Azure Backup has recently introduced the Enhanced policy, which is crucial for supporting the latest Azure offerings. One noteworthy example is Trusted Launch VM, which is only compatible with the Enhanced policy. It’s important to note that the default policy cannot provide adequate protection for new Azure services such as Ultra SSD, Premium SSD v2, Trusted Launch VM, Shared disk, and Confidential Azure VMs. However, the Enhanced policy can now safeguard both Ultra SSD (preview) and Premium SSD v2 (preview). To enable these features, you must fill out the forms for Ultra SSD protection and Premium SSD v2 protection to register your subscription. By doing so, you’ll be taking a proactive step towards enhancing your Azure Backup policy to keep up with the newest offerings and ensure your data is secure.
The enhanced policy provides the following features:
- You can rely on the Instant Restore tier to offer zonal redundancy with the help of Zone-Redundant Storage (ZRS) resiliency.
- Allows for multiple backups per day for all supported resources.
As I write this blog, it’s important to note that the enhanced policy has certain limitations as below:
- The Enhanced approach is supported in all Azure Public and US Government regions.
- To configure Enhanced policy settings, use the Recovery Services vault and VM Management blade. Backup center configuration is not yet supported.
- For hourly backups, the last backup of the day is transferred to the vault. If the backup fails, the first backup of the next day will be saved.
- Please note that the Enhanced policy is only available for new, unprotected VMs. Azure VMs with existing protection policies cannot be moved to the Enhanced policy.
- It is impossible to back up an Azure VM with disks that have public network access disabled.
- The default policy does not protect newer Azure services, including Trusted Launch VM, Ultra SSD, Shared Disk, and Confidential Azure VMs.re VMs.
Let’s explore the process of creating an enhanced policy through the Azure portal.
- Select a Recovery Services vault in the Azure portal and set backup policies.
- Select + Add and choose Azure virtual machine and enhanced policy. By default, the policy type is set to Standard.
- Provide the policy name, backup schedule, instant restore, and retention range.
- Select Create.
When using the Enhanced Policy, the first snapshot is taken as a “Full” backup, while subsequent snapshots are taken as “Incremental” backups. It’s important to note that once the Enhanced Policy is configured, it cannot be changed to the Standard Policy.
Santhosh has over 15 years of experience in the IT organization. Working as a Cloud Infrastructure Architect and has a wide range of expertise in Microsoft technologies, with a specialization in public & private cloud services for enterprise customers. My varied background includes work in cloud computing, virtualization, storage, networks, automation and DevOps.
