0% found this document useful (0 votes)

112 views

Deployment of Backup

Uploaded by

MCTCOLTD

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

112 views

Deployment of Backup

Uploaded by

MCTCOLTD

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 27

Technical Deployment

and Configuration Guide

For Veeam Backup for Microsoft Office 365 v2.0

Michele Domanico
Systems Engineer UK&I

Veeam Software

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners.
Technical Deployment and Configuration Guide

Contents
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Veeam Backup for Microsoft Office 365 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Veeam Backup for Microsoft Office 365 architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Veeam Backup for Microsoft Office 365 deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Veeam Backup for Microsoft Office 365 server planning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Veeam Backup for Microsoft Office 365 configuration maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Veeam Backup for Microsoft Office 365 backup storage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Microsoft Exchange. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

General recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Microsoft Office 365 throttling policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Veeam Backup for Microsoft Office 365 proxy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Veeam Backup for Microsoft Office 365 repository . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Veeam Backup for Microsoft Office 365 repository data retention. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Veeam Backup for Microsoft Office 365 server protection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Backup jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Restore jobs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Veeam Backup for Microsoft Office 365 for service providers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

About Veeam Software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 1
Technical Deployment and Configuration Guide

Introduction
Microsoft Office 365 is the largest solution for digital collaboration today. Office 365 customers can choose to connect to their
on-premises workloads and benefit from a seamless user experience — even when moving between different environments —
creating a hybrid platform. Office 365 has a high adoption rate by businesses of all sizes.

While Office 365 offers an undisputed flexibility with the integration of several solutions, it deeply focuses on the infrastructure
management rather than data management. The responsibility for data management and its Availability still belongs to the
respective owners leveraging the Office 365 services.

In fact, Office 365 data center uptime refers to the infrastructure rather than data hosted in the data centers. Infrastructure
uptime does not include cases where the data center itself can provide an effective way to recover from:
• Accidental deletions
• Data loss / corruption
• Rogue apps / insider threats
• Outages

This white paper covers the implementation of Veeam® Backup for Microsoft Office 365’s solution and its architecture.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 2
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365

Veeam Backup for Microsoft Office 365 is a scalable solution which offers protection and availability for Office 365 data. The
solution covers online, on-premises and hybrid deployments. A single installation of Veeam Backup for Microsoft Office 365
provides simple and advanced deployments as referred later in this guide.

The main component for simple deployments is the Veeam Backup for Microsoft Office 365 server. Advanced deployments
differ from simple deployment by installing additional services called Veeam Backup for Microsoft Office 365 proxy and Veeam
Backup for Microsoft Office 365 repository. A Veeam Backup for Microsoft Office 365 server manages multiple Veeam Backup for
Microsoft Office 365 proxies and Repositories for larger environments. All Office 365 data is stored into the Veeam Backup for
Microsoft Office 365 repositories. Veeam Backup for Microsoft Office 365 server installations can scale out to multiple repositories
according to needs. The Veeam Backup for Microsoft Office 365 architecture section covers the main Veeam Backup for Microsoft
Office 365 components in more details.

Prerequisites
There are several prerequisites before proceeding with the installation. It is advised to review the following items to ensure a
successful Veeam Backup for Microsoft Office 365 implementation.

DNS name resolution

Domain name system (DNS) resolution is an essential service the Veeam Backup for Microsoft Office 365 components will use
when communicating with each other. With advanced deployments where the Veeam Backup for Microsoft Office 365 server
communicates with the Veeam Backup for Microsoft Office 365 proxies, it is important both forward and reverse name resolution
is working as expected. For this reason, the recommendation is to:
• Provide a static IP Address to Veeam Backup for Microsoft Office 365 server
• Provide a static IP Address to Veeam Backup for Microsoft Office 365 proxy
• Create (A) and (PTR) records in DNS
• Check IPv4 is preferred over IPv6
• Verify the FQDN name resolution both sides (forward/reverse) using nslookup or equivalent (the query should return the
IPv4 address first)

Additional proxy deployment

With additional Veeam Backup for Microsoft Office 365 proxies, it is recommended to use the same operating system version
as the Veeam Backup for Microsoft Office 365 server installation. The Veeam Backup for Microsoft Office 365 proxies cannot be
installed on earlier versions. Most important, both Veeam Backup for Microsoft Office 365 server and Veeam Backup for Microsoft
Office 365 proxies need to be part of the same (or trusted) domain.

Anti-virus and HIPS

If an anti-virus or host intrusion prevention system (HIPS) is installed on the Veeam Backup for Microsoft Office 365 server and
proxy, it is recommended to exclude the following locations as in the current table:

Path Veeam Backup for Microsoft Office 365 Veeam Backup for Microsoft Office 365
server proxy
%ProgramFiles%/Veeam/Backup365

%ProgramData%/Veeam/Backup365

%WinDir%/Veeam/Backup365

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 3
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 architecture

Veeam Backup for Microsoft Office 365 architecture consists of four main components:

1. Veeam Backup for Microsoft Office 365 server

The Veeam Backup for Microsoft Office 365 server can be installed on a physical or virtual server. Supported operating
systems are Windows 7, Windows 10, Windows 2008 R2 and later. Only 64 bit versions are supported. The Veeam Backup
for Microsoft Office 365 server is the main component and responsible for the creation of the jobs, the various configurations
and notifications. One Veeam Backup for Microsoft Office 365 server can protect multiple Office 365 organizations including
combinations of on-premises, online and hybrid instances within a single installation.

With advanced deployments, the Veeam Backup for Microsoft Office 365 server can communicate with multiple Veeam Backup
for Microsoft Office 365 proxies and repositories to address scalability requirements.

The Veeam Backup for Microsoft Office 365 server includes the following main components:
• Shell UI: Responsible for providing graphical access to all Veeam Backup for Microsoft Office 365 functionalities.
• Rest API: Provides access to RESTful API allowing integration with third-party applications.
• PowerShell: Enables the orchestration and automation of Veeam Backup for Microsoft Office 365 server deployments and
pertinent backup and restore jobs.

2. Veeam Backup for Microsoft Office 365 proxy

While the Veeam Backup for Microsoft Office 365 server handles the configuration and management functions, the Veeam
Backup for Microsoft Office 365 proxy is responsible to execute both backup and restore jobs. The role of the Veeam Backup
for Microsoft Office 365 proxy is already built in the Veeam Backup for Microsoft Office 365 server (Veeam.Archiver.Service). For
large deployments, Veeam Backup for Microsoft Office 365 server delegates backup and restore operations to additional Veeam
Backup for Microsoft Office 365 proxies (Veeam.Archiver.Proxy). Data is retrieved from the Office 365 organization and on-
premises instances and saved into the Veeam Backup for Microsoft Office 365 repository. When performing restores, the Veeam
Backup for Microsoft Office 365 proxy reads data from the Veeam Backup for Microsoft Office 365 repository and writes directly
to the pertinent instance — either online or on premises. It also applies to scenarios where tenants’ organizations are part of a
hybrid deployment or simply are standalone instances.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 4
Technical Deployment and Configuration Guide

3. Veeam Backup for Microsoft Office 365 repository

The Veeam Backup for Microsoft Office 365 repository is the location where the Office 365 data is stored. The Veeam Backup for
Microsoft Office 365 repository uses a database format and it is directly mounted to the Veeam Backup for Microsoft Office 365
proxy. Veeam Backup for Microsoft Office 365 repositories are supported on the following storage types:
• DAS: Includes Directly Attached Storage, USB/eSATA and Raw Device Mapping (RDM).
• SAN: The Veeam Backup for Microsoft Office 365 proxy and backup server can be connected to the SAN fabric via hardware,
virtual HBA or software iSCSI initiator. This provides direct access to the Veeam Backup for Microsoft Office 365 repository. For
simple deployments the SAN is presented to the Veeam Backup for Microsoft Office 365 server. With advanced deployments,
SAN Storage is presented to the Veeam Backup for Microsoft Office 365 proxy directly. The latter proving useful when
delegating the execution of jobs to Veeam Backup for Microsoft Office 365 proxies for larger environments.
• SMB (3.0) — Experimental: Since the Veeam Backup for Microsoft Office 365 server and the Veeam Backup for Microsoft Office
365 proxy run under Local System account, the Veeam Backup for Microsoft Office 365 server’s computer account must have
the corresponding permissions on the network share. Windows 7 SP1 and Windows 2008 R2 SP1 do not support SMB (3.0)
Shares.

