Details for Geeks Only!
Here are a few details that only more savvy technical-types will be interested in.
Both the Server and Client components run natively on Windows and Linux. There are no third-party dependencies (Java, .NET, etc.).
Backing up:
MSP Go Backup always encrypts all user data before sending or storing it, using strong AES-256-CTR with Poly1305 in AEAD mode with high-entropy random keys. The user's password is used to derive two 192-bit keys (the "L" and "R" keys) via PBKDF2-SHA512, with hard-coded parameters for repeatable output.
When MSP Go Backup sets up a Storage Vault for the first time, it generates two high-entropy random keys (the 256-bit "A" and 128-bit "E" keys). All user data in the Storage Vault is stored encrypted with the A-key using AES-256 in CTR mode, and authenticated using Poly1305 in AEAD (encrypt-then-MAC) mode. The only party with the decryption key is your company/the backup user. This ensures total privacy of the PHI data.
MSP Go Backup always encrypts all user data before sending or storing it, using strong AES-256-CTR with Poly1305 in AEAD mode with high-entropy random keys. The user's password is used to derive two 192-bit keys (the "L" and "R" keys) via PBKDF2-SHA512, with hard-coded parameters for repeatable output.
- The L-key is used to log in to the Auth Role server in place of the real password; the server stores only a bcrypt(sha512) hash of this L-key.
- The R-key never leaves the client, and is used to encrypt secret keys stored within the user's profile on the server.
When MSP Go Backup sets up a Storage Vault for the first time, it generates two high-entropy random keys (the 256-bit "A" and 128-bit "E" keys). All user data in the Storage Vault is stored encrypted with the A-key using AES-256 in CTR mode, and authenticated using Poly1305 in AEAD (encrypt-then-MAC) mode. The only party with the decryption key is your company/the backup user. This ensures total privacy of the PHI data.
MSP Go Backup can be part of your GDPR compliant backup offering, however you will have to ensure that you fulfil your own GDPR obligations as well. It maybe advantageous to engage a GDPR consultant or agency to ensure your compliance.
Encryption:
MSP Go Backup always encrypts all user data before storing it. It remains encrypted during transfer and also at rest in the storage destination, even in a scenario where the storage destination is compromised the data remains unreadable. Technical details about our encryption can be found here.
Server and Storage Locations:
For MSP Go Backup Enterprise as this is a self-hosted and managed product that you control, you can choose where your server and storage destinations are located and what security measures you have in place. MSP Go BackupGo! Server and it's attached storage are hosted on Amazon AWS EC2 & Object Storage platforms in the region you selected upon signup. More information is available here about the cloud security measures Amazon has in place.
Access:
If you are using MSP Go Backup Enterprise, only you can access your MSP Go Backup server and grant/create additional system users. If you are using MSP Go BackupGo! we respect the privacy and security of your server instance. In the unlikely event that MSP Go Backup Backup staff would require direct access your MSP Go Backup Server instance, your consent will be sought first and this access will only be undertaken if consent is granted by you.
Removal of data:
In both MSP Go Backup Enterprise and Go! you have total control over the data including deletion options if a customer requests it from you.
MSP Go Backup always encrypts all user data before storing it. It remains encrypted during transfer and also at rest in the storage destination, even in a scenario where the storage destination is compromised the data remains unreadable. Technical details about our encryption can be found here.
Server and Storage Locations:
For MSP Go Backup Enterprise as this is a self-hosted and managed product that you control, you can choose where your server and storage destinations are located and what security measures you have in place. MSP Go BackupGo! Server and it's attached storage are hosted on Amazon AWS EC2 & Object Storage platforms in the region you selected upon signup. More information is available here about the cloud security measures Amazon has in place.
Access:
If you are using MSP Go Backup Enterprise, only you can access your MSP Go Backup server and grant/create additional system users. If you are using MSP Go BackupGo! we respect the privacy and security of your server instance. In the unlikely event that MSP Go Backup Backup staff would require direct access your MSP Go Backup Server instance, your consent will be sought first and this access will only be undertaken if consent is granted by you.
