Storm season is back, bringing with it the potential for significant weather events. If you have clients in areas prone to infrastructure disruption, visit the Disaster Recovery Resources guide for preparedness information. Datto recommends performing proactive disaster recovery testing to mitigate potential downtime. See our articles about the importance of disaster recovery testing and Preparing For A Cloud Virtualization Test: Policies, Procedures, And Partner Responsibilities to learn more. For live updates, follow @datto on Twitter.

Windows Pre-Deployment Configurations and Best Practices

Follow

Topic

This article describes pre-deployment configurations and best practices when backing up a Windows environment using a Datto solution.

Environment

  • Datto Windows Agent
  • ShadowSnap Agent
  • Windows-based agentless environments

Description

Continuously adhere to all System Requirements for Windows-Based Backup Solutions to ensure sustained stability of your Datto implementation.

Prior to implementing a Datto solution, follow these steps to ensure consistent, reliable backups and performance during production:

Hardware Health

Run chkdsk to be sure that all RAIDs and individual disks report back as healthy. Perform necessary disk repairs prior to deploying any backup agent. Failure to do so may result in backing up corrupted systems and restoration failures.

Disk Defragmentation

While Datto can perform backups that are running disk defragmentation, be aware that this rearranges data at a block level, and larger backups will consequently result. Run a disk defragmentation before deployment of the agent. VSS-aware disk defragmentation programs may allow for smaller backups, but this would be left to your own discretion.

Windows updates

Download Windows updates, service packs, and any other Microsoft provided updates. After installing these updates, reboot the server. When scheduling your deployment, remember that the 2nd Tuesday of every month is Microsoft's "patch Tuesday."

Virus scan

Run a virus scan before you deploy the Datto backup solution to your production machine.

Event Viewer

Check the target's system and application logs to see if there are any VSS or hardware errors. Resolve any errors before attempting to install the agent.

SQL

Check for active SQL maintenance jobs, as they are a separate backup solution and may cause conflicts. To avoid large incremental backups, Datto recommends having SQL maintenance jobs saved to a partition unprotected by the Datto device. Otherwise, the local Datto may fill up, causing its cloud synchronization tasks to fail. Best Practices for SQL servers can be found here.

Exchange

Since Exchange Servers are essentially database servers with mail stores in EDB (Exchange Database Format), Datto recommends the same procedures for maintenance jobs as SQL (see above SQL recommendation). Make sure that the Exchange writers are enabled on your operating system. Also, check for additional enabled archiving tools (such as auto-archiving) that may cause larger incremental changes.

On Exchange 2010 and 2013, Datto recommends enabling circular logging. VSS backups will truncate logs upon completion on earlier Exchange versions, and circular logging can be disabled.

Hypervisors

Datto recommends that hypervisors have their datastores isolated on a separate partition, and that the non-datastore volumes be backed up by the Datto backup solution. Servers that reside on the datastore should be backed up individually to allow for more granular recovery and restore efforts. Best practices for backing up hypervisors can be found here.

Clustering

Due to a technical limitation with Cluster Shared Volumes (CSVs), Datto backup software does not support backing up Hyper-V hosts that are members of a failover cluster. However, we can support backing up a guest VM running on a Hyper-V failover cluster, as long as the guest OS itself does not access a CSV. See our article about CSV compatibility for more information.

Proxies

ShadowSnap and ShadowProtect do not support the use of proxy servers on the network. Agents must check in to StorageCraft to verify their license monthly.

Laptops

Due to their mobile nature, Datto does not endorse or support backing up laptops. Laptops must be inside the LAN, and not on a wireless network, to perform backups in a timely manner. Attempts to back up laptops are at your own discretion.

Because of this, and due to the wide range of touchpad drivers, custom drivers, and hardware configurations available for both laptops and all-in-one workstations, restoration support for these platforms is 'best-effort' only.

Datto Windows Agent (DWA)

Firewall rules

  • The protected machine must have Internet access, and be able to reach https://device.dattobackup.com/certApi.php, for the initial installation of the Datto Windows Agent.
  • From protected machine to Datto appliance: Port 3260 (for iSCSI), 3263 (for MercuryFTP), UDP 139, and TCP 25568 must be open in both directions.
  • The Datto Windows Agent uses MercuryFTP as its primary transport method; however, if this fails, backups are intended to fall back to iSCSI.
  • From Datto appliance to internet: ports 22, 80, 123, 443 must be open outbound to, at minimum, the addresses specified in this article: SIRIS, ALTO and DNAS Networking & Bandwidth Requirements.
  • You may need additional addresses for the off-site syncing continuity. See Datto Networking Requirements for local and offsite networking requirements and best practices.

Antivirus exceptions

  • Set service-level exceptions for the Datto Backup Agent and Datto Provider services. 
  • Set an application-level exception for the Datto Windows Agent (DattoBackupAgent.exe).
  • Whitelist the following installation path: 
    %SYSTEMROOT%\Program Files\Datto\Datto Windows Agent.
  • Verify that no other backup software is installed on the machine.

ShadowSnap Agent

Firewall rules

  • From protected machine to Datto appliance: TCP 3260 (iSCSI port), UDP 139, and TCP 25566 (Live when the StorageCraft Raw Agent service is enabled and running, check with netstat).
  • From Datto appliance to internet: 22, 80, 123, 443 must be open outbound to, at minimum, the addresses specified in this article: SIRIS, ALTO and DNAS Networking & Bandwidth Requirements.
  • You may need additional addresses for the off-site syncing continuity. See Datto Networking Requirements for local and offsite networking requirements and best practices.

Antivirus exceptions

  • Set service-level exceptions for the StorageCraft Raw Agent, StorageCraft Shadow Copy Provider, and ShadowProtect services. 
  • Set an application-level exception for the following ShadowSnap Agent executables:
    • raw_agent_svc.exe
    • ShadowProtect.exe
    • ShadowProtectSvc.exe
    • vsnapvss.exe
  • Whitelist the following installation paths: 
    • %SYSTEMROOT%\Program Files\StorageCraft\
    • %SYSTEMROOT\Program Files (x86)\StorageCraft\
  • Verify that no other backup software is installed on the machine.

Datto Device Best Practices

Web Browser

The Datto web interface functions best with Mozilla Firefox or Google Chrome browsers. Using Internet Explorer may compromise functionality.

Setting backup schedules and initial configuration

  • Before setting a backup schedule, discuss with your client how far back you would ever need to go to retrieve data. Set the expectations with them and provide a schedule accordingly. Set the local data retention policies based on these conversations and expectations. Remember that long-running retention policies will require more disk space, and should be considered when sizing an appliance.
  • Consider the server’s role when establishing a backup schedule. A file server may need multiple backups during business hours, as files are in constant change. A terminal server simply housing configurations, however, may not require as many backups per day, as there is little to no change provided. Like any other service on a server, backups consume resources and take disk input / output.
  • The size of your server's backups can grow if you use Distributed File System (DFS) in your environment. See How Distributed File System (DFS) Interacts with the Datto Solution for more information.
  • Prior to the initial backup, ensure that all undesired volumes are excluded. Remember that backups may be attempted on any additional drives attached to the machine (USB drives, additional storage drives, etc.).

Additional resources


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!