4. Veeam Explorers:

The Veeam Explorers™ for Microsoft Exchange, Microsoft SharePoint and OneDrive for Business assist the Veeam Backup for
Microsoft Office 365 architecture with the following tasks and use cases:

In place and out of place restores:

By default, they provide the capability to recovery data to the original location. This is known as an in-place restore. Where
required, the ability to perform restores to a different location is also supported. In this case, it performs an out of place restore.
Veeam Explorers recover data between online, on-premises and hybrid Office 365 deployments. It does not require a staging
server during restores as data is read directly from the backup in the Veeam Backup for Microsoft Office 365 repository. With the
same mechanism, the Veeam Explorers also support exporting of several items in different formats, such as:
• Attachments and Microsoft Outlook *.pst and *.msg files
• SharePoint sites to the original location with permissions and versions
• OneDrive files and folders to same and new locations as individual files or zip compressed

To export Microsoft Exchange content into these additional formats, the server where the Veeam Explorer component is
installed requires a local installation of Microsoft Outlook x64 edition. With simple deployments, the Veeam Explorers are
installed by default on the Veeam Backup for Microsoft Office 365 server. For large or advanced deployments, it is possible to
install additional roles on other servers. This provides the ability to choose the closest and the best resource to reduce your
recovery time objective (RTO).

Other use cases include browse, search and export content.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 5
Technical Deployment and Configuration Guide

Browse content

Once Office 365 organization data (both online and on premises) is stored in a Veeam Backup for Microsoft Office 365 repository,
the Veeam Explorer component directly reads these backup files to present the entire content in a hierarchical format which
shows:
• Exchange backup
• Exchange organization names
• Mail datastores
• Mailboxes (applies to shared, public and resources mailboxes, includes Legal Hold)
• Folders (includes hidden, deleted and In-Place Hold)
• Items (all mail item types — includes deletions and In-Place Holds)
• SharePoint Backup
• SharePoint organization names
• SharePoint site collections (includes Sites and Sub-Sites structure)
• SharePoint personal site collections (includes Sites and Sub-Sites structure)
• OneDrive for Business Backup
• OneDrive for Business organization names
• OneDrive for Business users with folder structure

For each object, the built-in browsers offer a context sensitive option as to send, restore and export.

Search for content

The Veeam Explorers components include an Advanced Find capability to perform sophisticated eDiscovery searches, using
different criteria based on address, date/time, mail, post, appointment, task, journal and notes for Exchange. Calendar, contact,
document, message and task fields apply to both Microsoft SharePoint and OneDrive for Business.

All the searches are always performed against the data in the Veeam Backup for Microsoft Office 365 repository. For this reason,
placing this component close to the Veeam Backup for Microsoft Office 365 repository ensures the quickest searches even
against large sets of data. This is the recommended option when searching the content against multiple mailboxes, SharePoint
and OneDrive datastores even across multiple organizations.

Export content

Veeam Explorers can select content to export by running searches based on custom criteria and estimate the size of the content.
This option is useful especially during migration scenarios as it allows users to:
• Select the content based on criteria that should be exported into the new location either on premises or online
• Help with staged exports from an on-premises deployment to Office 365
• Export data within Office 365 and hybrid deployments

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 6
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 deployment

Veeam Backup for Microsoft Office 365 is a scalable solution consisting of different components allowing to adapt to different
scenarios including future growth from the same deployment. Veeam Backup for Microsoft Office 365 does not require installing
agents to retrieve or restore data. Both Veeam Backup for Microsoft Office 365 backups and restore operations use Microsoft
Exchange Web Services (EWS) together with various Microsoft APIs and PowerShell command to directly connect to Office
365 hybrid deployments. For this reason, the Veeam Backup for Microsoft Office 365 server or one of its backup proxies requires
direct access to the internet or at least to Office 365 servers. All backup and restore operations are performed by the Veeam
Backup for Microsoft Office 365 proxy. The Veeam Backup for Microsoft Office 365 server and proxy also support connections
through an internet web proxy. Veeam Support can provide instructions to add a web proxy. In the case of on-premises
deployments, the connectivity to the internet for Veeam Backup for Microsoft Office 365 server and proxy is required when
operating with a hybrid Exchange deployment or when the Exchange / SharePoint servers use a third-party trusted certificate
authority (CA). Veeam Backup for Microsoft Office 365 supports two types of deployments referred to as simple and advanced
deployments.

Simple deployments

Simple deployment includes the installation of all components onto a single server. This machine can be either virtual or physical.
Specs should follow the configuration maximums. In this scenario, all the major components (Veeam Backup for Microsoft Office
365 server, proxy and repository) are installed on the same machine. A simple deployment scales out by adding multiple Veeam
Backup for Microsoft Office 365 repositories operated by the same Veeam Backup for Microsoft Office 365 server.

Advanced deployments

Advanced deployment gives the option to scale-out the installation by adding Veeam Backup for Microsoft Office 365 proxy
and repository components to meet the business requirements. The process of adding these components is operated by the
Veeam Backup for Microsoft Office 365 server. When scaling out to an advanced deployment, the Veeam Backup for Microsoft
Office 365 server installs the necessary components onto the required servers. It works by deploying the main “Veeam.Archiver.
Proxy” service along with a copy of the infrastructure configuration. The newly added Veeam Backup for Microsoft Office 365
proxy benefits from the view of the entire infrastructure and provides the option to configure the backup jobs using additional
Veeam Backup for Microsoft Office 365 repository targets. The entire process is wizard driven. Full automation is also possible by
leveraging the native Veeam Backup for Microsoft Office 365 PowerShell commands. Typically, advanced deployments are used
in the following circumstances:
• Reduce and remove the workloads from a Veeam Backup for Microsoft Office 365 server during backup and restore operations
(e.g., very large Office 365 and hybrid deployments). Each Veeam Backup for Microsoft Office 365 architecture component
can be configured to address different requirements. The section about Veeam Backup for Microsoft Office 365 server
planning includes information on the current maximums and how many components to deploy based on requirements.
• Ability to choose specific Veeam Backup for Microsoft Office 365 proxies to run the backup and restore jobs. Each Veeam
Backup for Microsoft Office 365 proxy can be configured with dedicated settings about concurrent number of threads and
amount of bandwidth.
• Ability to choose specific Veeam Backup for Microsoft Office 365 repositories where to store the Office 365 data. Each Veeam
Backup for Microsoft Office 365 repository can then leverage different storage types with separate Retention Policies. Several
Veeam Backup for Microsoft Office 365 repositories can be created to contain data based on business unit, object types and
other criteria pertinent to the business requirements.
• Segmentation and isolation for traffic and data between different tenant organizations operated by the same Veeam Backup
for Microsoft Office 365 server. This is an important feature for service providers. Traffic segmentation occurs at the network
level where the Veeam Backup for Microsoft Office 365 proxy connects to separate VLANs. VLAN configuration occurs on the
network infrastructure. Data segmentation occurs on the Veeam Backup for Microsoft Office 365 repository level by using
dedicated storage locations corresponding to each Tenant.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 7
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 deployments for service providers

Service providers can benefit from Veeam Backup for Microsoft Office 365 advanced deployments and offer Availability for Office
365 Data as a Service. The considerations with regard to the Veeam Backup for Microsoft Office 365 advanced deployment are
still valid. In addition, there are some aspects specific to the service providers scenario as follow:
• When planning a deployment in a service provider infrastructure, the Veeam Backup for Microsoft Office 365 server needs
to be installed on the same server running the Veeam Cloud Connect. This allows the Veeam Backup for Microsoft Office
365 tenants connecting from the internet to authenticate against this server. Upon authentication the tenants will be
automatically authorised to perform Data restores from the pertinent Veeam Backup for Microsoft Office 365 repository.
Veeam Backup for Microsoft Office 365 multi-tenant infrastructure integrates with Veeam Cloud Connect multi-tenant
environment.
• Veeam Backup for Microsoft Office 365 tenants restore requests will use the existing Veeam Cloud Connect Gateways to
reach the Veeam Backup for Microsoft Office 365 server by mean of the Veeam Cloud Connect. No need to install additional
components. All communications and data restore are encrypted with SSL certificate.