Removal of data:
In both MSP Go Backup Enterprise and Go! you have total control over the data including deletion options if a customer requests it from you.
On Windows, the "Take filesystem snapshot" option creates a VSS snapshot.
This enables MSP Go Backup to back up files that are currently in-use. It also provides disk-wide "crash-consistency", as all files for backup will originate from the precisely same timestamp.
Non-Windows platforms do not currently require the use of this feature to back up in-use files, however, they also do not benefit from the disk-wide consistency.
Current versions of MSP Go Backup cannot take filesystem snapshots of a Protected Item located on a network share; be sure to disable the "Take filesystem snapshot" option on the Protected Item.
Windows supports taking VSS snapshots of NTFS and ReFS filesystems. MSP Go Backup can snapshot these filesystems for backup.
Windows does not support taking VSS snapshots of FAT or exFAT filesystems. Protected Items backing up these filesystems must not use the "Take filesystem snapshot" option.
This feature is enabled by default for new Protected Items.
This enables MSP Go Backup to back up files that are currently in-use. It also provides disk-wide "crash-consistency", as all files for backup will originate from the precisely same timestamp.
Non-Windows platforms do not currently require the use of this feature to back up in-use files, however, they also do not benefit from the disk-wide consistency.
Current versions of MSP Go Backup cannot take filesystem snapshots of a Protected Item located on a network share; be sure to disable the "Take filesystem snapshot" option on the Protected Item.
Windows supports taking VSS snapshots of NTFS and ReFS filesystems. MSP Go Backup can snapshot these filesystems for backup.
Windows does not support taking VSS snapshots of FAT or exFAT filesystems. Protected Items backing up these filesystems must not use the "Take filesystem snapshot" option.
This feature is enabled by default for new Protected Items.
MSP Go Backup supports backing up Windows network shares (SMB / CIFS). However, you should prefer to install MSP Go Backup Backup directly on the network device; this will offer increased backup performance.
MSP Go Backup supports entering custom Windows Network Authentication credentials via the "Log in to network share" option. If you select a network share for backup, you may need to enter custom credentials in order for the service user account to access the network share.
Because mapped network drives are private to a user session, MSP Go Backup Backup automatically converts mapped network drive letters into their UNC path equivalent, so that it can still be accessed by the service user account.
Current versions of MSP Go Backup cannot take (VSS) filesystem snapshots of a Protected Item located on a network share; be sure to disable the "Take filesystem snapshot" option on the Protected Item.
On non-Windows platforms, you should mount the network share locally before backing it up.
MSP Go Backup supports entering custom Windows Network Authentication credentials via the "Log in to network share" option. If you select a network share for backup, you may need to enter custom credentials in order for the service user account to access the network share.
Because mapped network drives are private to a user session, MSP Go Backup Backup automatically converts mapped network drive letters into their UNC path equivalent, so that it can still be accessed by the service user account.
Current versions of MSP Go Backup cannot take (VSS) filesystem snapshots of a Protected Item located on a network share; be sure to disable the "Take filesystem snapshot" option on the Protected Item.
On non-Windows platforms, you should mount the network share locally before backing it up.
EFS is a Windows feature that allows you to encrypt individual files on disk. MSP Go Backup supports backing up EFS-encrypted files on Windows. The files will be silently decrypted if possible (e.g. if MSP Go Backup Backup is running as the encryption user, or if MSP Go Backup Backup is running as the EFS Recovery Agent user).
If it is not possible to automatically decrypt the file for backup, MSP Go Backup will back up the file in its encrypted form, and will only be able to restore it in its encrypted form. EFS-encrypted files are displayed with green text in the Restore browser dialog in MSP Go Backup Backup.
If you have a PC failure, the EFS encryption keys may be lost. In this situation, the EFS-encrypted files may be unusable, even after restoring from backup. MSP Go Backup warns you about this situation by adding a warning message in the backup job log.
