtual Machine, Virtual-PC Virtual Machine, Virtual Server Virtual Machine, Hyper-V Virtual Machine, Parallels Virtual Machine, XEN Virtual Machine, KVM Virtual Machine, RHEV Virtual Machine, Parallels Cloud Virtual Machine

[Day]

Backups created on each day of the month will be stored on a separate tape set.

01, 02, 03, ..., 31

[Weekday]

Backups created on each day of the week will be stored on a separate tape set.

Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday

[Month]

Backups created during each month of the year will be stored on a separate tape set.

January, February, March, April, May, June, July, August, September, October, November, December

The preset is: Disabled.

When this check box is selected, the software will eject tapes after any successful backup of each machine. If, according to the backup plan, other operations follow the backup (such as the backup validation or replication to another location), the tapes will be ejected after completion of these operations.

Overwrite a tape in the stand-alone tape drive when creating a full backup

The preset is: Disabled.

When this option is enabled, a tape inserted into a drive will be overwritten every time a full backup is created.

Use tape sets within the tape pool selected for backup

The preset is: Disabled.

Tapes within one pool can be grouped into so-called tape sets.

If you leave this option disabled, data will be backed up on all tapes belonging to a pool. If the option is enabled, you can separate backups according to the predefined or custom rules.

 Use a separate tape set for each

If this variant is selected, you can organize tape sets according to a predefined rule. For example, you can have separate tape sets for each day of the week or store backups of each machine on a separate tape set.

 Specify a custom rule for tape sets

If this variant is selected, specify your own rule to organize tape sets. The rule can contain the following variables:

[Year]

Backups created during each year will be stored on a separate tape set.

2017, 2018, ...

For example, if you specify the rule as [Resource Name]-[Backup Type], you will have a separate tape set for each full, incremental, and differential backup of each machine to which the backup plan is applied.

You can also specify tape sets (p. 224) for individual tapes. In this case, the software will first write backups on tapes whose tape set value coincides with the value of the expression specified in the backup plan. Then, if necessary, other tapes from the same pool will be taken. After that, if the pool is replenishable, tapes from the Free tapes pool will be used.

For example, if you specify tape set Monday for Tape 1, Tuesday for Tape 2, etc. and specify [Weekday] in the backup options, a proper tape will be used on the respective day of the week.

5.11.28 Task failure handling

This option determines the program behavior when a scheduled execution of a backup plan fails. This option is not effective when a backup plan is started manually.

If this option is enabled, the program will try to execute the backup plan again. You can specify the number of attempts and the time interval between the attempts. The program stops trying as soon as an attempt completes successfully OR the specified number of attempts is performed, depending on which comes first.

The preset is: Disabled.

5.11.29 Volume Shadow Copy Service (VSS)

This option is effective only for Windows operating systems.

The option defines whether a Volume Shadow Copy Service (VSS) provider has to notify VSS-aware applications that the backup is about to start. This ensures the consistent state of all data used by the applications; in particular, completion of all database transactions at the moment of taking the data snapshot by the backup software. Data consistency, in turn, ensures that the application will be recovered in the correct state and become operational immediately after recovery.

The preset is: Enabled. Automatically select snapshot provider.

You can select one of the following:

 Automatically select snapshot provider

Automatically select among the hardware snapshot provider, software snapshot providers, and Microsoft Software Shadow Copy provider.

 Use Microsoft Software Shadow Copy provider

We recommend choosing this option when backing up application servers (Microsoft Exchange Server, Microsoft SQL Server, Microsoft SharePoint, or Active Directory).

Disable this option if your database is incompatible with VSS. Snapshots are taken faster, but data consistency of the applications whose transactions are not completed at the time of taking a snapshot cannot be guaranteed. You may use Pre/Post data capture commands (p. 94) to ensure that the data is backed up in a consistent state. For instance, specify pre-data capture commands that will suspend the database and flush all caches to ensure that all transactions are completed; and specify post-data capture commands that will resume the database operations after the snapshot is taken.

Note If this option is enabled, files and folders that are specified in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToSnapshot registry key

are not backed up. In particular, offline Outlook Data Files (.ost) are not backed up because they are specified in the OutlookOST value of this key.

Enable VSS full backup

If this option is enabled, logs of Microsoft Exchange Server and of other VSS-aware applications (except for Microsoft SQL Server) will be truncated after each successful full, incremental or differential disk-level backup.

The preset is: Disabled.

Leave this option disabled in the following cases:

 If you use Agent for Exchange or third-party software for backing up the Exchange Server data.