Veeam Backup for Microsoft Office 365 deployment recommendations

Depending on Veeam Backup for Microsoft Office 365 role, there are separate default locations where the installer runs the
binaries and configuration files. From a deployment perspective, it is important to have an understanding of these locations.
In particular with advanced deployments where the same components can be shared by multiple tenants. The table below
represent the standard locations where the installation and data files are located. The Installation Folder includes all the binaries
and main configuration files. Whereas the data folder includes infrastructure configuration and other details in a format of
database files. Updates to the Veeam Backup for Microsoft Office 365 infrastructure and job configurations are periodically
pushed from the Veeam Backup for Microsoft Office 365 server and propagated to Veeam Backup for Microsoft Office 365
proxies. The Veeam Backup for Microsoft Office 365 proxies can work autonomously up to 48 hours should the Veeam Backup for
Microsoft Office 365 server be unavailable.

Veeam Backup for Microsoft Office 365 server Proxy server

Installation folder %ProgramFiles%\Veeam\Backup365 %WinDir%\Veeam\Backup365\Proxy
Data folder %ProgramData%\Veeam\Backup365 %ProgramData%\Veeam\Backup365

For all deployment types, the following should be observed:

• Backup jobs will generally consume more resources (RAM memory and disk space). The Veeam Backup for Microsoft Office
365 repository files should be placed on a volume with no deduplication and compression enabled. The Server Planning
section provides a formula to understand storage allocation.
• During restore operations, the backup data is mounted temporarily in read-only mode. No caching occurs on disk.
• Veeam Explorer eDiscovery searches can use large amounts of memory to search across multiple mail stores. A way to
improve this is to disable the PST size estimation.
• By adding Veeam Backup for Microsoft Office 365 proxies, it is possible to delegate backup and restore operations to
dedicated server freeing up resources from the Veeam Backup for Microsoft Office 365 server.
• Both NTFS and ReFS file systems are supported. When using ReFS, the data integrity features should be disabled in particular
for volumes where data folders are located or at least exclude Veeam Backup for Microsoft Office 365 repository files. NTFS is
recommended.
• To enable the export function to a *.pst or *msg file, the Microsoft Outlook client (64 bit only) needs to be installed onto the
same Veeam Backup for Microsoft Office 365 server where the Veeam Explorer is running.
• No memory intensive software should be deployed on any Veeam Backup for Microsoft Office 365 server or proxy as it could
affect the running of the backup processes.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 8
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 server planning

This section covers the Veeam Backup for Microsoft Office 365 server supported maximums with regard to jobs and
backup storage allocation. Numbers might vary depending on allocated resources and workloads. The figures provided
in this section refer to any combination between online and on-premises organizations using Microsoft Exchange,
SharePoint and OneDrive for Business.

One of the important parameters helping with Veeam Backup for Microsoft Office 365 architecture planning is to understand
how many objects the Veeam Backup for Microsoft Office 365 server or proxy need to work during backup operations. There are
four main object types in Veeam Backup for Microsoft Office 365 defined as Mail, Archives, Sites and OneDrive. Knowing the
total number of objects to protect ensures the correct sizing of Veeam Backup for Microsoft Office 365 deployment. Moreover,
it makes the calculation for future growth more predictable. It is important to have an estimate of the total number of objects
to protect rather than users associated to them. Depending on the Microsoft Office 365 subscriptions, some users might have
access to multiple objects or none. From a sizing perspective, the number of users is not indicative of the total amount of data
to protect. The total number of mails, archives, sites and OneDrive objects provides a tangible parameter to understand how
to plan the Veeam Backup for Microsoft Office 365 architecture. The higher number of objects to protects rather than the total
amount of data determines the general performances.

Within Microsoft Exchange mail object, there are also other types that Veeam Backup for Microsoft Office 365 2.0 fully supports:
• Discovery search mailbox
• Shared mailboxes
• Public mailboxes
• Resource mailboxes (room, equipment)

All these objects are classified as mail objects from a Veeam Backup for Microsoft Office 365 perspective.

Another mention goes to OneDrive for Business objects. From a Microsoft Office 365 point of view, OneDrive is a special
SharePoint site collection. Although OneDrive for Business shares the same name with OneDrive for Consumer, OneDrive for
Business is the user storage portion of the SharePoint personal site collection. Generally, all data created by Microsoft Office
365 users can be uploaded and synchronized in this storage portion that SharePoint provides. All the other storage locations
and features for the personal site appear in the regular fashion as standard lists, document libraries, social activities and other
SharePoint forms. From a Veeam Backup for Microsoft Office 365 perspective, Sites and OneDrive are different objects. Sites
and Personal Sites are considered the same object, being personal sites in the same category as sites. Although personal sites
and OneDrive share the same storage location within SharePoint deployments, effectively serve different purposes. From a
Veeam Backup for Microsoft Office 365 planning perspective, this information is important in determining which Veeam Backup
for Microsoft Office 365 repository to use, as not all data grows equally. It’s a good practice for large environments. In addition,
personal sites and OneDrive share some features but not all. Item versioning is available on both. OneDrive requires this feature
to be enabled by the SharePoint administrator. Check-out/in is only for SharePoint list and libraries.

During Veeam Backup for Microsoft Office 365 backup job configurations, it is possible to choose which objects to include.
Since all data doesn’t grow equally, the recommendation is to create separate jobs protecting different resources of the Office
365 organization (e.g., by separating users mailboxes and archives from public and shared mailboxes). Generally, the latter
ones experience a higher growth and change rate when compared to standard mailboxes. The same applies to SharePoint and
OneDrive. For this reason, Veeam Backup for Microsoft Office 365 provides the option to target them to different Veeam Backup
for Microsoft Office 365 repositories also benefitting from a separate retention policy. For optimal operations, the backup and
restore jobs should not exceed the configuration maximums as detailed in the next section.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 9
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365

configuration maximums
Max number of objects per proxy1 2 16,000
Max number of users per job 2
4,000
Max number of users per proxy2 4,000
Max number of proxy per Veeam Backup for Microsoft Office 365 instance 10
Max number of objects per Veeam Backup for Microsoft Office 365 instance 2
160,000
Max number of users per Veeam Backup for Microsoft Office 365 instance 2
40,000
Max size per Veeam Backup for Microsoft Office 365 repository3 64 TB
1
Based on Veeam Backup for Microsoft Office 365 proxy running with 8x CPUs and 32 GB RAM memory
2
Selecting mail, archive, OneDrive and sites (or personal sites) for each user.
3
Veeam Backup for Microsoft Office 365 repository consists of multiple folders named by the number of years for the desired
retention. For every year folder there is a Veeam Backup for Microsoft Office 365 backup file supported up to 64 TB. For
example, three-year retention creates three folders with backup files that can grow up to 64 TB one per folder.

Simple deployments are suitable for smaller environments protecting up to around 16,000 objects. Providing the Veeam Backup
for Microsoft Office 365 server is running with at least 8x CPUs and 32 GB RAM memory. For Office 365 environments where
the number of objects exceeds 16,000 (as a combination of all supported objects), the advanced deployment provides the
scalability requirement. It is important to note the 4,000 objects per Veeam Backup for Microsoft Office 365 proxy is based on
servers running with at least 8x CPUs and 32 GB RAM memory. Likewise, for service providers scenarios, it is recommended to
use the advanced deployment type with additional Veeam Backup for Microsoft Office 365 proxies and repositories.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 10
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 backup storage

Multiple Veeam Backup for Microsoft Office 365 repositories provide the option to increase the available space to store data and
more importantly offer different retention policy configurations. Understanding the backup storage requirements for Office 365
data helps when designing a backup infrastructure that is sustainable in the long term. While there are different methods that
can help address the growth and change rate for Office 365 data, planning for an accurate sizing it is a sophisticated process
given the complexity and the number of variables involved. Next sections suggest formulas to determine the amount of storage
that should be allocated to the Veeam Backup for Microsoft Office 365 repositories for the desired retention period.

Microsoft Exchange
Microsoft Office 365 native tools do not provide detailed information to make detailed calculations. In fact, at the time of
writing, some of PowerShell command-lets and parameters are available for on-premises installation are not available from
the equivalent online instances. For example, this includes the commands to query the throttling policy as covered in the
Microsoft Throttling Policy section. The table below shows the most common Exchange PowerShell commands to retrieve this
information:

PowerShell command Exchange on-premises Exchange Online

Get-Mailbox

Get-MailboxStatistics

On this basis, a suggested formula to help calculating the storage requirements includes the following:

For primary mailboxes:

(Current Primary Mailboxes Total size) + ((Daily ChangeRate x2) * (Days of Retention)) + (10% Working area)

For archive mailboxes:

In case the Veeam Backup for Microsoft Office 365 backup plan should include Exchange archive mailboxes, the total storage
requirements include the following:

(Current Archive Mailboxes Total size) + ((Daily ChangeRate x2) * (Days of Retention)) + (10% working area)

It is worth noting that different Veeam Backup for Microsoft Office 365 repositories could be used to store different backups.
This provides the flexibility of using cheaper storage for long-term backups of archive mailboxes and a more performing one
dedicated to the backup of primary mailboxes. Other mailboxes types (e.g., shared, public, resource) can use the same primary
mailboxes formula with a separate calculation.

