Data Protection Software 19.1

It’s that time! Data Protection Software 19.1 has been released.

Data Protection Software has been Updated

With new versions released simultaneously, that means there’s updates available for:

  • Data Protection Central
  • Data Protection Advisor
  • Data Protection Search
  • Avamar
  • NetWorker

Data Protection Search this time around was focused on fixing issues so I won’t cover it more below, but I’ll run through the new features in this update below.

Data Protection Central

At first glance, once you’ve got Data Protection Central upgraded, it may not look any different, but there’s been a lot of enhancements under the hood.

Data Protection Central 19.1

Here’s a quick list of some of the enhancements in DPC 19.1:

  • Support Data Domain Single Sign On (SSO) – Available with Data Domains running DDOS 6.2.0.10 and higher.
  • On-demand backup for NetWorker: drill down from a policy to a workflow and manually run the workflow as required.
  • Custom selection of date ranges for dashboard applets
  • Enhancements for LDAP, and the option to run operations either in mixed IPv4/IPv6, or solely IPv6.

DPC really lets you go big on data protection monitoring: a single DPC server can monitor/control up to 200 NetWorker and/or Avamar servers, and 80 Data Domains.

Don’t forget DPC is free. It’s just a single virtual machine to deploy within your environment.

The support page for DPC, where you can download DPC and its documentation can be accessed here.

Data Protection Advisor

DPA continues its march towards a full HTML5 GUI to replace the older, Flash GUI. v19.1 now incorporates a HTML5 interface to allow you to access and control significantly more of the Data Protection Advisor interface all from within a standard web browser. There’s also some reporting enhancements, and some great new reports, such as:

  • Virtual hosts not backed up
  • Data Domain compression overview
  • RMAN Backup Sets
  • RMAN Backup Pieces in Set
  • Backup all Jobs for RMAN Backup Set

Data collection gets enhanced – there’s more details for NetWorker workflow configuration reported, and similarly for Avamar clients, too.

From a security perspective, DPA can now use SMTPS.

The support page for DPA, where you can download the core server (Windows or Linux), agents, and documentation can be accessed here.

Avamar

Avamar, which had already transitioned most of its interface to the new HTML5 AUI, sees even more content shifted to the HTML5 interface. The chances of you needing to get into the older interface on a day to day basis is really pretty low. AUI now supports:

  • Access to the download area
  • Plugin support has been added for Domino, Sybase, SAP Oracle, SharePoint and SQL.
  • Cloud Tier configuration, including on-demand Cloud-Tier operations.
  • Granular recovery (GLR) for Cloud Tier when a cloud unit is using ECS.
  • View/restore replicated backups on destination or source Avamar servers.
  • Asset management for VMware now lets you add any of a virtual machine, vApp, resource pool or folder as an Avamar client.
  • and so much more.

The changes and updates aren’t just restricted to the HTML5 interface.

From a workflow/configuration perspective:

  • Virtual Machine FETB calculations now disregard whitespace
  • Upgrade workflows now support simultaneous Avamar and Data Domain upgrades to speed the process up.
  • There’s now procedures for deploying AVE on either pure/standard RHEL, as well as within OpenStack KVM.

There’s now an Orchestra REST API and components to increase capabilities around multi-system management, with an entirely new manual provided for this as well. This lets you basically register multiple Avamar servers to it, then execute REST API functions against all of them. (So if you’ve been building your own infrastructure management portal, you’ve got an even more efficient way to incorporate Avamar into it.)

From a security perspective, there’s now the option to use SecurID to require two factor authentication for file-level restores of guest virtual machine backups. Avamar 19.1 also has some additional security hardening procedures to meet US DoD Security Technical Implementation Guide compliance requirements. You can also disable SNMPv1 and SNMPv2c, and just use SNMPv3. Finally, you can use the AUI to push out security updates to proxies.

There’s also a bunch of compatibility updates that you can find in the release notes.

Due to Oracle’s changes on JRE licensing, there’s a JRE shipped with Avamar which you’re encouraged to use for any lingering Avamar Java access you may require, too.

The support page for Avamar, where you can download updates and the documentation can be accessed here.

NetWorker

There’s some great new features in NetWorker, too.