This is because the log truncation will interfere with the consecutive transaction log backups.

 If you use third-party software for backing up the SQL Server data. The reason for this is that the

third-party software will take the resulting disk-level backup for its "own" full backup. As a result, the next differential backup of the SQL Server data will fail. The backups will continue failing until the third-party software creates the next "own" full backup.

 If other VSS-aware applications are running on the machine and you need to keep their logs for

any reason.

Enabling this option does not result in the truncation of Microsoft SQL Server logs. To truncate the SQL Server log after a backup, enable the Log truncation (p. 90) backup option.

5.11.30 Volume Shadow Copy Service (VSS) for virtual machines

This option defines whether quiesced snapshots of virtual machines are taken. To take a quiesced snapshot, the backup software applies VSS inside a virtual machine by using VMware Tools or Hyper-V Integration Services.

The preset is: Enabled.

If this option is enabled, transactions of all VSS-aware applications running in a virtual machine are completed before taking snapshot. If a quiesced snapshot fails after the number of re-attempts specified in the "Error handling" (p. 86) option, and application backup is disabled, a non-quiesced snapshot is taken. If application backup is enabled, the backup fails.

If this option is disabled, a non-quiesced snapshot is taken. The virtual machine will be backed up in a crash-consistent state.

5.11.31 Weekly backup

This option determines which backups are considered "weekly" in retention rules and backup schemes. A "weekly" backup is the first backup created after a week starts.

The preset is: Monday.

5.11.32 Windows event log

This option is effective only in Windows operating systems.

Acronis Backup 12.5 User Guide

Specifications and Main Features

Frequently Asked Questions

User Manual

1 What's new in Acronis Backup

1.1 What's new in Update 1

1.2 What's new in Acronis Backup 12.5

2 Installation

2.1 Installation overview

2.2 Components

2.3 Software requirements

2.3.1 Supported web browsers

2.3.2 Supported operating systems and environments

2.3.2.1 Agents

2.3.2.2 Management Server (for on-premise deployment only)

2.3.2.3 Storage Node (for on-premise deployment only)

2.3.3 Supported Microsoft SQL Server versions

2.3.4 Supported Microsoft Exchange Server versions

2.3.5 Supported Microsoft SharePoint versions

2.3.6 Supported Oracle Database versions

2.3.7 Supported virtualization platforms

2.3.8 Linux packages

2.3.9 Compatibility with encryption software

2.4 System requirements

2.5 Supported file systems

2.6 On-premise deployment

2.6.1 Installing the management server

2.6.1.1 Installation in Windows

Customizing installation settings

2.6.1.2 Installation in Linux

2.6.2 Adding machines via the web interface

2.6.2.1 Adding a machine running Windows

Requirements on User Account Control (UAC)

2.6.2.2 Adding a machine running Linux

2.6.2.3 Adding a machine running OS X

2.6.2.4 Adding a vCenter or an ESXi host

Deploying Agent for VMware (Virtual Appliance) via the web interface

Installing Agent for VMware (Windows)

Registering an already installed Agent for VMware

2.6.3 Installing agents locally

2.6.3.1 Installation in Windows

2.6.3.2 Installation in Linux

2.6.3.3 Installation in OS X

2.6.4 Managing licenses

2.7 Cloud deployment

2.7.1 Preparation

2.7.2 Proxy server settings

2.7.3 Installing agents

2.7.4 Activating the account

2.8 Deploying agents through Group Policy

2.9 Updating agents

2.10 Uninstalling the product

3 Accessing the backup console

3.1.1 Adding the console to the list of local intranet sites

3.1.2 Adding the console to the list of trusted sites

4 Backup console views

5 Backup

5.1 Backup plan cheat sheet

5.2 Selecting data to back up

5.2.1 Selecting files/folders

5.2.2 Selecting system state

5.2.3 Selecting disks/volumes

5.2.3.1 What does a disk or volume backup store?

5.2.4 Selecting ESXi configuration

5.3 Selecting a destination

5.3.1 About Secure Zone

5.4 Schedule

5.4.1 Schedule by events

5.4.1.1 On Windows Event Log event

5.4.2 Start conditions

5.4.2.1 User is idle

5.4.2.2 The backup location's host is available

5.4.2.3 Users logged off

5.4.2.4 Fits the time interval

5.5 Retention rules

5.6 Encryption

5.7 Notarization

5.8 Conversion to a virtual machine

5.8.1 Conversion to a virtual machine in a backup plan

5.9 Replication