Formula explained:

Current mailboxes total size = the sum of all mailboxes storage. In the case of Exchange on-premises, the PowerShell command
“Get-Mailbox” provides this information. The following is a sample command which returns the size of all primary mailboxes:

Get-Mailbox | Get-MailboxStatistics | Select-Object DisplayName, ItemCount, TotalItemSize | Format-Table –autosize

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 11
Technical Deployment and Configuration Guide

In the case of Exchange Online, the admin page on Usage > Mailbox Usage provides this information as per sample:

Daily change rate = it is the value which defines the changes that occur on Exchange mailboxes inclusive of deletion and
retention activities. This value needs to be multiplied by two and by days of retention desired. Typically, a year or longer upon
requirements. The following step helps to determine the daily change rate:

((Ending size in period) - (starting size in period)) / (number of days in period)

In the sample below, and depending on the amount of available details, it is possible to calculate the daily change rate (sample
shows a period of 30 days). The value of the daily rate needs then to be multiplied by two and by days of retention to obtain the
growth information:

Days of Retention = is the period of time for which the content is retained in the Veeam Backup for Microsoft Office 365
repository before getting deleted by Veeam Backup for Microsoft Office 365 repository retention policy.

Working area = is the additional storage space required to allocate transaction logs and checkpoints. It can use up to 10% of the
mailbox total size.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 12
Technical Deployment and Configuration Guide

General recommendations
Each Veeam Backup for Microsoft Office 365 repository can grow up to 64 TB in a single file. When planning the Veeam Backup
for Microsoft Office 365 server deployment, the following should be considered:

Steps Description
Determine the objects to include This can be a combination of:
• Mail
• Archive mail
• OneDrive
• Sites
Verify the number of users Based on this number, it is possible to plan the number of Veeam
Backup for Microsoft Office 365 proxies required to complete the
backup jobs according to the maximum supported per Veeam Backup
for Microsoft Office 365 proxy and instance.
Create a separate job for Exchange resources Resources include:
• Shared mailbox
• Public folder
• Equipment
• Room
Create a separate job for SharePoint sites This can be a combination of both:
• General sites
• Personal sites
Create a separate job for OneDrive resources OneDrive backups will consume more space and time to complete
when compared to Exchange and SharePoint. The advice is to create
separate backup jobs using different Veeam Backup for Microsoft Office
365 repositories, especially with large or heavy OneDrive users.
Determine the folder types part of the backup jobs This is a global setting which allows to include:
• Draft
• Deleted Items
• Junk Email
• Outbox
• Sync Issues
• In-Place/Litigation Hold items
Determine the retention policy associated to Data is stored in databases divided by Years. Longer retention can take
backup jobs more space but will not grow data from previous years. Data exceeding
the retention policy is automatically removed.
Removing content from the backup job does not When removing mailboxes or other objects from the backup job, the
shrink the backup file Veeam Backup for Microsoft Office 365 repository will not shrink. It will
mark that space as reusable. As soon as new objects are added, the
marked space will be used again before growing.
Consider backup jobs outside business hours In case of throttling, backup jobs should be scheduled to run off-peak
hours as standard Office 365 operations already consume the budget
allowance per tenant customer.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 13
Technical Deployment and Configuration Guide

Microsoft Office 365 throttling policy

This section provides an understanding of the different throttling policies for Online and on-premises environments. Knowing
how default Microsoft throttling policies work helps with a better designing and implementation of the Veeam Backup for
Microsoft Office 365 architecture.

Exchange Online throttling policy

Throttling in Exchange Online helps to ensure server reliability and uptime by limiting the amount of server resources that a
single user or application can consume. This approach ensures resources are available for all users and applications accessing the
Office 365 servers online. Throttling proactively regulates the overuse of server resources that may affect the service reliability
and functionality. Exchange Online constantly monitors the health of Office 365 infrastructure resources, including mailbox
databases. EWS connections are throttled proportionally when high load factors are detected and can degrade the performance
of these servers. Throttling is operated automatically and is transparent to the user or application. Even within throttling limits,
slowdowns could be experienced until the health of the resource is back to operational levels. EWS APIs operate with Exchange
objects (mailbox and pertinent items) by using three different levels of access:
• Owner
• Delegation
• Impersonation

The type of access (owner, delegation, impersonation) makes a difference in how the limits of the throttling policy are applied.
Based upon the type of access, the active connections to the Exchange objects will either be charged to the service account
(owner and delegation) or against the mailbox which is being accessed (impersonation).

EWS owner access to Exchange mailbox

When accessing the mailbox using the owner account, it will be charged for each connection to the mailbox. The Veeam Backup
for Microsoft Office 365 application by default does not use this level of access.

EWS delegation access to Exchange mailbox

When using delegation access (folder level and full mailbox delegate access), it will cause the connections to be charged against
the service account. Often applications using this method of access are processing many mailboxes, so there are chances of getting
throttled during high activity with multithreaded calls. The Veeam Backup for Microsoft Office 365 proxy configuration allows to
set the desired number of concurrent threads. More threads can process more folders and items and can consume EWS resources
budget faster. The Veeam Backup for Microsoft Office 365 application might use this method if the impersonation access is not
enabled. When adding an organization to the Veeam Backup for Microsoft Office 365 server, the impersonation role is automatically
configured. Alternatively, this role can also be configured using Exchange organization PowerShell command-lets

EWS impersonation access to Exchange mailboxes

Access using EWS impersonation will cause the connection count to be charged directly to the budget of the mailbox being
accessed. Since mailboxes have a generally high limit for simultaneous connections under the default policy limit, the chances of
being throttled on active connections are very low. The exception to this is with load intensive applications against one mailbox.
Throttling policies monitor budget rate consumption in addition to active connections.

EWS APIs also offer incremental reads / writes capabilities when accessing content. This helps reduce the time it takes for
incremental backups to be added to newly created and changed folders and other items.

Exchange Online throttling policy is controlled only within Microsoft Office 365 data centers as these are responsible for the
uptime of the applications running in the infrastructure. In general, when experiencing throttling during backup jobs or restore of
large amount of data to the Exchange Online service, the following should be verified:

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 14
Technical Deployment and Configuration Guide

• Service connections are successful and in particular EWS, Microsoft Graph and PowerShell

• “ApplicationImpersonation” role is enabled

• Backup jobs follow the general recommendations

• The total number of objects does not exceed the values as per Veeam Backup for Microsoft Office 365 configuration
maximums

• The number of concurrent worker processes (threads) is not too high as it might hit the maximum number of connections
quicker and trigger throttling policies. More information on thread configuration are covered in the Veeam Backup for
Microsoft Office 365 proxy section

• Jobs are configured with retry-failed and wait attempt to 20 minutes or more

Ultimately, in the case of Microsoft Exchange Online, the resources are constantly monitored and the EWS budgets assigned
to each tenant or organization change accordingly. Such resources cannot be controlled externally but can only be consumed
within the limits defined by Microsoft throttling policy. Should the throttling occur, it goes from an overall speed reduction (for
backup/restore jobs, not for mailbox access and usage) to a pause period. In severe cases with throttling policy applied, the
online resources might show a 503 Error – Service Unavailable message. In such cases, it is recommended to open a ticket to
Microsoft support in order to reset the throttling policy to a default value.