In order to safely prepare for this scenario, you should export the PC's EFS encryption keys, so that the files can be accessed after a PC failure. On Windows, you can do this via certmgr.msc; or on Windows Server, taking a System State backup may be sufficient.
Once you have safely backed up the PC's EFS encryption keys, you can suppress the warning in MSP Go Backup Backup by enabling the "I confirm EFS keys are exported" option in the Protected Item settings.
If you have only a partial PC failure (e.g. files lost, but OS installation and user accounts remain intact) the EFS-encrypted files will be restorable without any further attention to the EFS keys.
Finding files using EFS
You can use the cipher /u /n command to list all files on the local PC that are EFS-encrypted.
Finding the certificate used to encrypt a file
You can use the cipher /C C:\path\to\file.txt command to display the user accounts and certificates that are able to decrypt a file. This may indicate which user originally encrypted the file and/or which EFS certificates are necessary for backup.
If it is not possible to automatically decrypt the file for backup, MSP Go Backup will back up the file in its encrypted form, and will only be able to restore it in its encrypted form. EFS-encrypted files are displayed with green text in the Restore browser dialog in MSP Go Backup Backup.
If you have a PC failure, the EFS encryption keys may be lost. In this situation, the EFS-encrypted files may be unusable, even after restoring from backup. MSP Go Backup warns you about this situation by adding a warning message in the backup job log.
In order to safely prepare for this scenario, you should export the PC's EFS encryption keys, so that the files can be accessed after a PC failure. On Windows, you can do this via certmgr.msc; or on Windows Server, taking a System State backup may be sufficient.
Once you have safely backed up the PC's EFS encryption keys, you can suppress the warning in MSP Go Backup Backup by enabling the "I confirm EFS keys are exported" option in the Protected Item settings.
If you have only a partial PC failure (e.g. files lost, but OS installation and user accounts remain intact) the EFS-encrypted files will be restorable without any further attention to the EFS keys.
Finding files using EFS
You can use the cipher /u /n command to list all files on the local PC that are EFS-encrypted.
Finding the certificate used to encrypt a file
You can use the cipher /C C:\path\to\file.txt command to display the user accounts and certificates that are able to decrypt a file. This may indicate which user originally encrypted the file and/or which EFS certificates are necessary for backup.
Windows Server 2012 and later have a data deduplication feature that is separate- and unrelated- to MSP Go Backup's own deduplication, that can be used to increase free disk space on NTFS volumes. A scanning process runs in the background to find and merge duplicate file content. By default, the scanning process runs overnight.
Deduplicated files look and behave like normal files; however, they are stored on disk in a special format, that can only be read by Windows Server (and Linux). Non-Server versions of Windows are entirely unable to read these files from disk.
When backing up deduplicated files with MSP Go Backup, it backs up the full file content, and then applies its own deduplication to it. This means that Windows Server deduplicated files can be safely restored to non-Server versions of Windows.
When restoring deduplicated files from MSP Go Backup, the files are restored in their full format, and are not re-deduplicated until Windows runs its next background scanning pass. This means that you may not have enough free disk space to completely restore a MSP Go Backup backup to the same source drive.
Deduplicated files look and behave like normal files; however, they are stored on disk in a special format, that can only be read by Windows Server (and Linux). Non-Server versions of Windows are entirely unable to read these files from disk.
When backing up deduplicated files with MSP Go Backup, it backs up the full file content, and then applies its own deduplication to it. This means that Windows Server deduplicated files can be safely restored to non-Server versions of Windows.
When restoring deduplicated files from MSP Go Backup, the files are restored in their full format, and are not re-deduplicated until Windows runs its next background scanning pass. This means that you may not have enough free disk space to completely restore a MSP Go Backup backup to the same source drive.
You can exclude a range of files from the backup job. An exclusion filter checks whether to exclude each file from backup, using either a glob pattern or a regular expression (regex).
There is no limit to the number of exclusion filters you can add to a single Protected Item.
