Business Continuity with ABCC: Part 1: Understand Protection Estate Summary

In today's digital landscape, ensuring robust business continuity strategies is pivotal for organizations navigating an increasingly complex technological terrain. As businesses rely heavily on digital infrastructure, the need to fortify these systems against potential disruptions becomes paramount. Addressing this concern, this multipart blog series aims to provide a comprehensive guide to leveraging Azure Business Continuity Center (ABCC) for bolstering your business's resilience.

 

Tailwind Traders case study

 

The series revolve around Business continuity journey of a BCDR admin John at Tailwind. Tailwind is a large organization with more than 10000 resource on-premises and are in their migration journey to Azure. On Azure, they have 100 Azure VMs running SQL Server configured backup (via Azure Backup) and DR (via Azure Site Recovery) to meet their 60-minute RPO and 24-hour RTO requirements. John, in his recent role at Tailwind, shoulders the responsibility of overseeing all facets of business continuity.

 

This initial part of the series focuses on John's utilization of ABCC to achieve his primary objective: gaining insights into the protection estate summary.

 

John discovers the Azure Business Continuity Center, which provides a single unified management experience in Azure for enterprises to govern, monitor, operate, and analyze protection at scale across the solions and platforms. He's delighted to learn that there are no prerequisites or setup needed to embark on the journey with the Azure Business Continuity Center.

 

Accessing ABCC

 

To initiate the use of ABCC, John merely heads to the Azure Portal, searches for the Business Continuity Center, and accesses the dashboard from there.

 

 

 

View protection summary

 

Upon arriving at the ABCC overview, John encounters a condensed snapshot/summarized view from various angles. Overview helps him gain insights on which resources not protected, which are protected, their current protection status, security configuration for the protected items, compliance status etc.

 

 

 

On the Overview blade, John sees the five tiles helping him know – 

• Protectable resources – Indicates the count of resources not currently protected by available solutions.
• Protected items – gives the count of resources based on their protection status across the regions. Safeguarding resources in multiple regions ensures data/application availability in diverse circumstances.
• Security – Presently applicable to resources protected by Azure Backup. Displays the resource count per security level. ABCC conducts proactive assessments, evaluating security settings configured at the vault level, computing a security level based on these assessments.
• Monitoring- Reveals the count of alerts triggered in the past 24 hours, categorized by severity level.
• Protection compliance – Offers Azure Policies assignable to scoped resources, showcasing compliance statuses. This tile presents the count of both compliant and non-compliant Azure Policies assigned to resources.

John grasps that these interactive tiles prioritize user-friendliness. They're designed to be clickable, effortlessly directing users to corresponding views where they can delve into comprehensive details about specific resources.

 

Customize the view:

 

John notices couple of other options on the overview dashboard like:

• Filters: John utilizes filters to tailor the displayed information to your specific requirements. Available filters include:
  • Solution: Enables viewing the protection summary for a particular solution or all solutions. Choosing a specific solution in the filter prompts all tiles to display data related to the selected solution.
  • Datasource type: Facilitates reviewing the protection summary for specific types of datasources or all types. Datasources encompass Azure resources or items hosted within Azure resources (e.g., SQL in Azure VM) protected by any of the available solutions.
  • Subscription: Allows selection of one or more subscriptions from the list of subscriptions you have access to
  • Resource Group: Allows to select one or more Resource Groups from the list of all Resource Groups you have access to.
  • Location: Enables selection of one or multiple locations from the comprehensive list of all Azure locations.

 

John applies a filter to the view, narrowing it down to the Datasource type: SQL in Azure VM and understands the 100 Azure VMs running SQL Server are protected using backup for SQL database backup. Employing filters like subscription and resource group, he identifies that some recently migrated machines lack protection. Considering Tailwind's regional restrictions for resources, John could utilize the location filter to ensure that configurations align accordingly. He discovers that the statistics displayed on the overview page tiles dynamically change in response to his filter selections.

 

 

• Scope: John observes a new feature in ABCC that enhances visibility into protection landscape across various platforms such as Azure and Hybrid environments. To seamlessly transition between available information across these platforms, he utilizes the scope feature.

 

 

 

Clicking on “Currently showing: Azure managed Active resources change" he discovers a range of available options, including:​

• Resources managed by:​

• Azure​ resources: These are resources that are under the direct management and control of Azure. Azure resources are provisioned, configured, and monitored through Azure's services and tools. They are fully integrated into the Azure ecosystem, allowing for seamless management and optimization.
• Non-Azure resources: These are resources that exist outside the scope of Azure's management. They are not under the direct control of Azure services. Non-Azure resources may include on-premises servers, or any infrastructure not governed by Azure's management framework. Managing non-Azure resources may require separate tools and processes.​

• Resource status:​

• Active resources: Active resources pertain to those currently in active use, meaning they have not been deleted or decommissioned.
• Deprovisioned​ resources: Deprovisioned resources are those that have been decommissioned or removed from active service. Despite their non-operational status, their historical data, including backup and recovery points, is retained. This allows for data recovery or reference purposes, even though the resources themselves are no longer active.

 

 

John opts for the "non-Azure" option and confirms his selection. As expected, no hybrid resource protections appear, aligning with his anticipation. Switching the scope to Azure and deprovisioned resources, he once more finds no results, which aligns as they haven't deleted any resources yet.

 

Perform the actions:

 

John also discovers the ability to initiate actions from the menu located at the top:​

• Configure protection: Azure Business Continuity Center helps you configure protection, enabling backup or replication of the datasources from various views like overview, protectable resources, protected items. To configure protection for multiple datasources, you can use the Configure protection option available through the top pane on these views.
• Recover: allows you to perform recover actions available from solution used to protect the datasource like restore, failover, test failover etc.

 

For the moment, John sets it aside to delve deeper into later stages once he gains a better understanding of the current protection status.

 

 

Using in-built help

 

John also notices the presence of built-in assistance within ABCC under the "Help" menu. Upon clicking, he discovers that it covers:

• Business Continuity Center: Offers a concise brief of ABCC, detailing its various views and the objectives of each view.
• the current view: Provides comprehensive information about the current view, offering insights into its components such as filters, tiles, scope, columns, values, and more.

John is thrilled to find guidance on using ABCC directly within the portal, eliminating the need to navigate to the documentation for every minor query.

 

The overview provided John with a clear summary of the protection set up for his current organization. In the next article, we'll explore John's journey in understanding the protection inventory using ABCC.

 

Stay tuned………………