SharePoint Online and OneDrive for Business throttling policy

Like Exchange Online, SharePoint Online and OneDrive for Business use throttling as well to maintain optimal performances
and reliability of the respective services. In this case, throttling limits the number of user actions and concurrent calls using
CSOM and REST APIs (by script or code) to prevent overuse of the shared resources. This guarantees stable and predictable
performances for multiple tenants leveraging SharePoint Online and OneDrive for Business services. While in general it is rare
for a user to get throttled, the execution of custom code from applications might increase or exceed the allowed resources
quota. The Office 365 services are robust and designed to handle very high volumes. Usually, online throttling policy is caused
by custom code running intensive tasks over long periods. In general, when experiencing throttling during backup jobs or the
restore of large amounts of data to the SharePoint Online service, the following actions should be performed:
• Backup jobs follow the general recommendations
• Reduce the requests by limiting the concurrent number of threads per Veeam Backup for Microsoft Office 365 proxy
• Span the jobs over longer periods
• Leverage the retry failed and wait attempt objects processing in the job configuration. The longer the better as the throttling
policy include recharging times to replenish the tenant budget. Every 20 minutes or more should be sufficient to recharge
the allocated budget.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 15
Technical Deployment and Configuration Guide

• Run the jobs during off-peak hours. This avoids for the same budget to be contented with native OneDrive clients which use the
same SharePoint Online APIs (SPO) to constantly sync content between the on-premises environment and the Office 365 cloud.

Exchange on-premises throttling policy

Custom throttling policies can be created and enforced for on-premises applications like Exchange servers. Default throttling
policy, access to throttling policy and throttling policy configuration differ between online and on-premises deployments.
While the ones online cannot be controlled or monitored outside the Office 365 data centers, the on-premises policies can be
customized. Specific throttling setting values are only accurate for specific versions of Exchange. Because these values vary
across versions and because administrators can change the default throttling policies for on-premises deployments based on
different requirements, this document does not provide the default setting values. For those who want to explore, review and
configure the Exchange on-premises throttling policies, there are built-in PowerShell commands available only for this type of
deployment:
• Get-ThrottlingPolicy
• Get-ThrottlingPolicyAssociation
• Set-ThrottlingPolicy
• New-ThrottlingPolicy
• Remove-ThrottlingPolicy

Although these PowerShell commands are available for the on-premises deployments of Exchange providing the option to
create custom policies, they should be used with caution considering the current workload in conjunction with the desired
resources to allocate for backup jobs to complete successfully. It is highly recommended to configure and enable the
impersonation role to be used with the service account which will run the backup and restore jobs. For hybrid deployments, it is
recommended to use the same service account. From this perspective, the best practice is to configure the Azure AD Connect
tool (AAD) which keeps in sync the chosen service account attributes in both Active Directory forests: the one running on
premises and the one running into Microsoft Azure.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 16
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 proxy

The Veeam Backup for Microsoft Office 365 proxy role by default is installed on the Veeam Backup for Microsoft Office 365 server.
The Veeam Backup for Microsoft Office 365 server can connect to both the Office 365 and on-premises instances to back up and
restore data by using its built-in role. This is the standard configuration with simple deployments. For advanced deployments,
the additional Veeam Backup for Microsoft Office 365 proxies connect to the available on-premises and Online instances. Veeam
Backup for Microsoft Office 365 server and proxies operate using two important settings:
• Number of threads
• Available bandwidth

Threads are identified as the number of connections or streams the Veeam Backup for Microsoft Office 365 proxy is starting
when running a backup or restore job. By default, the number of threads is set to 64. The maximum value is 256. The number
of threads apply per Veeam Backup for Microsoft Office 365 proxy. Since every Veeam Backup for Microsoft Office 365 proxy can
have different specifications, it is advised to use different values according to needs. Working with a high number of threads
does not always speed up the backup and restore jobs. It also depends on the active Office 365 throttling policy. The throttling
policy defines the cost or budget assigned to each connection. In the case of Office 365 environments, Microsoft is dynamically
controlling the throttling policy by mean of EWS (Exchange Web Services) and other APIs to access the Office 365 environment.
When the usage of such APIs becomes intensive, the active streams or threads are throttled slowing the overall speed. As a
result, it might take a longer time to complete the backup or restore jobs. In extreme cases, Microsoft might even stop these
activities until a pause period has expired. When this happens, it is recommended to not insist with multiple jobs as this will
automatically increase the stop time. At the time of writing, the Exchange Online PowerShell commands to review the throttling
policies are not available. They are still available for Exchange on-premises instead. This prevents the option to know the existing
values associated with the Office 365 tenant. When experiencing a slow down during backup jobs, it is recommended to review
with Microsoft Support the current throttling policy and ask to resume the default values to accommodate the backup jobs to
proceed successfully. In the case of Exchange on-premises, custom throttling policies can be created according to the Exchange
server resources. Veeam Backup for Microsoft Office 365 will consume such resources according to policies defined.

Veeam Backup for Microsoft Office 365 proxy configured with 64 threads represents an optimal value for most deployments.
It is recommended to increase this value for Veeam Backup for Microsoft Office 365 proxies with higher RAM memory available
as indicated in the Veeam Backup for Microsoft Office 365 server planning section. Decrease when noticing slower backup
performances. Running constantly with a high number of threads will quickly consume the budget resources allocated by
Microsoft Office 365 throttling policy. Since every environment is different, Veeam Backup for Microsoft Office 365 provides
the option to operate with different settings. Another setting that operates on a Veeam Backup for Microsoft Office 365 proxy
level is the maximum network bandwidth to use. For each Veeam Backup for Microsoft Office 365 proxy, it is possible to assign
a custom value expressed in Mbps, MB/s and KB/s. The chosen value will be split across the number of chosen threads on the
same Veeam Backup for Microsoft Office 365 proxy. When not configured, the proxy will use all network bandwidth available. It is
recommended to limit the bandwidth when this is shared across different applications.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 17
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 repository

In a simple deployment, the Veeam Backup for Microsoft Office 365 server backs up and stores data using its built-in role into the
local storage. For advanced deployment, when configuring additional Veeam Backup for Microsoft Office 365 repositories, the
following considerations apply:
• The Veeam Backup for Microsoft Office 365 repositories are always associated to one Veeam Backup for Microsoft Office 365
proxy at a time. One proxy can be associated to multiple Veeam Backup for Microsoft Office 365 repositories instead.
• For best performances, it is recommended the Veeam Backup for Microsoft Office 365 repository files should use either local
or DAS types of storage. Although CIFS shares and iSCSI are supported, the storage with highest throughput available should
be used. This will greatly help with backup jobs where, of course, more IOPS and bandwidth are required.
• Veeam Backup for Microsoft Office 365 repository files come in a format of database type (Microsoft Jet Database). The
storage used for repository files should not have encryption, deduplication and compression enabled to achieve better
performances.
• The maximum supported size per Veeam Backup for Microsoft Office 365 repository is 64 TB in a single file. Since the
repository files are database files, an extra 10% of free space should be provisioned. This ensures the database can run
internal operations smoothly along with its log files.
• Creating additional Veeam Backup for Microsoft Office 365 repositories reduces the risk of growing large single repositories.
For example, it is possible to create separate Veeam Backup for Microsoft Office 365 repositories for emails based on business
units or location. Large Veeam Backup for Microsoft Office 365 repositories are optimized against intensive I/O sequential
reads at the expense of more disk space required. During backup operations, data is written into transaction files before being
committed. During restores, since no caching occurs on disk, operations run in memory. Bigger Veeam Backup for Microsoft
Office 365 repositories require more memory available.
• Each Veeam Backup for Microsoft Office 365 repository can also have separate retention policies.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 18
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365

repository data retention
Retention policy is a configuration which applies to Veeam Backup for Microsoft Office 365 repositories directly and not to jobs.
This is a global setting and affects all backup jobs using the same Veeam Backup for Microsoft Office 365 repository.

Data retention policy operates in two ways:

1. During the first backup, the objects that are included within the retention policy period are evaluated based on their last
modification date attribute. For example, by setting a retention policy of three years, it will automatically include in the
backup job all the items for which this value is below three years. Thus, leaving out anything older than three years.
2. At selected intervals and based on a schedule, the Veeam Backup for Microsoft Office 365 repository will then apply the
retention policy directly on the repository files. Based again on the data age using the item last modification date, all data
older than three years will be automatically purged from the Veeam Backup for Microsoft Office 365 repository. Effectively, at
any point in time, the repository will only include a rolling time-window based on the retention policy for the period specified.

Other important aspects to consider include the following:

1. When stale data is purged from the backup file, this will not shrink the current size for the Veeam Backup for Microsoft Office 365
repository database file.

2. Free and emptied space inside the backup repository file will be used before growing its size.

3. Veeam Backup for Microsoft Office 365 repository database files can be removed only when all backup data for such
repository has expired and no incoming data from another backup job is arriving.

