Start protecting Office 365 in under 3 minutes

Office 365 is getting a lot of well deserved attention,  it’s an easy to use platform to provide your company with lots functionality without the need to heavily invest in on-premises infrastructure and hardware. Microsoft makes sure Office 365 is highly available and have all bits and pieces redundant. However, Microsoft does not own your data – You do! There are lots of different ways you might lose data: accidental deletion, ransomware and so on… A good read on the subject is a white paper from Veeam wich discusses 6 different areas:

  • Accidental deletion
  • Retention policy gaps and confusion
  • Internal security threats
  • External security threats
  • Legal and compliance requirements
  • Managing hybrid email deployments and migrations to Office 365

”With Office 365, it’s your data. You own it. You control it.”


Since it’s your data it is also your responsibility to protect your data.  Now, how would you go about doing that?

Veeam Backup for Office 365 is currently in version 1.5 and supports backing up the mail environment of Office 365. Release 2.0 has been announced and will be released sometime later this year (at VeeamON maybe?), with version 2.0 you will be able to also backup OneDrive and SharePoint. And if you buy Veeam Backup for Office 365 today (version 1.5) you will get the added features down the line  with no additional fees or purchases, just upgrade the installation with the latest bits. Great stuff!

Another cool feature of Office 365 / Veeam Backup for Office 365 is that since both Office 365 and an on-premises Exchange server uses the same APIs you can use Veeam Backup for Office 365 to back up both environments if you have a hybrid installation, or you can even use Veeam as a migration tool – unidirectional of course!

But what does it take to start protecting your Office 365 mail environment? As it turns out, not a lot! It is REALLY simple to start backing up. As the video will show you, it took me no more than 3 minutes to start the first backup, quite impressive and again so simple to install.

See for yourself, the video shows installation of both Veeam Backup for Office 365 and Veeam Explorer for Exchange and configuring a new backup job in under 3 minutes:

PowerShell for the win!

Who doesn’t love PowerShell and PoweCLI? I use it to automate as much as I can. Building demo environments, upgrading stuff or just playing around. The list is just a few examples of available modules from the Microsoft PowerShell Gallery, you can spend hours exploring interesting modules there. The list below is mostly a reminder for myself but feel free to explore!










Log Insight



Pure Storage

Amazon Web Services



Veeam Backup & Replication update 3 released!

Update 3 has just been released for Veeam Backup & Replication. Update 3 comes with a lot of new cool functionality:

Storage Snapshots Integrations
New strategic partnerships and storage integrations include:

  • IBM Spectrum Virtualize – IBM SAN Volume Controller (SVC) and the IBM Storwize family
  • Lenovo Storage V series

Bringing functionalities to these arrays like Backup from Storage Snapshots, Explorers for Storage Snapshots

Recycle bin for Cloud Connect
As a way of protecting backups from maliciously being deleted if someone gets access to the tenants credentials, deleted backups will now be placed in a recycle bin for a configurable amount of days but to the user they’re gone. This way it will still be possible to retrieve backup files and restore VMs and/or files even though from a user perspective the backup files seems lost. Once the backup files have been deleted and temporarily placed in the recycle bin, the backup files will not consume valuable resources from the disk quota. When the deleted backup files needs to be used the tenant has to contact the service provider to have the service provider restore the backup files from the recycle bin back to the tenants repository.

VMware Cloud on AWS
Support for backing up VMs running och VMware Cloud on AWS

Veeam ONE
Agent monitoring and reporting

  • Protected agents
  • Agent backup status
  • Identify agents with no backup copy

Backup Compliance reporting

  • Geolocation of Data Protection Report: List all data sources grouped by production location and location of their copies/replicas
  • Data Geolocation Mismatch Report: List all data sources that have one or more copies where the location is different from the production data

Agent only use: 0-socket license required for enabling advanced funtionalities (Scale-Out Backup repository, Tape, WAN accelerator) in Backup & Replication when using agents if you’re not using Backup & Replication for backing up any virtual environment.

Veeam Agents
Centralized deployment and management giving you a single pane of glass for all backups and restores regardless of location in the environment – VMs or physical servers, you can even install Agents on VMs running in the Cloud or on any hypervisor.

Veeam Agents for Microsoft Windows 2.1

  • Windows Failover Cluster
    • Includes SQL AlwaysOn, Windows Failover Cluster and Exchange Database Availability Groups
  • Change Block tracking driver for faster incremental backups of Windows Servers
  • Microsoft OneDrive support as a backup target

This means you can you Veeam Explorers to restore application-items from Exchange, SQL

Veeam Agents for Linux 2.0

  • Scale-Out Backup Repository
  • Direct backup to Cloud Connect
  • Source side encryption

Release notes can be found here

How and why series – Veeam Backup & Replication SureBackup

After the first episode of my ”How and why”-series in which I talked about VMware VSAN I thought it’d be fun to show you why I love Veeam so much and in particular the function SureBackup. SureBackup is all about verifying your backup data (your VMs) in a super smart way. The bottom line is, if you need to restore anything you KNOW that the restore will work.