MSP Go Backup can exclude files based on a global pattern. Any files matching the global pattern will be excluded from the backup job.
The expression is tested against the full disk path to the file. Your global expression can be a partial match (e.g. *.txt) or a fully anchored match (e.g. C:\path\to\file.docx).
Some special characters and wildcards are allowed:
A star (*) skips zero or more characters within a filename
A double-star (/**/) skips any number of directory components
A question-mark (?) skips a single character within a filename
Square brackets denote a character class (e.g. [0-9]) within a directory or file name
As of MSP Go Backup 18.9.1, an invalid glob pattern will prevent a backup job from running.
MSP Go Backup can exclude files based on a regular expression (regex). Any files matching the regular expression will be excluded from the backup job. The specific syntax is that of the Go regexp library. The regular expression is tested against the full disk path to the file. This enables filtering by path component, or (on Windows) drive letter.
By default, the regular expression is case-sensitive. You can perform a case-insensitive match by adding an (?i) expression non-anchored. You can restrict your regex to the start- or end- of the file path by using the ^, $, \A and/or \z expressions. Forwardslash (/) is not a special character and does not require escaping with \/.
An invalid regular expression will prevent a backup job from running.
System exclusions
The MSP Go Backup Backup system automatically excludes certain folders.
On Windows, MSP Go Backup skips
There is no limit to the number of exclusion filters you can add to a single Protected Item.
MSP Go Backup can exclude files based on a global pattern. Any files matching the global pattern will be excluded from the backup job.
The expression is tested against the full disk path to the file. Your global expression can be a partial match (e.g. *.txt) or a fully anchored match (e.g. C:\path\to\file.docx).
Some special characters and wildcards are allowed:
A star (*) skips zero or more characters within a filename
A double-star (/**/) skips any number of directory components
A question-mark (?) skips a single character within a filename
Square brackets denote a character class (e.g. [0-9]) within a directory or file name
As of MSP Go Backup 18.9.1, an invalid glob pattern will prevent a backup job from running.
MSP Go Backup can exclude files based on a regular expression (regex). Any files matching the regular expression will be excluded from the backup job. The specific syntax is that of the Go regexp library. The regular expression is tested against the full disk path to the file. This enables filtering by path component, or (on Windows) drive letter.
By default, the regular expression is case-sensitive. You can perform a case-insensitive match by adding an (?i) expression non-anchored. You can restrict your regex to the start- or end- of the file path by using the ^, $, \A and/or \z expressions. Forwardslash (/) is not a special character and does not require escaping with \/.
An invalid regular expression will prevent a backup job from running.
System exclusions
The MSP Go Backup Backup system automatically excludes certain folders.
On Windows, MSP Go Backup skips
- The .BIN and System Volume Information directories in any drive root
- The C:\Recovery directory
- The C:\pagefile.sys, C:\hiberfil.sys, and C:\swapfile.sys files
- The MicrosoftEdge.exe file
- This is intended to work around an issue with The file cannot be accessed by the system messages affecting Windows 1803 and later.
- Invalid .DFSFolderLink files
- The /proc directory
- The /sys directory
- The /selinux directory
- The /dev directory (as of MSP Go Backup 18.11.0)
- The /dev directory (as of MSP Go Backup 18.11.0)
- The /Users/.../Library/VoiceTrigger/SAT directory (as of MSP Go Backup 19.9.6)
- This is a protected AF_DATAVAULT directory that is inaccessible with SIP enabled (the default).
The Protected Item type backs up Microsoft Exchange Server databases. The underlying technology is VSS and is compatible with Microsoft Exchange Server 2007 and later, including Exchange Server 2016 (the latest version at the time of writing).
The appropriate VSS writer must be installed.
Some forms of Exchange Server backup will cause log truncation to occur on the Exchange Server. For more information, please see the official Exchange Server documentation. If circular logging is enabled on the Exchange Server, the 'Incremental' and 'Differential' backup types have limited effect.