4. Retention policy is a setting on a Veeam Backup for Microsoft Office 365 repository level. When multiple backup jobs are using
the same Veeam Backup for Microsoft Office 365 repository, all backup data for such jobs will be subject to the same retention
policy. For different retention policies, the best practice is to use different Veeam Backup for Microsoft Office 365 repositories.

5. Retention policy for data that should be included in the backup can be specified in number of years from one to 25 or number
of days up to 99,999.
6. Retention policy for data to be deleted can be scheduled on monthly and daily combinations including:
a. Every day
b. Workday
c. Weekends
d. Day of week/month
e. Week number of the month

7. Retention policy can be disabled with the option Keep Forever

In a scenario where Data should not be deleted from Retention Policy but should be archived for even longer periods, it is
recommended to follow the considerations on how to protect the Veeam Backup for Microsoft Office 365 server deployment.

© 2018 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 19
Technical Deployment and Configuration Guide

Veeam Backup for Microsoft Office 365 server

protection
As a best practice, it is important to protect the Veeam Backup for Microsoft Office 365 server against accidental lost. Protecting
the Veeam Backup for Microsoft Office 365 server deployment ensures Availability for the Veeam Backup for Microsoft Office 365
components and, more importantly, for the Veeam Backup for Microsoft Office 365 repository data.

Protecting the Veeam Backup for Microsoft Office 365 repository data helps achieving the industry 3-2-1 Rule best practice:
• Three copies of the data
• Stored in two different media
• One media should be off site

A Veeam Backup for Microsoft Office 365 deployment can be either on a physical or virtual environment. As with both virtual or
physical server installations, Veeam Backup & Replication™ offers all the tools for application and crash consistent backups or
Veeam Backup for Microsoft Office 365 deployments.

Each Veeam Backup for Microsoft Office 365 server installation includes a specific Veeam VSS writer:

“Veeam Backup for Microsoft Office 365 Writer”

• Writer ID: {dbc7d206-2f04-429a-80f5-dbb23da79372}

This VSS writer will ensure application consistent backups of the Veeam Backup for Microsoft Office 365 server even while it is
running backup and restore jobs of Office 365 data.

Protecting a Veeam Backup for Microsoft Office 365 server with Veeam Backup & Replication offers the following advantages:

• Ensures swift Veeam Backup for Microsoft Office 365 components restores (ConfigDB, ProxyDB and associated files)

• Allows to perform granular restores of content using Veeam Explorer components available in the Veeam backup server
(Veeam Backup & Replication 9.5 Update 3a and higher)

• Verifies recoverability of the Veeam Backup for Microsoft Office 365 server installations by leveraging the built-in Veeam
SureBackup® jobs for Veeam Backup for Microsoft Office 365

The protection planning must also include the additional Veeam Backup for Microsoft Office 365 proxy servers and attached
storage. Should the repository use SMB shares, such shares need to be backed up separately. Configuration and proxy DB files
on the Veeam Backup for Microsoft Office 365 server and proxy installations are very important. They include all the information
and details for the infrastructure. Restoring these components from a backup is the quickest way to maintain the existing
configuration without affecting the rest of the Veeam Backup for Microsoft Office 365 deployment and its jobs. Protecting Veeam
Backup for Microsoft Office 365 server and its components is critical with advanced deployments. In these scenarios, one Veeam
Backup for Microsoft Office 365 server operates with different Veeam Backup for Microsoft Office 365 proxies and repositories for
different tenants. Effectively, the same Veeam Backup for Microsoft Office 365 proxy can be shared for different jobs for separate
tenants. Having a protection plan which covers all components allows for agile recoveries of all Veeam Backup for Microsoft
Office 365 main components: Veeam Backup for Microsoft Office 365 server, proxies and data in the repositories.

When protecting the Veeam Backup for Microsoft Office 365 deployments using the Veeam Backup & Replication solution
leverages the built-in Veeam Explorers for granular item restores. From a 3-2-1 perspective, this provides:

• An off-site and offline copy of the Office 365 data

• The ability to recover data from a previous backup where Veeam Backup for Microsoft Office 365 has shorter retention periods

• Integration with existing Veeam backup plans

Backup jobs
Veeam Backup for Microsoft Office 365 provides the option to create and configure several jobs for multiple organization types:
Online, on-premises and hybrid. While each Veeam Backup for Microsoft Office 365 deployment can be different, there are a
number of considerations that should be evaluated when creating the Veeam Backup for Microsoft Office 365 backup jobs.

1. All backup jobs are encrypted in-flight using the SSL certificates present on the Veeam Backup for Microsoft Office 365 server.
These are self-signed certificates during the Veeam Backup for Microsoft Office 365 deployment. It is possible to change
existing certificates with new ones either self-generated or provided by a certification authority at any time.

2. It is possible to dictate which objects should be included as part of the plan: Mail, mail archive, discovery search mailboxes,
shared and public folders, resources mailboxes, OneDrive for Business, sites and personal sites. These objects don’t
necessarily grow at the same rate or have the same retention requirements. For this reason, it is recommended to create
different backup plans targeting different objects.

3. By creating different plans, Veeam Backup for Microsoft Office 365 allows for different schedules and repositories where to
store data (e.g., creating plans based on a Gold, Silver and Bronze type of SLA).

4. Using multiple repositories allows for separate retention policies.

5. To help reduce space requirement for the backup storage, Veeam Backup for Microsoft Office 365 provides the option to
automatically include or exclude specific folder types:

• Draft

• Deleted items

• Junk email

• Outbox

• Sync Issues

• In-Place Hold items

• Litigation Hold items

A special mention goes to In-Place and Litigation Hold items. When these features are enabled, copies of the original items are
kept within the same mailbox storage into a hidden area called Recoverable Items. Depending on the length of the Legal Hold
and the Exchange retention policy, such items might get permanently deleted by the Exchange Mailbox Folder Assistant (MFA)
as an automatic process. By including such folders in the Veeam Backup for Microsoft Office 365 backup plan, this eliminates the
risk of losing access to these items where a Legal Hold is applied.

Restore jobs
Veeam Explorer coordinates with Veeam Backup for Microsoft Office 365 proxy to perform the restore and export operations as
highlighted in the Veeam Backup for Microsoft Office 365 architecture section.

Veeam Explorer for Microsoft Exchange allows to:

• Export content from live Exchange servers to another location

• Export from standalone Veeam Backup for Microsoft Office 365 Exchange backup (.edb file)

• Restore mailbox items directly from Veeam Backup for Microsoft Office 365 backups (.adb)

• Connect to separate Veeam Backup for Microsoft Office 365 server

• Self-service restore for mailbox content (available only to customers connected to a Veeam Cloud & Service Provider (VCSP)
partner)

• In place and out of place restore to on-premises and online instances for any mailbox item

• Export in .msg and .pst formats

• Export as attachment using Microsoft Send functionality

Veeam Explorer for Microsoft SharePoint allows to:

• Restore SharePoint sites to the original location with permissions and versions

• Export from standalone Veeam Backup for Microsoft Office 365 SharePoint backup (.adb file)

• Connect to separate Veeam Backup for Microsoft Office 365 server

• Restore site collections, sites and subsites

• Restore standard and custom list and libraries

• Restore content down to specific item version

Veeam Explorer for OneDrive allows to:

• Export content from live SharePoint servers (with OneDrive enabled) to another location

• Export from standalone Veeam Backup for Microsoft Office 365 OneDrive backup (.adb file)

• Restore OneDrive folders and content to other OneDrive locations

• Export as zip or file the content

• Export as attachment using Microsoft Send functionality

For each one of these operations, Veeam Explorer is mounting the requested database in read-only mode, and then presenting
the content through an explorer from which it is possible to restore back to the original location or a different instance.

Veeam Backup for Microsoft Office 365

for service providers
All the considerations and details provided for Veeam Backup for Microsoft Office 365 advanced deployment apply to Service
Providers scenarios as well. In particular it brings the following benefits:

• With multiple Veeam Backup for Microsoft Office 365 proxies, the service provider can target different jobs based on capacity,
number of users/objects, and even SLAs agreed with their tenants (e.g., running jobs with a dedicated / shared proxy).

• Each Veeam Backup for Microsoft Office 365 proxy can be configured with custom settings related to number of concurrent
threads and available bandwidth. According to requirements, the service providers can assign threads and bandwidth
resources individually.

• Further segregation of the network traffic can also be obtained by using network VLANs. Separate Veeam Backup for
Microsoft Office 365 proxies can exist on different VLANs.

