- Article
- 10 minutes to read
This article explains how to install the Microsoft Azure Recovery Services (MARS) agent. MARS is also known as the Azure Backup agent.
About the MARS agent
Azure Backup uses the MARS agent to back up files, folders, and system state from on-premises machines and Azure VMs. Those backups are stored in a Recovery Services vault in Azure. You can run the agent:
- Directly on on-premises Windows machines. These machines can back up directly to a Recovery Services vault in Azure.
- On Azure VMs that run Windows side by side with the Azure VM backup extension. The agent backs up specific files and folders on the VM.
- On a Microsoft Azure Backup Server (MABS) instance or a System Center Data Protection Manager (DPM) server. In this scenario, machines and workloads back up to MABS or Data Protection Manager. Then MABS or Data Protection Manager uses the MARS agent to back up to a vault in Azure.
The data that's available for backup depends on where the agent is installed.
Note
Generally, you back up an Azure VM by using an Azure Backup extension on the VM. This method backs up the entire VM. If you want to back up specific files and folders on the VM, install and use the MARS agent alongside the extension. For more information, see Architecture of a built-in Azure VM backup.
Before you start
- Learn how Azure Backup uses the MARS agent to back up Windows machines.
- Learn about the backup architecture that runs the MARS agent on a secondary MABS or Data Protection Manager server.
- Review what's supported and what you can back up by the MARS agent.
- Make sure that you have an Azure account if you need to back up a server or client to Azure. If you don't have an account, you can create a free one in just a few minutes.
- Verify internet access on the machines that you want to back up.
- Ensure the user installing and configuring the MARS agent has local administrator privileges on the server to be protected.
- Ensure your server is running on TLS 1.2.
- To prevent errors during vault registration, ensure that the latest MARS agent version is used. If not, we recommend you to download it from here or from the Azure portal as mentioned in this section.
Create a Recovery Services vault
A Recovery Services vault is a management entity that stores recovery points that are created over time, and it provides an interface to perform backup-related operations. These operations include taking on-demand backups, performing restores, and creating backup policies.
To create a Recovery Services vault:
Sign in to the Azure portal.
Search for Backup center, and then go to the Backup center dashboard.
On the Overview pane, select Vault.
Select Recovery Services vault > Continue.
(Video) Azure Backup 02, Azure Backup MARS AgentOn the Recovery Services vault pane, enter the following values:
Subscription: Select the subscription to use. If you're a member of only one subscription, you'll see that name. If you're not sure which subscription to use, use the default subscription. There are multiple choices only if your work or school account is associated with more than one Azure subscription.
Resource group: Use an existing resource group or create a new one. To view a list of available resource groups in your subscription, select Use existing, and then select a resource in the dropdown list. To create a new resource group, select Create new, and then enter the name. For more information about resource groups, see Azure Resource Manager overview.
Vault name: Enter a friendly name to identify the vault. The name must be unique to the Azure subscription. Specify a name that has at least 2 but not more than 50 characters. The name must start with a letter and consist only of letters, numbers, and hyphens.
Region: Select the geographic region for the vault. For you to create a vault to help protect any data source, the vault must be in the same region as the data source.
Important
If you're not sure of the location of your data source, close the window. Go to the list of your resources in the portal. If you have data sources in multiple regions, create a Recovery Services vault for each region. Create the vault in the first location before you create a vault in another location. There's no need to specify storage accounts to store the backup data. The Recovery Services vault and Azure Backup handle that automatically.
After providing the values, select Review + create.
To finish creating the Recovery Services vault, select Create.
It can take a while to create the Recovery Services vault. Monitor the status notifications in the Notifications area at the upper right. After the vault is created, it appears in the list of Recovery Services vaults. If the vault doesn't appear, select Refresh.
Modify storage replication
By default, vaults use geo-redundant storage (GRS).
- If the vault is your primary backup mechanism, we recommend that you use GRS.
- You can use locally redundant storage (LRS) to reduce Azure storage costs.