Exchange Server 2007
By default, Exchange 2007 does not enable the VSS writer. The VSS writer may have been enabled by another backup system installed on the PC.
If you encounter error messages like Couldn't find Exchange Server installation on this device or Failed to perform VSS snapshot on a machine running Exchange 2007, the Exchange VSS writer (MSExchangeIS) may not be enabled.
You can confirm whether this is the case by checking for Microsoft Exchange Writer in the output of vssadmin list writers, or, in the Browse dialog for a new "Application Aware Writer" Protected Item.
You can manually activate the Exchange VSS writer by making the following steps:
Open regedit and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Change the Disable Exchange Writer value from 1 to 0
Restart the Microsoft Exchange Information Store service
The appropriate VSS writer must be installed.
Some forms of Exchange Server backup will cause log truncation to occur on the Exchange Server. For more information, please see the official Exchange Server documentation. If circular logging is enabled on the Exchange Server, the 'Incremental' and 'Differential' backup types have limited effect.
Exchange Server 2007
By default, Exchange 2007 does not enable the VSS writer. The VSS writer may have been enabled by another backup system installed on the PC.
If you encounter error messages like Couldn't find Exchange Server installation on this device or Failed to perform VSS snapshot on a machine running Exchange 2007, the Exchange VSS writer (MSExchangeIS) may not be enabled.
You can confirm whether this is the case by checking for Microsoft Exchange Writer in the output of vssadmin list writers, or, in the Browse dialog for a new "Application Aware Writer" Protected Item.
You can manually activate the Exchange VSS writer by making the following steps:
Open regedit and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Change the Disable Exchange Writer value from 1 to 0
Restart the Microsoft Exchange Information Store service
Using this Protected Item type may incur a per-hypervisor Booster charge.
Yes, you can back up Microsoft Hyper-V virtual machines. The underlying technology is VSS and is compatible with all versions of Hyper-V running on Windows Server, including Windows Server 2016 (the latest version at the time of writing).
MSP Go Backup integrates with the Hyper-V VSS writer to perform a Hyper-V backup snapshot, including support for in-VM quiescence on supported guest operating systems.
Backing up a Hyper-V virtual machine with MSP Go Backup includes, but is not limited to:
A backup taken on the primary VM host is application-consistent (if possible), by quiescing a VSS snapshot inside the VM guest; or crash-consistent otherwise. However, a backup taken on the secondary VM host is only ever crash-consistent, because the replica VM is not running in order for guest integration services to take a VSS snapshot.
Current versions of Hyper-V do not allow backing up a VM that is currently replicating. If a VM is found to be currently replicating at the time of backup, MSP Go Backup will retry the operation a few times. If you repeatedly see errors of the form The virtual machine '...' cannot start a backup operation because it is currently executing a conflicting operation. Try the backup again., and you are running backups from the replica VM host, you could consider
Scheduling the backup job to run at a time when it's more likely that the VM replication is up-to-date; or using Before / After commands in MSP Go Backup to temporarily stop VM replication while the backup job is running.
Yes, you can back up Microsoft Hyper-V virtual machines. The underlying technology is VSS and is compatible with all versions of Hyper-V running on Windows Server, including Windows Server 2016 (the latest version at the time of writing).
MSP Go Backup integrates with the Hyper-V VSS writer to perform a Hyper-V backup snapshot, including support for in-VM quiescence on supported guest operating systems.
Backing up a Hyper-V virtual machine with MSP Go Backup includes, but is not limited to:
- Its configuration file
- All attached virtual drives
- The contents of memory (if the machine was running)
- The full tree of saved checkpoints
- You can select individual virtual machines for backup, or choose "All virtual machines".
A backup taken on the primary VM host is application-consistent (if possible), by quiescing a VSS snapshot inside the VM guest; or crash-consistent otherwise. However, a backup taken on the secondary VM host is only ever crash-consistent, because the replica VM is not running in order for guest integration services to take a VSS snapshot.