Getting JRE out of the way, there’s a JRE that ships with NetWorker now as well due to Oracle’s licensing changes on Java, and you’re encouraged to use this to access NMC, though you can continue to use any JRE that you’re licensed to.

The HTML5 NetWorker UI continues to advance, and now has support for managing policies, workflows, actions and groups.

There’s a disk connectivity check for people using disk based backup devices; this effectively has the NetWorker storage node daemons advise the NetWorker server if a disk goes offline so that it can report it through NMC, logs, and notifications.

From a security perspective, there’s some enhancements around SHA1 certificates for secure server/client communications. The initial connection to the NetWorker server’s NMC access point is now done via HTTPS, not HTTP. That means you can also create an SSL certificate if you’d like to completely validate that connection.

There’s a bunch of SNMP enhancements, including:

  • A SNMP v2c MIB file to support recovery
  • SNMP trap alerts for recovery
  • SNMP MIB support for recovery success/failure reporting

For command line lovers (I know I’m looking forward to trying this out), there’s now a CLI option for a single-command to create a Data Domain Boost device within NetWorker, including all the requisite folder creations that have to take place on the Data Domain; you can still use the NMC wizard to do this if you’d prefer, but if you like working at the command line, the option is there for you.

At the back-end, NetWorker now uses PostgreSQL v11.1, an upgrade from the v9.2 release previously used.

For vProxies, NetWorker now includes a mechanism to upgrade existing proxies rather than redeploying, and vProxies can now have dual NICs – useful if you want a seperate management interface, for instance.

Modules gets some updates, too: NMDA now supports SAP IQ transaction log backups and point-in-time recoveries, and MySQL v8 is now supported, too. NMM adds support for SharePoint 2019 and Exchange 2019. The old standalone SQL recovery GUI is now depreciated in favour of the SQL Server Management Studio (SSMS) plugin.

When I checked out NetWorker 19.1 I still had my 18.2 lab server running, so that meant having to do a new proxy deployment.

View VMware vCenters from NetWorker NWUI

The above screen grab shows my vCenter server added to my NetWorker 19.1 server. I used the vSphere Web Interface to deploy the new proxy via the standard OVA deployment mechanism – using thin provisioning, you can see that it really takes up no space at all:

vSphere Web Interface Deployment of vProxy, Summary Panel

Adding the vProxy to NetWorker is pretty straight-forward, too. Expand the vCenter/ESX environment until you see the proxy you want to add:

Adding a vProxy with NetWorker HTML5 Interface, Step 1

With the proxy selected, you’ll provide confirmation of session limits and passwords:

Adding a vProxy with NetWorker HTML5 Interface, Step 2

And the completed operation is shown as follows:

Proxy Successfully Added

As I mentioned, the HTML5 interface now includes a lot of control over policy configuration. One of the things I particularly like is being able to edit rules for dynamic policies as well – here’s the creation of a rule that I use to automatically select all virtual machines whose names start with ‘test’:

Rule definition: Dynamic VMware policies

And once created, you can preview the rule, too:

Previewing a rule

The important thing to keep in mind with rules, with dynamic groups for policies, is that their members are re-evaluated every time the policy is executed. If you’re using naming standards for systems in your environment, this a great way to get systems included automatically into backups.

Here’s a snippet of a policy configuration, too:

HTML5 Policy Configuration

You can start policies within the HTML5 interface as well, of course, and when it comes time to recover virtual machine backups, you’ve got the key options you’d expect for VMware integration:

Recovery Options in HTML5 UI

The important thing in the above is – this is the same UI that’s then presented via the vSphere Web Interface to the VMware admins, making it very easy for them to get in and manually run VMware backup policies if they need to, but more importantly, execute recoveries when they need to, all without learning a new interface.

The support page for NetWorker, where you can download updates and documentation, can be accessed here.

Wrapping Up

In addition to the various fixes you’d expect to see in any new release, there’s a bunch of new features across the Data Protection software portfolio. More so than ever, I really encourage you to download and use Data Protection Central: It’s free and it gives you easy visibility over your NetWorker and/or Avamar environments. If you’re still relying on email notifications each morning to check to see what backups succeeded or not, this is your first step towards saving yourself some time every single day.

Good updating!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.