To modify the storage replication type:
In the new vault, select Properties under the Settings section.
(Video) Azure Backup On Premise Server Backing up with the MARS AgentOn the Properties page, under Backup Configuration, select Update.
Select the storage replication type, and select Save.
Note
You can't modify the storage replication type after the vault is set up and contains backup items. If you want to do this, you need to re-create the vault.
Verify internet access
The MARS agent requires access to Azure Active Directory, Azure Storage, and Azure Backup service endpoints. To obtain the public IP ranges, see the JSON file. Allow access to the IPs corresponding to Azure Backup (AzureBackup
), Azure Storage (Storage
), and Azure Active Directory (AzureActiveDirectory
). Also, depending on your Windows version, network connectivity checks of the operating system will need access to www.msftconnecttest.com
, or www.msftncsi.com
.
If your machine has limited internet access, ensure that firewall, proxy, and network settings allow access to the following FQDNs and public IP addresses.
URL and IP access
FQDNs
*.microsoft.com
*.windowsazure.com
*.microsoftonline.com
*.windows.net
*.blob.core.windows.net
*.queue.core.windows.net
*.blob.storage.azure.net
If you are a US Government customer, ensure that you have access to the following URLs:
www.msftncsi.com
*.microsoft.com
*.windowsazure.us
*.microsoftonline.us
*.windows.net
*.usgovcloudapi.net
*.blob.core.windows.net
*.queue.core.windows.net
*.blob.storage.azure.net
Access to all of the URLs and IP addresses listed above uses the HTTPS protocol on port 443.
When backing up files and folders from Azure VMs using the MARS Agent, you also need to configure the Azure virtual network to allow access. If you use Network Security Groups (NSG), use the AzureBackup service tag to allow outbound access to Azure Backup. In addition to the Azure Backup tag, you also need to allow connectivity for authentication and data transfer by creating similar NSG rules for Azure AD (AzureActiveDirectory) and Azure Storage (Storage).
To create a rule for the Azure Backup tag, follow these steps:
- In All Services, go to Network security groups and select the network security group.
- Select Outbound security rules under Settings.
- Select Add.
- Provide all required details for creating a new rule as described in security rule settings.
Ensure the options are set as below:- Destination is set to Service Tag.
- Destination service tag is set to AzureBackup.
- Select Add to save the newly created outbound security rule.
You can similarly create NSG outbound security rules for Azure Storage and Azure AD. To learn more about service tags, see Virtual network service tags.
Azure ExpressRoute support
You can back up your data through Azure ExpressRoute by using public peering (available for old circuits). We don’t support Microsoft peering Backup over private peering.
To use public peering, ensure that the following domains and addresses have HTTPS access on port 443 to:
*.microsoft.com
*.windowsazure.com
*.microsoftonline.com
*.windows.net
*.blob.core.windows.net
*.queue.core.windows.net
*.blob.storage.azure.net
To use Microsoft peering, select the following services, regions, and relevant community values:
- Azure Active Directory (12076:5060)
- Azure region, according to the location of your Recovery Services vault
- Azure Storage, according to the location of your Recovery Services vault
Learn more about ExpressRoute routing requirements.
Note
Public peering is deprecated for new circuits.
Private Endpoint support
You can now use Private Endpoints to back up your data securely from servers to your Recovery Services vault. As Azure AD can’t be accessed via private endpoints, you need to allow IPs and FQDNs required for Azure AD for outbound access separately.
When you use the MARS agent to back up your on-premises resources, ensure that your on-premises network (containing your resources to be backed up) is peered with the Azure VNet that contains a private endpoint for the vault. You can then continue to install the MARS agent and configure backup. However, you must ensure all communication for backup happens through the peered network only.
If you remove private endpoints for the vault after a MARS agent has been registered to it, you'll need to re-register the container with the vault. You don't need to stop protection for them. For more information, see Private endpoints for Azure Backup.