Current versions of Hyper-V do not allow backing up a VM that is currently replicating. If a VM is found to be currently replicating at the time of backup, MSP Go Backup will retry the operation a few times. If you repeatedly see errors of the form The virtual machine '...' cannot start a backup operation because it is currently executing a conflicting operation. Try the backup again., and you are running backups from the replica VM host, you could consider
Scheduling the backup job to run at a time when it's more likely that the VM replication is up-to-date; or using Before / After commands in MSP Go Backup to temporarily stop VM replication while the backup job is running.
Using this Protected Item type may incur a Booster charge.
Yes, you can back up Microsoft SQL Server databases. The underlying technology is VDI and is compatible with SQL Server 2005 and later, including SQL Server 2019 (the latest version at the time of writing).
No data is spooled to the local disk. As per the "Program Output" type, no progress bar or ETA appears during a Microsoft SQL Server backup.
Databases are backed up one-at-a-time. If you require point-in-time consistency across multiple databases, please use the "Application-Aware Writer" option instead.
MSP Go Backup allows you to connect to SQL Server using either Windows authentication (running as the backup service account - usually NT SERVICE\backup.delegate or SYSTEM), or native SQL Server authentication.
Backup mode
By default, MSP Go Backup opts to make a full database export from SQL Server, and then uses its own deduplication system to optimise the stored/uploaded data.
This is the "Full (copy only)" option. It is equivalent to the BACKUP WITH COPY_ONLY T-SQL statement.
Because MSP Go Backup can efficiently deduplicate full image backups, it is normally sufficient to only take full backups of SQL Server in MSP Go Backup.
Base images
You have the option to use SQL Server's own differential/log backup system. This may be more efficient, but it does require additional administrative work, and complicates the process of restoring data.
The SQL Server maintains one single point-in-time reference, from which it can produce differential backups and/or log-based backups. When you take a new "Full (base image)" backup, the point-in-time reference is moved forward, so that any future differential and/or log-based backups are based on the last base-image backup.
To use SQL Server's own differential/log backup system, you must create multiple Protected Items (each with a different schedule) in order to capture both a base image and a differential/log backups. By creating multiple Protected Items, you can individually schedule, report-on, and manage retention policies for both base and differential/log backups.
If you are using MSP Go Backup alongside another product for SQL server backups, you should ensure that only one product is taking base-image backups. Otherwise, it's possible that a chain of differential/log backups would be incomplete.
Differential
MSP Go Backup can use SQL Server's own systems for differential backup. In this mode, you can regularly make "differential base" backups, and then a series of small "differential increment" backups, each containing the difference from the last base backup. These operations are equivalent to the BACKUP and BACKUP WITH DIFFERENTIAL T-SQL statements respectively. MSP Go Backup will still deduplicate multiple base backups that are sent to the same Storage Vault.
This is the "Differential increment" option.
Log
You can opt to use SQL Server's own systems for log backup. In this mode, you must periodically take full (base image) backups, and regularly take log backups.
You have the choice of whether to apply log truncation. These operations are equivalent to the BACKUP LOG and BACKUP LOG WITH NO_TRUNCATE T-SQL statements respectively. MSP Go Backup will still deduplicate all data that is sent to the same Storage Vault.
To use SQL Server's own log system, you must create multiple Protected Items (each with a different schedule) in order to capture both full and log backups.
This mode requires that the database Recovery Model is set to "Full" or "Bulk Logged" in SQL Server. For more information, please see https://msdn.microsoft.com/en-us/library/ms189275.aspx
Recommendations
In general, we would recommend using the default "Full" backup technique.
SQL Server's native differential/log systems may be used if you experience performance issues with the default mode, however, you must ensure that
Yes, you can back up Microsoft SQL Server databases. The underlying technology is VDI and is compatible with SQL Server 2005 and later, including SQL Server 2019 (the latest version at the time of writing).
No data is spooled to the local disk. As per the "Program Output" type, no progress bar or ETA appears during a Microsoft SQL Server backup.