Veeam Backup for Microsoft Office 365 repository best practice for service providers

Service providers are encouraged to leverage multiple Veeam Backup for Microsoft Office 365 repositories. It will achieve the
following objectives:

• Ability to physically segregate Data between different tenants

• Option to specify the custom retention policies per Veeam Backup for Microsoft Office 365 repository. The retention policy is a
global setting on the Veeam Backup for Microsoft Office 365 repository level and not the specific backup job

• Provide different service levels based on storage tiering

• Ability to segment backup jobs across multiple Repositories based on data types

Protecting Veeam Backup for Microsoft Office 365 deployment in a multi-tenant architecture

Protection of the Veeam Backup for Microsoft Office 365 architecture for a service provider is key. Especially when adopting
the advanced deployment model, some components might be shared across different tenants. To guarantee Availability of the
Veeam Backup for Microsoft Office 365 architecture, the following components should be protected:

On the Veeam Backup for Microsoft Office 365 server:

• %ProgramFiles%/Veeam/Backup365

• %ProgramData%/Veeam/Backup365

On the Veeam Backup for Microsoft Office 365 proxies:

• %ProgramData%/Veeam/Backup365

• %WinDir%/Veeam/Backup365

On the Veeam Backup for Microsoft Office 365 repositories:

• All repository.adb files in the yearly folders

• All .jrs and .chk files in the yearly folders

• adb.log and adbtmp.log files in the yearly folders

• Repository.xml on the root Veeam Backup for Microsoft Office 365 repository

Summary
Microsoft Office 365 is the fastest growing digital collaboration platform today. It empowers users by providing access to the
cloud-based applications for productivity. It offers a seamless experience whereas the data is located on premises and online.
The need for customers today is to always have data available. The overall expectations from customers moved from simply
desirable to a necessity.

Microsoft Office 365 meets the most stringent criteria for compliance and technical enablement by making sure customers’
data can always be operated by multiple devices and different locations. As a public cloud provider for Software as a Service
(SaaS) based solutions, Microsoft Office 365 provides the uptime for the infrastructure rather than data. Microsoft manages
the infrastructure. Customers manage their data — even when it is hosted by a cloud provider. The owners of the data need
to provide a plan for protection and Availability. Lots of things can disrupt service Availability such as hardware failure, natural
disasters, human error and even unsolicited activities from rogue apps or departing users.

Veeam Backup for Microsoft Office 365 is the solution built from the ground up which provides both a short and long protection
plan avoiding data loss and increasing Availability of data across any cloud and any platform. A glance at the benefits Veeam
Backup for Microsoft Office 365 include:

• Manages multiple organizations from the same installation. In fact, these can be any combination of on-premises, online and
Office 365 hybrid deployments.

• Facilitates the management when protecting data. When creating backup jobs, it is possible to choose what to protect and for
how long data should be retained. Making it easier to manage your own retention policy.

• Provides the options to browse and search with eDiscovery capabilities helping to pinpoint specific content. This is
particularly useful as it significantly reduces RTO times to restore any Data to the original location or even export to a different
platform. Such functionality is already helping customers dictating which content should be migrated between on-premises
and online instances.

• Integrates with multi-tenant infrastructures from VCSP partners who already offer Backup as a Service (BaaS) and Disaster
Recovery as a Service (DRaaS) proving additional value for their customers.

About Veeam Software

Veeam® recognizes the new challenges companies across the globe face in enabling Intelligent Data Management for the
Hyper-Available Enterprise™, where business that must operate 24.7.365. To address this, Veeam has pioneered a new
market of Availability for the Enterprise™ by helping organizations meet recovery time and point objectives (RTPO™)
of < 15 minutes for all applications and data, through a fundamentally new kind of solution that delivers high-speed
recovery, data loss avoidance, verified protection, leveraged data and complete visibility. Veeam Availability Suite™,
which includes Veeam Backup & Replication™, leverages virtualization, storage, and cloud technologies that enable the
modern data center to help organizations save time, mitigate risks, and dramatically reduce capital and operational costs.

Founded in 2006, Veeam currently has more than 294,000 customers worldwide, and adds an average of 4,000 new
customers each month. Veeam‘s global headquarters are located in Baar, Switzerland, and the company has offices
throughout the world. To learn more, visit http://www.veeam.com.