Throttling support
Feature | Details |
---|---|
Bandwidth control | Supported. In the MARS agent, use Change Properties to adjust bandwidth. |
Network throttling | Not available for backed-up machines that run Windows Server 2008 R2, Windows Server 2008 SP2, or Windows 7. |
Download the MARS agent
Download the MARS agent so that you can install it on the machines that you want to back up.
If you've already installed the agent on any machines, ensure you're running the latest agent version. Find the latest version in the portal, or download from here.
In the vault, under Getting Started, select Backup.
Under Where is your workload running?, select On-premises. Select this option even if you want to install the MARS agent on an Azure VM.
Under What do you want to back up?, select Files and folders. You can also select System State. Many other options are available, but these options are supported only if you're running a secondary backup server. Select Prepare Infrastructure.
For Prepare infrastructure, under Install Recovery Services agent, download the MARS agent.
In the download menu, select Save. By default, the MARSagentinstaller.exe file is saved to your Downloads folder.
(Video) How To Backup File/Folder in Azure I MARS Agent I Microsoft Azure BackupSelect Already download or using the latest Recovery Services Agent, and then download the vault credentials.
Select Save. The file is downloaded to your Downloads folder. You can't open the vault credentials file.
Install and register the agent
Run the MARSagentinstaller.exe file on the machines that you want to back up.
In the MARS Agent Setup Wizard, select Installation Settings. There, choose where to install the agent, and choose a location for the cache. Then select Next.
- Azure Backup uses the cache to store data snapshots before sending them to Azure.
- The cache location should have free space equal to at least 5 percent of the size of the data you'll back up.
For Proxy Configuration, specify how the agent that runs on the Windows machine will connect to the internet. Then select Next.
- If you use a custom proxy, specify any necessary proxy settings and credentials.
- Remember that the agent needs access to specific URLs.
For Installation, review the prerequisites, and select Install.
After the agent is installed, select Proceed to Registration.
In Register Server Wizard > Vault Identification, browse to and select the credentials file that you downloaded. Then select Next.
On the Encryption Setting page, specify a passphrase that will be used to encrypt and decrypt backups for the machine. Learn more about the allowed passphrase characters.
- Save the passphrase in a secure location. You need it to restore a backup.
- If you lose or forget the passphrase, Microsoft can't help you recover the backup data.
Select Finish. The agent is now installed, and your machine is registered to the vault. You're ready to configure and schedule your backup.
If you are running into issues during vault registration, see the troubleshooting guide.
Note
We strongly recommend you save your passphrase in an alternate secure location, such as the Azure key vault. Microsoft can't recover the data without the passphrase. Learn how to store a secret in a key vault.
(Video) Backup On-Prem Workloads to Azure using Azure Backup Server and MABS Agent (DEMO)
Next steps
Learn how to Back up Windows machines by using the Azure Backup MARS agent
FAQs
What is Azure Backup Mars agent? ›
Azure Backup uses the MARS agent to back up data from on-premises machines and Azure VMs to a backup Recovery Services vault in Azure. The MARS agent can: Run on on-premises Windows machines so that they can back up directly to a backup Recovery Services vault in Azure.
Which Azure storage option is better for Azure backup and restore disaster recovery? ›Geo-redundant storage (GRS) is the default and recommended replication option. GRS replicates your data to a secondary region (hundreds of miles away from the primary location of the source data). GRS costs more than LRS, but GRS provides a higher level of durability for your data, even if there's a regional outage.
Which Azure storage option is better for storing data for backup and restore disaster recovery and searching? ›Blob Storage provides backup and disaster recovery capabilities. For more information, see Backup and disaster recovery for Azure IaaS disks. You can also use Blob Storage to back up other resources, like on-premises or IaaS virtual machine-hosted SQL Server data.
How do I manually install Microsoft monitoring agent? ›- Run Setup to install the agent.
- On the Welcome page, select Next.
- On the License Terms page, read the license and then select I Agree.
- On the begin Upgrade page, select Upgrade.