Again, the video is in swedish only.

(Re)claim your space!

In one of my previous posts, Is Bitlooker from Veeam a game-changer?, I wrote about the benefits of using Bitlooker for backup jobs when using Veeam Backup & Replication v9.x however Bitlooker is a feature that is not only available for backup jobs – you can use it for replication jobs as well.

So I thought it’d be fun to see what difference, if any, it makes. The goal of my tests is to figure out the most effective way of copying/replicating a VM from one host to another.

The set up for the test:

A virtual machine is installed with Windows Server 2016 standard edition. 100 GB disk assigned to the VM, thin provisioned. The disk is then filled with files (a bunch of iso-files of different sizes). That’s the baseline, then roughly 85 GB will be deleted (all the added iso-files) – then trashcan will be emptied. So we’ll have some blocks containing stale/old data, the blocks are marked as available to be reused from the operating system point of view but they haven’t been zeroed out so from any hypervisor (outside the VM) it just looks as any other block containing data.

Operating system installed (Windows Server 2016) and updated. The VM now consumes 13,5 GB worth of storage.

Then a bunch of files were added (almost) filling the entire disk.

From the vSphere side of it:

At this point the just added files were removed and trashcan emptied.

And from vSphere:

Now the command ‘ls’ will not show the actual size, so ‘du’ can be used instead to see the actual size of the vmdk file:

I’m going to test 4 different scenarios:

  1.  Migrate the VM from one host to another offline (VM will be shutdown).
  2. Replicating the virtual machine with VMware vSphere Replication 6.5.
  3. Replicating the virtual machine with Veeam Backup & Replication without Bitlooker enabled.
  4. Replicating the virtual machine with Veeam Bitlooker enabled.

The thesis, or point to prove, is that test 1-3 will have no or little impact on the size of the vmdk file however – magic will happen on test 4. So lets perform the tests and find out for real!

Test 1:

VM moved to another host while offline and now let’s explore what can be seen using different methods.

Inside the VM:

From the host:

So no change in vmdk file size as expected.

Test 2:

The virtual machine will be replicated to another host using VMware vSphere Replication 6.5.

VMware vSphere has been configured using the following settings:

Not alot of settings, in fact, the above settings will have no impact on the vmdk size. They will only have control how the snapshot on the VM will be generated (crash consistent vs consistent backup) and the impact the replication job will have on the network.

Inside the VM:

From the host:

Since ‘ls’ doesn’t show the actual size on a thin disk, disk usage ‘du’ is used instead:

So no change in vmdk file size as expected.

Test 3:

The virtual machine is replicated to another host using Veeam Backup & Replication v9.5.

Replication from a Veeam perspective has been set up, to make a fair comparison to the VMware replication test (test 2), the Veeam job will not use exclude swap file blocks:

Processed and read data in the picture below tells us that Veeam doesn’t know the difference between blocks in use and blocks marked as deleted (the same applies for almost all backup vendors):

Inside the VM:

From the host:

And using ‘du’:

So no change in vmdk file size as expected.


Test 4:

Know time for the fun stuff. The virtual machine will be replicated to another host using Veeam Backup & Replication v9.5. We will use both space saving techniques we can enable on the job (with application-aware processing we can also exclude specific files, folders, file extensions but we’re not using that feature in this test)

Now, this is the magic we were looking for! The  proxy server has processed all of the data but it has only read data that contain used blocks!

From the VM:

From the host:

Now the vSphere web client combine the .vmdk and -flat.vmdk file into one (like it’s done forever):

And the disk usage utility shows:

Yikes! That’s cool stuff!


Bitlooker is a feature you should have enabled on any relevant job. It certainly can be used to reclaim that precious storage space you so desperately need.  Heck, why no use it as part of your normal failover testing, cause you’ll already doing that right? Once a month (or how often you feel appropriate) do a planned failover using Veeam Backup & Replication, verify that you DR plan works and as an added bonus you reclaim disk space in the process!

And yet another benefit is the spent replicating the virtual machine, without Bitlooker it took 30 minutes to replicate the VM from one host to another but it was just shy of 7 minutes with Bitlooker enabled.

So seriously, why are you not using this magic thing? There’s only one drawback, Bitlooker supports only NTFS file system (=Windows VMs).

My top 5 features of Veeam Availability Suite 9.5

5. Direct restore to Azure
Restore backup from any Veeam backup product to Microsoft Azure: From Backup & Replication, Backup Free edition or Endpoint backup free.
P2V or V2V? Not a problem! This means VMs from any hypervisor or physical machines, even VMs running in any cloud where you can install Endpoint Backup Free or Windows/Linux agents from Veeam are eligible to restore. And it doesn’t matter if you’re running Windows or Linux.