Databases are backed up one-at-a-time. If you require point-in-time consistency across multiple databases, please use the "Application-Aware Writer" option instead.
MSP Go Backup allows you to connect to SQL Server using either Windows authentication (running as the backup service account - usually NT SERVICE\backup.delegate or SYSTEM), or native SQL Server authentication.
Backup mode
By default, MSP Go Backup opts to make a full database export from SQL Server, and then uses its own deduplication system to optimise the stored/uploaded data.
This is the "Full (copy only)" option. It is equivalent to the BACKUP WITH COPY_ONLY T-SQL statement.
Because MSP Go Backup can efficiently deduplicate full image backups, it is normally sufficient to only take full backups of SQL Server in MSP Go Backup.
Base images
You have the option to use SQL Server's own differential/log backup system. This may be more efficient, but it does require additional administrative work, and complicates the process of restoring data.
The SQL Server maintains one single point-in-time reference, from which it can produce differential backups and/or log-based backups. When you take a new "Full (base image)" backup, the point-in-time reference is moved forward, so that any future differential and/or log-based backups are based on the last base-image backup.
To use SQL Server's own differential/log backup system, you must create multiple Protected Items (each with a different schedule) in order to capture both a base image and a differential/log backups. By creating multiple Protected Items, you can individually schedule, report-on, and manage retention policies for both base and differential/log backups.
If you are using MSP Go Backup alongside another product for SQL server backups, you should ensure that only one product is taking base-image backups. Otherwise, it's possible that a chain of differential/log backups would be incomplete.
Differential
MSP Go Backup can use SQL Server's own systems for differential backup. In this mode, you can regularly make "differential base" backups, and then a series of small "differential increment" backups, each containing the difference from the last base backup. These operations are equivalent to the BACKUP and BACKUP WITH DIFFERENTIAL T-SQL statements respectively. MSP Go Backup will still deduplicate multiple base backups that are sent to the same Storage Vault.
This is the "Differential increment" option.
Log
You can opt to use SQL Server's own systems for log backup. In this mode, you must periodically take full (base image) backups, and regularly take log backups.
You have the choice of whether to apply log truncation. These operations are equivalent to the BACKUP LOG and BACKUP LOG WITH NO_TRUNCATE T-SQL statements respectively. MSP Go Backup will still deduplicate all data that is sent to the same Storage Vault.
To use SQL Server's own log system, you must create multiple Protected Items (each with a different schedule) in order to capture both full and log backups.
This mode requires that the database Recovery Model is set to "Full" or "Bulk Logged" in SQL Server. For more information, please see https://msdn.microsoft.com/en-us/library/ms189275.aspx
Recommendations
In general, we would recommend using the default "Full" backup technique.
SQL Server's native differential/log systems may be used if you experience performance issues with the default mode, however, you must ensure that
- No other backup systems are resetting the last base backup;
- Whenever the differential/log backs up successfully, that the base has also recently backed up successfully;
- Base backups are performed regularly to minimise differential overhead; and
- Retention is carefully managed to ensure that recovery is possible
Yes, you can back up a MySQL database. It is also compatible with MySQL-compatible servers such as MariaDB and Percona Server. It works at the logical (SQL) level.
No data is spooled to the local disk. As per the "Program Output" type, no progress bar or ETA appears during a MySQL backup.
Databases are backed up one-at-a-time. Point-in-time consistency is only preserved on a per-database basis.
No data is spooled to the local disk. As per the "Program Output" type, no progress bar or ETA appears during a MySQL backup.
Databases are backed up one-at-a-time. Point-in-time consistency is only preserved on a per-database basis.
Using this Protected Item type may incur a Booster charge.
MongoDB is a general purpose NoSQL database developed by MongoDB, Inc.
MSP Go Backup Backup supports backing up MongoDB databases as a Protected Item type.
No temporary disk space is required: database content is streamed directly from the MongoDB server into MSP Go Backup's chunking deduplication engine without requiring any temporary disk space. All backup jobs require only incremental storage using MSP Go Backup's chunking technology.