- On the Completion page, select Finish.
- Once the agent installation completed, go to the Control Panel.
- Open the Backup Exec console - go to the Backup and Restore tab.
- Select Add (from the ribbon menu) - select Microsoft Windows computer - click Next.
- Select 'Allow Backup Exec to establish a trust with the servers. ...
- Browse / Add a server name(s) - then click Next.
A centralized backup service and solution to help protect against ransomware. Azure Backup is a cost-effective, secure, one-click backup solution that's scalable based on your backup storage needs.
How do I restore from Mars backup? ›Select Recover Data to start the wizard. On the Getting Started page, to restore the data to the same server or computer, select This server ( <server name> ) > Next. On the Select Recovery Mode page, choose Individual files and folders > Next. The option to restore individual files and folders requires .
How does Azure backup work? ›The backup is optimized by backing up each VM disk in parallel. For each disk that's being backed up, Azure Backup reads the blocks on the disk and identifies and transfers only the data blocks that changed (the delta) since the previous backup. Snapshot data might not be immediately copied to the vault.
What is the difference between Azure Site recovery and Azure backup? ›So, while Azure Backup ensures you have your data available no matter what, Azure Site Recovery gives you the environment to work with that data. So, how does it work? Using Site Recovery, you establish and manage replication, failover and fail back from your Azure portal.
What is the difference between disaster recovery and backup Azure? ›Azure Backup allows for granular backups and restores specific data. Azure Site Recovery allows for the protection of an entire production site with automation and orchestration to make the failover and failback processes seamless.
What is the difference between Azure backup and Azure recovery Vault? ›
The key difference compared to the Recovery Services Vault is that no data is transferred to a “vault” storage for long term retention, but instead you are provided with an operational backup facility. You are charged only for the cost of the delta changes in the snapshot storage, so no backup service fee is charged.
What are the 3 types of data that can be stored in Azure? ›Microsoft Azure and most other cloud providers offer several different types of storage, each with its own unique pricing structure and preferred use. Azure storage types include objects, managed files and managed disks.
What are the four types of storage that Azure storage can handle? ›- File.
- Blob.
- Queue.
- Table.
These include Azure Virtual Machines, SQL and SAP databases, on-premises Windows servers, and VMware machines. Help safeguard your backup environment with built-in security for hybrid and cloud and compliance with wide-ranging security and privacy regulations.
How do I manually install an agent? ›- Click Settings > All Settings.
- Under Node & Group Management, click Manage Agents > Add Agent.
- Click Connect to a previously installed agent > click Next.
- Enter the name, IP address, and port number for the agent and click Server-initiated communication.
Manual installation
To manually install the Windows VM Agent, download the VM Agent installer and select the latest release. You can also search a specific version in the GitHub Windows IaaS VM Agent releases.
- Visits Apps from your “Settings” menu.
- Select Apps & Features.
- Choose Optional features.
- Next, click on Add a feature.
- Type or scroll down to find “RSAT”
- Choose Install to add the tools to your device.
Open "Server Manager," then click on "Tools," and select "Windows Server Backup." In Windows Server 2008 and Windows Server 2008 R2, open "Start," select "Administrative Tools," and click on "Windows Server Backup."
How to install Backup Exec remote agent? ›- Open the Backup Exec console on the media server.
- Click on the round Backup Exec button which is located to the left of the Home tab.
- Go to Installation and Licensing - select Install Agents and Backup Exec Servers on Other Servers.
- On the Remote Computers section - select Add.
Select Start > Settings > Update & Security > Backup > Add a drive , and then choose an external drive or network location for your backups.
How do I access my Azure backup? ›
Sign in to the Azure portal. Open the vault dashboard. On the Backup Items tile, select Azure Virtual Machine. On the Backup Items pane, you can view the list of protected VMs and last backup status with latest restore points time.
Does Azure backup backup all disks? ›Azure Backup supports backing up all the disks (operating system and data) in a VM together using the virtual machine backup solution.