4. Enhanced VMware vCloud Director support for service providers
Let your cloud tenants use native vCloud authentication to access the new self-service backup and restore portal in Enterprise manager. Let them use predefined backup jobs to protect their vApps and restore VMs, vApps or guest files.

3. Proxy affinity
With proxy affinity you can control what proxy servers are allowed to use specific repositories. It’s an easier way with less administration – no need to select individual proxy servers in each and every backup job (if needed) to keep backup traffic local to the site.

2. Cloud Connect for service providers
There are a few functions added to Cloud Connect providers that are not new per se but introduced to Cloud Connect in version 9.5. Such as:
Per-VM backup file chains support
Scale-out Backup repository support
Advanced ReFS integration support

1. Advanced ReFS Integration
Hands down my favorite new function is the ReFS integration. This is a fantastic technology from Microsoft and the integration Veeam made with it in Backup & Replication 9.5 is nothing short of a amazing. Fast clone and spaceless full backup, sounds good right? Who needs dedupe storage anyway? And no need to worry (?) about data integrity with the use of integrity streams that is storage-level corruption guard on steriods.

Windows 2016 ReFS as a Veeam backup repository?

Do we really need dedupe storage for our long term backups? Well, dedupe storage certainly has it’s merits in the toolbox when you design your backup environment. But we do need to be aware of some of the drawbacks with dedupe, for instance performance for random I/O and rehydration of data if doing synthetic full backups. However, there’s been a great disturbance in the Force as of recently.

Microsoft made a huge release earlier this year with the ”2016”-suite, I thought it’d be a good idea to go through how to set up a server to be used as a repository for Veeam Backup & replication 9.5 and show some of the results. More specifically, let’s use the amazing Resilient File System (ReFS) v3 found in Windows Server 2016.

Windows Server 2016 can be installed in two modes, with or without a GUI. Now, if no GUI is installed you can use powershell to do the configuration but for simplicity we’re going to use the GUI which is called ”Desktop experience” in the installer.

So boot your server from the dvd/iso and select Windows Server 2016 (Desktop Experience) of your flavor.

Desktop Experience

In the next step, select ”Custom: Install windows only (advanced)”


Select the drive to install Windows on:

C drive

Now the installation will start copying files to the drive and commence the installation of Windows.

Start installation

Click on Tools and select Computer Management in the server manager window:

Computer management

Open up the Disk management tool, this is where you find the attached drives on the server. In my case I have one drive where I installed windows and two additional drives. I’ll make some benchmarks later so I’m going to format one drive with ReFS and the other one with NTFS for comparison, but first let’s get them online:

Disk online

Then initialize the disks:

Initialize disk

Next up, we create a new simple volume on one of the disks:

Simple kolumn

Select file system and give the volume a name:

ReFS volume

Next disk we format with NTFS instead:


The result looks like this:


So let’s test it out and see if there’s any noticeable difference when using these as target for our backups.

I’ve created a folder on each of the disks and made two Veeam Backup Repositories, I’ve created two jobs backing up the same VM running Windows Server 2016(with different targets) and set up synthetic full backup, this is where Windows ReFS should really shine if you believe the hype.

Backup jobs

When the backup has run a few iterations it was time for the Synthetic Full backup using the NTFS backup repository as target:

NTFS Usage

So with NTFS, a full backup, a few incremental backups and at the end a Synthetic full backup used roughly 12 GB of disk space. Good deduplication and compression and not a lot of changes in the VM of course. But what about the ReFS repository?

Usage ReFS

Same backup intervall with a Synthetic full backup at the end generated roughly 7 GB go disk usage, pretty significant reduction in usage if you ask me. Now disk usage is when of the key features on why to use ReFS with it’s ”spaceless full backup technology” but there’s another benefit the has the same groundbreaking impact: Time.

Time it takes to make the full backup. Let’s take a look at the time it took to create the synthetic full backup on the NTFS repo.

NTFS synthetic full4 minutes and 15 seconds is not the bad for my VM, but imagine it being dozens of VMs…How does the ReFS repo compare then?

ReFS synthetic full11 seconds! Must be a typo? NO, it’s really not. Quite impressive. Now you might rethink the dedupe storage approach, you have all the space savings (almost) of the dedupe storage but performance of a traditional disk with no need to rehydrate data.

If you want to make it highly resilient you can leverage another Microsoft technology called Storage Spaces Direct where you’d get fault tolerance and ”auto-healing” as well.

A fantastic job from Microsoft with ReFS/Storage Spaces Direct and Veeam with the integration of the technology into Backup & Replication!