Public Audiences Part 1
No ratings yet
Public Audiences Part 1
13 pages
How To Update NetBackup For A Replaced Tape Drive Without Deleting and Re-Adding The DriveArticle-SymantechTECH34296
No ratings yet
How To Update NetBackup For A Replaced Tape Drive Without Deleting and Re-Adding The DriveArticle-SymantechTECH34296
3 pages
Client:-: It Is Used To Reduce The Load On Commserver
No ratings yet
Client:-: It Is Used To Reduce The Load On Commserver
8 pages
Netbackup Command Sheet
0% (1)
Netbackup Command Sheet
14 pages
JD - System, Storage and Backup Engineer
No ratings yet
JD - System, Storage and Backup Engineer
3 pages
Avamar Staging Tape Out Outputting Avamar Backups To Tape Technical Note PDF
No ratings yet
Avamar Staging Tape Out Outputting Avamar Backups To Tape Technical Note PDF
39 pages
Interview Questions
No ratings yet
Interview Questions
4 pages
Veritas NetBackup 80 Administration 12 23 2018 1 58 03 PM PDF
No ratings yet
Veritas NetBackup 80 Administration 12 23 2018 1 58 03 PM PDF
6 pages
ND MP Backup Solutions
No ratings yet
ND MP Backup Solutions
9 pages
VMWare Backup
No ratings yet
VMWare Backup
4 pages
Netbackup Upgrade 6.5.4 To 7.0.1 v1.0
No ratings yet
Netbackup Upgrade 6.5.4 To 7.0.1 v1.0
44 pages
Avamar-7 2010
No ratings yet
Avamar-7 2010
43 pages
CommVault Simpana 9 and Data Domain
No ratings yet
CommVault Simpana 9 and Data Domain
82 pages
Resume Zeeshan
No ratings yet
Resume Zeeshan
3 pages
Veritas Netbackup 8.0 Blueprint Accelerator
No ratings yet
Veritas Netbackup 8.0 Blueprint Accelerator
29 pages
Veeam Backup 9 0 Release Notes en
No ratings yet
Veeam Backup 9 0 Release Notes en
23 pages
Docu54068 Data Domain Boost OpenStorage Release Notes, 2.6.3.0
No ratings yet
Docu54068 Data Domain Boost OpenStorage Release Notes, 2.6.3.0
9 pages
Desktop Architect in Philadelphia PA Resume Mark Melanson
No ratings yet
Desktop Architect in Philadelphia PA Resume Mark Melanson
4 pages
How To Clear The NetBackup Policy Execution Manager (Nbpem) Cache On NetBackup 7.x - 8.x
No ratings yet
How To Clear The NetBackup Policy Execution Manager (Nbpem) Cache On NetBackup 7.x - 8.x
2 pages
5 Minute Troubleshooting
No ratings yet
5 Minute Troubleshooting
9 pages
Vmax Allocation:: What Is Thin Provisioning?
No ratings yet
Vmax Allocation:: What Is Thin Provisioning?
1 page
Accelerator VMware Backup Best Practices - 2
No ratings yet
Accelerator VMware Backup Best Practices - 2
22 pages
POA For 7 5 0 7 Upgrade of Media and Master Servers
No ratings yet
POA For 7 5 0 7 Upgrade of Media and Master Servers
4 pages
ONTAP 90 Command Map For 7mode Administrators
No ratings yet
ONTAP 90 Command Map For 7mode Administrators
57 pages
TSM Vs Veeam
No ratings yet
TSM Vs Veeam
2 pages
Basic Troubleshooting Tips For Veritas 4
No ratings yet
Basic Troubleshooting Tips For Veritas 4
5 pages
Netbackup Manual
No ratings yet
Netbackup Manual
2 pages
Veritas Netbackup DATACENTER Local V880: Joe Holbrook, CHPTP XXXXX 1
No ratings yet
Veritas Netbackup DATACENTER Local V880: Joe Holbrook, CHPTP XXXXX 1
74 pages
Storage Allocation Using Auto Provisioning
No ratings yet
Storage Allocation Using Auto Provisioning
96 pages
NetBackup 7.7 Cheat Sheet
No ratings yet
NetBackup 7.7 Cheat Sheet
2 pages
PowerPath Upgarde Steps
No ratings yet
PowerPath Upgarde Steps
98 pages
Netbackup Catalog Recovery
No ratings yet
Netbackup Catalog Recovery
6 pages
NetBackup Troubleshooting Refresher Introduction
No ratings yet
NetBackup Troubleshooting Refresher Introduction
26 pages
DD Boost For Netbackup OST
100% (1)
DD Boost For Netbackup OST
29 pages
Note Veritas
No ratings yet
Note Veritas
36 pages
Veritas - Buffer Increasing
No ratings yet
Veritas - Buffer Increasing
6 pages
DD Boost For OST Admin - Guide
No ratings yet
DD Boost For OST Admin - Guide
122 pages
Netbackup Upgrade
No ratings yet
Netbackup Upgrade
7 pages
Avamar Technical Differences SRG PDF
No ratings yet
Avamar Technical Differences SRG PDF
237 pages
Veeam Backup Replication v12 Configure Manage and Recover
No ratings yet
Veeam Backup Replication v12 Configure Manage and Recover
3 pages
AIX Migration Steps1
No ratings yet
AIX Migration Steps1
2 pages
Documentation How To Enable Logging To Troubleshoot NetBackup Oracle Backups On Unix-Windows
No ratings yet
Documentation How To Enable Logging To Troubleshoot NetBackup Oracle Backups On Unix-Windows
3 pages
Deploying SCVMM2
100% (1)
Deploying SCVMM2
338 pages
CVTSP24 - Module 05 - Commvault Auto Recovery
No ratings yet
CVTSP24 - Module 05 - Commvault Auto Recovery
24 pages
List of NetBackup Blueprints
No ratings yet
List of NetBackup Blueprints
12 pages
NetBackup812 AdminGuide AzureStack
No ratings yet
NetBackup812 AdminGuide AzureStack
25 pages
CVSA19-M02 - Policies and Plans
No ratings yet
CVSA19-M02 - Policies and Plans
17 pages
ZFS Evil Tuning Guide
No ratings yet
ZFS Evil Tuning Guide
12 pages
HP StoreOnce
No ratings yet
HP StoreOnce
5 pages
Customer Presentation - Unity Overview4
No ratings yet
Customer Presentation - Unity Overview4
26 pages
Hedvig Architecture Overview PDF
No ratings yet
Hedvig Architecture Overview PDF
27 pages
Network Commands
No ratings yet
Network Commands
9 pages
DOCUMENTATION How To Recover A NetBackup Catalog From Disk If The Original Media Server Which Did The Backup Is Not Available.
No ratings yet
DOCUMENTATION How To Recover A NetBackup Catalog From Disk If The Original Media Server Which Did The Backup Is Not Available.
3 pages
Code 85
No ratings yet
Code 85
14 pages
00.01 eBook NBU 8.2 Admin Lessons
No ratings yet
00.01 eBook NBU 8.2 Admin Lessons
942 pages
Symmetrix Procedure Generator Information Guide
No ratings yet
Symmetrix Procedure Generator Information Guide
14 pages
VMware Horizon View Essentials
From Everand
VMware Horizon View Essentials
Peter von Oven
No ratings yet
Active Directory Rights Management Services A Clear and Concise Reference
From Everand
Active Directory Rights Management Services A Clear and Concise Reference
Gerardus Blokdyk
No ratings yet
26 Ways to Save on Your Utility Bills!: 26 Ways, #1
From Everand
26 Ways to Save on Your Utility Bills!: 26 Ways, #1
Kimberly Peters
No ratings yet
Mastering Active Directory
From Everand
Mastering Active Directory
VICTOR P HENDERSON
No ratings yet
Oracle VM Manager 2.1.2
From Everand
Oracle VM Manager 2.1.2
Tarry Singh
No ratings yet
Cell Membrane and Cell Transport Notes New 1228089530353902 8
No ratings yet
Cell Membrane and Cell Transport Notes New 1228089530353902 8
21 pages
Classless Inter-Domain Routing (CIDR) (192.168.100.0/29)
No ratings yet
Classless Inter-Domain Routing (CIDR) (192.168.100.0/29)
2 pages
Cell Organelles Found in Plant and Animal Cells
No ratings yet
Cell Organelles Found in Plant and Animal Cells
18 pages
Specialised Cells in Plant and Animals PDF
100% (3)
Specialised Cells in Plant and Animals PDF
2 pages
Software Procurement Policy
No ratings yet
Software Procurement Policy
9 pages
Excel Advanced Pivot Tables
100% (1)
Excel Advanced Pivot Tables
26 pages
1067 Ddos-Protection-Networks DS May2018
No ratings yet
1067 Ddos-Protection-Networks DS May2018
5 pages
1067 Ddos-Protection-Networks DS May2018 PDF
No ratings yet
1067 Ddos-Protection-Networks DS May2018 PDF
14 pages
White1990causation and Effect
No ratings yet
White1990causation and Effect
16 pages
Goals For The Common Good
No ratings yet
Goals For The Common Good
28 pages
22 Alex - Balashov Kamailio Trivia
No ratings yet
22 Alex - Balashov Kamailio Trivia
24 pages
White Paper IFS Applications 8 Architecture and Technology
No ratings yet
White Paper IFS Applications 8 Architecture and Technology
24 pages
2019.09.23 Warner USIP China Speech
No ratings yet
2019.09.23 Warner USIP China Speech
13 pages
LanSchool v7.6 For Windows MultiPoint Manager: Product Brochure
No ratings yet
LanSchool v7.6 For Windows MultiPoint Manager: Product Brochure
2 pages
Phishing Awareness Powerpoint
No ratings yet
Phishing Awareness Powerpoint
23 pages
Registry Explorer Manual
No ratings yet
Registry Explorer Manual
61 pages
Vcs Nos Upgrade DP
No ratings yet
Vcs Nos Upgrade DP
90 pages
RPC and Its Offspring: Convenient, Yet Fundamentally Flawed
No ratings yet
RPC and Its Offspring: Convenient, Yet Fundamentally Flawed
36 pages
Kubernetes in 30 Minutes20170310 170313090249
0% (2)
Kubernetes in 30 Minutes20170310 170313090249
106 pages
DITA Online Exam Suggestion 1
No ratings yet
DITA Online Exam Suggestion 1
12 pages
0807WM Transradio Am DRM PDF
No ratings yet
0807WM Transradio Am DRM PDF
32 pages
TL-WA7510N V1 Datasheet
No ratings yet
TL-WA7510N V1 Datasheet
2 pages
Chapter 1 Introduction To Networks
No ratings yet
Chapter 1 Introduction To Networks
26 pages
CEH V11 - Lab01 - M19
No ratings yet
CEH V11 - Lab01 - M19
30 pages
RS900 Datasheet PDF
No ratings yet
RS900 Datasheet PDF
6 pages
Designing Concepts For Websites - CPINTL
No ratings yet
Designing Concepts For Websites - CPINTL
66 pages
FleetRMMUserGuide
No ratings yet
FleetRMMUserGuide
151 pages
Web Hosting Knowledge
0% (1)
Web Hosting Knowledge
121 pages
How To Integrate Kaspersky Threat Data Feeds With AlienVault
No ratings yet
How To Integrate Kaspersky Threat Data Feeds With AlienVault
12 pages
BEM105 Operation Manual 20190916 PDF
No ratings yet
BEM105 Operation Manual 20190916 PDF
48 pages
FTTH Deployment Options For Telecom Operators
100% (2)
FTTH Deployment Options For Telecom Operators
14 pages
A Changemakers Guide To Storytelling 12-10-13
No ratings yet
A Changemakers Guide To Storytelling 12-10-13
16 pages
N300 Wif Range Extender: Model Wn3000Rpv3 User Manual
No ratings yet
N300 Wif Range Extender: Model Wn3000Rpv3 User Manual
46 pages
History and Development of Linux22
No ratings yet
History and Development of Linux22
260 pages
Business Letters
No ratings yet
Business Letters
11 pages
Ecu-1051 DS (09.18.18) 20181213152750
No ratings yet
Ecu-1051 DS (09.18.18) 20181213152750
1 page
BT324-Barracuda Backup Certified Engineer-Student Guide-105 PDF
No ratings yet
BT324-Barracuda Backup Certified Engineer-Student Guide-105 PDF
104 pages
Multicast Services For IP Triple-Play Networks: White Paper
No ratings yet
Multicast Services For IP Triple-Play Networks: White Paper
14 pages
423 Series TSG Hardware PDF
No ratings yet
423 Series TSG Hardware PDF
56 pages