How do I start Azure backup? ›Sign in to the Azure portal. Select All services and in the Filter, type Virtual machines, and then select Virtual machines. From the list of VMs, select the VM you want to back up. On the VM menu, select Backup.
How do I Recover Data from Microsoft Azure Backup? ›Sign in to the Azure portal and in the left pane, select Virtual machines. From the list of virtual machines, select the virtual machine to open that virtual machine's dashboard. In the virtual machine's menu, select Backup to open the Backup dashboard. In the Backup dashboard menu, select File Recovery.
How do I restore Microsoft Azure Backup? ›- Navigate to Backup center in the Azure portal and click Restore from the Overview tab.
- Select Azure Virtual machines as the Datasource type, and then select a Backup instance.
- Select a VM and click Continue.
- In the next screen that appears, select a restore point to use for the recovery.
...
Switch between backup accounts
- Open your phone's Settings app.
- Tap System. Backup. ...
- Tap Backup account.
- Tap the account that you want to use for backups.
- In your Recovery Services vault, choose Backup items.
- Select "SQL in Azure VM".
- Right-click on a database, and choose "Backup now".
- Choose the Backup Type (Full/Differential/Log/Copy Only Full) and Compression (Enable/Disable). ...
- Select OK to begin the backup.
Store backups in locally redundant storage (LRS), geo-redundant storage (GRS), and zone-redundant storage (ZRS).
How long does Azure backup take? ›At peak times, it can take up to eight hours for the snapshots to be transferred to the vault. The backup time for a VM will be less than 24 hours for the daily backup. Although the total backup time for incremental backups is less than 24 hours, that might not be the case for the first backup.
Why do I need Azure Site recovery? ›Help your business to keep doing business—even during major IT outages. Azure Site Recovery offers ease of deployment, cost effectiveness, and dependability. Deploy replication, failover, and recovery processes through Site Recovery to help keep your applications running during planned and unplanned outages.
Is Azure Site recovery a backup? ›
Azure offers an end-to-end backup and disaster recovery solution that is simple, secure, scalable and cost-effective—and can be integrated with on-premises data protection solutions.
What is the disadvantage of Azure backup? ›The biggest disadvantage to using Azure Backup, though, is that it is disjointed. While the name might lead to the assumption it is solely a cloud-based backup product, it is actually a collection of several different backup components.
What is the difference between backup and recovery and disaster recovery? ›Data backup is the process of replicating files to be stored at a designated location. Disaster recovery is a system that helps restore those files following a catastrophe.
What are the three types of disaster recovery sites? ›Types of Disaster Recovery Sites
There are three types of backup sites: cold sites, warm sites, and hot sites.
There are mainly three types of backup: full, differential, and incremental. Let's dive in to know more about the types of backup, the difference between them and which one would be the best fit for your business.
How many types of databases are in Azure? ›Azure offers a choice of fully managed relational, NoSQL, and in-memory databases, spanning proprietary and open-source engines, to fit the needs of modern app developers.
Where do you store data in Azure? ›Everything stored in Azure Storage exists in triplicate in specified data centers located around the world – the copies negate the risks of hardware failures. Azure Storage also offers customers the option of backups in data centers in additional geographical regions.
How many types of storage are there in Microsoft Azure? ›In Microsoft Azure, you can choose two Storage Account types. They are General-Purpose Account and Blob Storage account.
What are the 5 types of storage in Azure? ›Azure Storage offers five core services: Blobs, Files, Queues, Tables, and Disks. Let's explore each and establish some common use cases.
What are the 3 main types of storage currently? ›There are three main categories of storage devices: optical, magnetic and semiconductor. The earliest of these was the magnetic device. Computer systems began with magnetic storage in the form of tapes (yes, just like a cassette or video tape). These graduated to the hard disk drive and then to a floppy disk.
What are the 3 different types of storage? ›
solid state storage devices, such as USB memory sticks. optical storage devices, such as CD, DVD and Blu-ray discs. magnetic storage devices, such as hard disk drives.