Backing up data from your MongoDB server will cause some additional load on the MongoDB server for the duration of the backup job.
We can backup a MongoDB replica set with a consistent point-in-time snapshot.
We can back up a sharded MongoDB cluster, but depending on your MongoDB server version, there are some limitations:
In MongoDB 4.2 and later, the backup may not be point-in-time consistent, unless writes are temporarily suspended to the MongoDB cluster (e.g. by running custom Before and After commands on the MSP Go Backup Protected Item configuration).
If you are using a variant MongoDB engine (e.g. Amazon DocumentDB or Azure CosmosDB), different consistency guarantees may apply to sharded backups. You should check with your vendor for additional information.
To back up a sharded cluster in MSP Go Backup, enter the mongos front-end server in the MSP Go Backup connection details.
When backing up from a mongos server, MSP Go Backup cannot make use of the "read preference" selection as data is proxied through mongos. The backup will read from the primary replica set member of each shard replica set.
MongoDB is a general purpose NoSQL database developed by MongoDB, Inc.
MSP Go Backup Backup supports backing up MongoDB databases as a Protected Item type.
No temporary disk space is required: database content is streamed directly from the MongoDB server into MSP Go Backup's chunking deduplication engine without requiring any temporary disk space. All backup jobs require only incremental storage using MSP Go Backup's chunking technology.
Backing up data from your MongoDB server will cause some additional load on the MongoDB server for the duration of the backup job.
We can backup a MongoDB replica set with a consistent point-in-time snapshot.
We can back up a sharded MongoDB cluster, but depending on your MongoDB server version, there are some limitations:
In MongoDB 4.2 and later, the backup may not be point-in-time consistent, unless writes are temporarily suspended to the MongoDB cluster (e.g. by running custom Before and After commands on the MSP Go Backup Protected Item configuration).
If you are using a variant MongoDB engine (e.g. Amazon DocumentDB or Azure CosmosDB), different consistency guarantees may apply to sharded backups. You should check with your vendor for additional information.
To back up a sharded cluster in MSP Go Backup, enter the mongos front-end server in the MSP Go Backup connection details.
When backing up from a mongos server, MSP Go Backup cannot make use of the "read preference" selection as data is proxied through mongos. The backup will read from the primary replica set member of each shard replica set.
MSP Go Backup can back up the contents of any installed VSS Writer using the "Application Aware Writer" option. Oracle Database officially supports backup via its installed VSS Writer.
You may need to install the Oracle VSS Writer separately. It is available with Oracle Database 11g and later (including 12c and 18c); newer versions of the Oracle VSS Writer can be installed separately to back up a 10g or 9i database.
You should use the "Application Aware Writer" option and select the Oracle VSS Writer - ORCL component. Inside this option, you can select individual tablespaces for backup, or select the entire component.
The Oracle VSS Writer reads the database with SYSDBA privileges.
The Oracle VSS Writer supports log, copy, full, differential, and incremental backups:
You may need to install the Oracle VSS Writer separately. It is available with Oracle Database 11g and later (including 12c and 18c); newer versions of the Oracle VSS Writer can be installed separately to back up a 10g or 9i database.
You should use the "Application Aware Writer" option and select the Oracle VSS Writer - ORCL component. Inside this option, you can select individual tablespaces for backup, or select the entire component.
The Oracle VSS Writer reads the database with SYSDBA privileges.
The Oracle VSS Writer supports log, copy, full, differential, and incremental backups:
- If you take "full" or "copy" backups at the VSS component, MSP Go Backup will deduplicate them together, producing its own incremental backups
- If you take "incremental" backups at the VSS component, it may be slightly more space-efficient than MSP Go Backup's incremental system as Oracle has more specific understanding of the file formats. However, when restoring, you must take care to restore the full backup and all incremental/log backups too, that adds complexity.
- More information about the Oracle VSS Writer is available in Oracle's documentation.