Protect Azure Virtual Machines

Before you protect the Azure VMs in your Azure source, you must set up a SaaS Connection for each region under each Azure subscription in your Azure source. A SaaS Connection consists of one or more SaaS Connectors, which are VMs that act as data movers between your data sources and the Cohesity DataProtect as a Service.

Once you set up a SaaS Connection, you are ready to protect the Azure VMs in the Azure source.

To protect your Azure virtual machines:

  1. In DataProtect as a Service, navigate to Sources, find the registered Azure source and click into it.

  2. Click the Azure VM tab.

  3. Use the checkboxes to select the Objects (VMs) for protection. To protect all objects in the source, click the checkbox next to Object.

  4. Click the Protect icon above the checkboxes.

  5. Choose a policy to specify backup frequency and retention. If you don't have a policy, you can easily create one.

  6. To change or configure any of the additional settings, select More Options and perform the below steps, or else, click Protect.

  7. Under Settings, edit the Start Time if necessary.

  8. In the SLA field, define how long the administrator expects a protection run to take. Enter:

    1. Full. The number of minutes you expect a full protection run, which captures all the blocks in an object, to take.

    2. Incremental. The number of minutes you expect an incremental protection run, which captures only the changed blocks in an object, to take.

  9. If you need to change any of the additional settings, click the down arrow icon next to Additional Settings and click Edit.

  10. Click Protect.

Cohesity DataProtect as a Service starts backing up the Azure VMs you selected. You can monitor the status of the backup in the Activity page.

Also, the Activity tab of a specific Azure VM shows the history of all protection runs, including the one in progress.

Additional Settings

Advance Settings Description
Pause Future Runs

Toggle on this option to stop protection runs from executing. Once you enable this option, no protection runs will be scheduled.
End Date

If you need to end protection on a specific date, enable this to select the date.
Azure SAS URL Type

For the backup of Azure VMs, Cohesity uses the snapshots of Azure managed disks that are accessible through SAS URLs. Select one of the following endpoint options to access data from the SAS URL:

  • Public Endpoint: Select this option to access snapshots over a public network.

  • Private Endpoint: Select this option to access snapshots using a private IP address from your virtual network. Click Configure Network Details for Private Endpoints and provide the following details for configuring the private endpoint:

    • Virtual Network: Select a virtual network in Azure. Ensure the virtual network of the SaaS connector and the private endpoint is the same.

    • Subnet: Select a subnet of the virtual network.
Quiet Times

(Available only if the selected policy has at least one Quiet Time.)

When enabled, all the protection runs that are currently executing will cancel when the Quiet Time period starts. By default, this setting is disabled, meaning that after a protection run starts, it continues to execute even when a Quiet Time period starts. However, new protection runs will not start during a Quiet Time.