How to install Azure Backup Agent? ›- In the vault, under Getting Started, select Backup.
- Under Where is your workload running?, select On-premises. ...
- Under What do you want to back up?, select Files and folders. ...
- For Prepare infrastructure, under Install Recovery Services agent, download the MARS agent.
- Sign in to Azure. Sign in to the Azure portal.
- Create a Recovery Services vault. ...
- Download Recovery Services agent. ...
- Install and register the agent. ...
- Configure backup and retention. ...
- Run an on-demand backup. ...
- Next steps.
- Sign in to the Azure portal.
- In the search box, type recovery. ...
- In Recovery Services vaults, select Add.
- In Create Recovery Services vault > Basics, select the subscription in which to create the vault.
- Prerequisites. ...
- Generate an installation script. ...
- Install the agent by using the script. ...
- Verify the connection with Azure Arc. ...
- Connect hybrid machines to Azure by using PowerShell. ...
- Connect hybrid machines to Azure from Windows Admin Center. ...
- Next steps.
- Download the WIndowsAzureVmAgent msi file. For my Windows 2019 Server I am selecting the amd64 version.
- Run the msi file 'as Administrator'. ...
- Click Next, accept the agreement and Finish.
Manual installation
To manually install the Windows VM Agent, download the VM Agent installer and select the latest release. You can also search a specific version in the GitHub Windows IaaS VM Agent releases. The VM Agent is supported on Windows Server 2008 (64 bit) and later.
The Azure Virtual Desktop agent is initially installed in one of two ways. If you provision virtual machines (VMs) in the Azure portal and Azure Marketplace, the agent and agent bootloader are automatically installed. If you provision VMs using PowerShell, you must manually download the agent and agent bootloader .
How do I install an agent on my machine? ›Installation for New Machine Agent
From AppDynamics Downloads, download the Machine Agent installation package for your OS environment onto the machine you want to monitor. If there is no download bundle for your OS, use the Machine Agent zip file without the JRE, and use a separately downloaded JRE to run it.
- Select Project settings > Service connections.
- Select + New service connection, select the type of service connection that you need, and then select Next.
- Choose an authentication method, and then select Next.
How do I install an Azure VM extension? ›
You can apply VM extensions to an existing VM through the Azure portal. Select the VM in the portal, select Extensions, and then select Add. Choose the extension that you want from the list of available extensions, and follow the instructions in the wizard.
How do I connect my Azure virtual machine to Windows? ›- Go to the Azure portal to connect to a VM. ...
- Select the virtual machine from the list.
- At the beginning of the virtual machine page, select Connect.
- On the Connect to virtual machine page, select RDP, and then select the appropriate IP address and Port number.
- Sign in to the Azure portal.
- In the search box, type DevOps Starter, and then select. Click on Add to create a new one.
- Select . ...
- Under Choose an application Framework, select ASP.NET, and then select Next. ...
- Select the virtual machine, and then select Next.
- Click the Admin tab.
- In the Global Settings section, click Scope of Management.
- Click Download Agent.
- Click on the name of the remote office in which you want to install an agent. ...
- Install the agent in a computer in the remote office, manually.
- Go to the Azure portal to create a MySQL Single Server database. ...
- Select Add.
- On the Select Azure Database for MySQL deployment option page, select Single server:
- Enter the basic settings for a new single server: ...
- Select Review + create to provision the server.
- Step 1: Set up Azure.
- Step 2: Create a Service Broker Database.
- Step 3: Install and Configure Microsoft Azure Service Broker. Azure Config. Broker Config. SQL Database Config. Default Parameters Config.
- Step 4: Confirm Installation.
- Step 5: Confirm Service and Plan Access.
- Go to Networking in the App Service portal. Under Outbound Traffic, select VNet integration.
- Select Add VNet.
- The dropdown list contains all the virtual networks in your subscription in the same region. Select an empty pre-existing subnet or create a new subnet.