 Hi, folks. Do you need to protect your resources with backup and replications? Do you need to see all your resources in a single place to detect if they are protected or not? Well, if that's the case, we have this video for you. I'm here with Daya Patil, Senior Product Manager from the Azure Business Continuity Team, and we are going to talk about it right now. Welcome, Daya. Hey, hi, Thomas. Thank you so much. It's great to be here with you. Awesome. Thank you. It's great to have you here today to talk in this video about the Azure Business Continuity Center. So, as we know, this is a big thing, and there's a big announcement, and it does some awesome things. But what is it exactly? Hey, yes, Thomas. It is a big thing. We are looking forward to introduce the Business Continuity Center in public preview at Ignite. Business Continuity Center is designed to help customers with their business continuity goals. Business continuity has always been the critical aspect for the organization. It involves the comprehensive planning and safeguarding the resources so that when there is a disaster, the organization can still continue their operations. Backup and disaster recovery has become more vital than ever for the organization with this digital transformation, ever-evolving hybrid work model, and the growing ransomware attacks over the last few years. During this time, we have observed the trend amongst our customers in terms of they are investing in multiple vendors to safeguard their data across this growing range of platforms. Now, due to this, the nature of customers' environment has become distributed, which is spanning across on premises as well as cloud. Now, this nature actually introduces the significant challenges in terms of managing their complete business continuity and the disaster recovery portfolio across various solutions and across various platforms. So the mainly challenges that we have seen is in terms of fragmented experiences, fragmented data, which leads to additional time spent in accepting the various dashboards to monitor to track their business continuity goal. It also makes the governance process more complex because of which there is challenges in terms of proving the compliance across the standards, management, overhead getting increased, and the increased cost. And overall, this entire fragmented experiences also adds up to the recovery process, which has now become prolonged when dealing with these experiences. So that is where we have designed the business continuity center to help customers with these set of challenges. Business continuity center is nothing but an easy to use web-based interface for the customers right there in the Azure portal, which helps them to manage the at scale business continuity portfolio from the single place across the environments and across the solutions. So because of business continuity center, customers can now optimize their business continuity in a super easy manner with the performance experience, and it also helps them to optimize the entire data protection needs. Business continuity center mainly focuses on the four key pivots. It provides the centralized views and operations, with which customers get a single pane of glass to get started with BCDR journey. They can find, learn, and adopt the best suitable solution for their organization. It's the centralized place for the customers to view, monitor, govern, and audit the compliance aspect for their protection aspects across solutions, environments, et cetera, along with ability to perform the core actions. Not only that, it also provides the unified monitoring capabilities for the customers with which customers can get the holistic visibility actionable insights, which helps them reduce the time to detect the issues and take the remedial actions. There are various views as your business continuity center provides to the customers like jobs, alert metrics, et cetera. With the help of guided alerting, notification, authoring, troubleshooting, et cetera, customers can make their monitoring journey simple. Third aspect on which the business continuity center focuses mainly is around the configuration postures. BCDR postures is what we refer to, where it helps customers to understand how they have configured their environment to meet their BCDR goals. Business continuity center proactively assesses the configuration that they have configured in the organization, in their environment, and it also notifies the customers about the gaps that are identified. In the public preview, we are mainly focusing on the security aspects of the configuration part, where we actually proactively check how the security settings are configured for the resources, identify the drifts, and notify the customers about the gaps that we see. And finally, business continuity center also provides the governance and the compliance capabilities to the customers with the help of Azure policy, which helps customers to auto configure, prevent the misconfiguration, or assess the drifts, maintain the desired state for their resources, remediate the gaps, minimize the risk, optimize the cost, and finally attend the regulatory compliance. So you see, it is not that we have in the business continuity center for the customers to make their business continuity journey easy. This is fantastic. I'm actually super excited about this. I mean, I see the challenges, like if you are in different organizations, it's sometimes hard to get an overview to see what is actually back up, what is not, and make sure that things which need to be backed up are actually protected, right? And so this really sounds like something which can really help me. So one of the things, obviously, we've talked about it now, a lot of the capabilities, but I know that you can also show us how this actually works. So why don't we have a look at how we can actually identify and discover resources that need to be backed up. So for example, if my team creates resources or within my organization, they create resources. But I'm still responsible for backup and protection of these resources. How do I find out if they are protected or not? Can you show us something like that? Absolutely. So let me do one thing. Let me walk you through the business continuity center. So as you see on my screen, what I have is business continuity center, which is open. A good part to know is, a very important part to know is there is no setup or prerequisite that is required for the customers to get started with the business continuity center. It's very simple. You just go towards your portal, search for the business continuity center, and there it is, you are ready to use the business continuity center. No additional steps required. Now, I am currently on the landing page of business continuity center, but as you see, it gives you the summarized, the condensed snapshot view for your entire protection stage. This is across your resources that you have protected, either using Azure backup or Azure Site Recovery. So across both of these solutions, you get this single place from where you can get the summarized view of how your protection looks like. There are various pillars on which this particular dashboard is designed. Here you can see what all the sources currently are not protected, the one which are protected and how their status looks like, how the security configuration looks like for this particular set of protected items. From the monitoring perspective, you can identify the alerts which are triggered and also can see the Azure policies that you have applied for the compliance purposes. Good part here is you can have the actions right triggered from this page itself. You also have an option in the business continuity center, not only focus on the Azure resources, but we also have the hybrid resources which you can go ahead and see in the business continuity center. So there is this scope picker that we call it. Here you can go ahead and switch between the set of resources that you are interested in and want to see the summary for. So for example, I'm currently looking at the Azure resources, but if I want to see my hybrid resource protection status, I can just click on non Azure and click on OK. That will just summarize the same view for non Azure resources. Now here, all the summary tiles that you can see are the smart and the interactive tiles. It makes users journey very easy because once you see the summarized view, definitely you might want to drill down more for that specific set of information, right? For example, when I say these are the set of protectable resources, OK, I understand that there are 34 resources which are not protected, which one are they, right? I need to see those. So that is one thing that you can get here. We also have the various set of filters available here with the help of which you can look for the specific information that you are interested in. For an example, you are a database administrator and you mainly work is around the SQL in Azure Virtual Machine. So you need not to see the summary for other resources. What you can do is you can come to this, use this filter, select the SQL in Azure VM and click on apply and the entire summary will then only be shown up for the SQL. Now let me show you the answer to your question. You want to know the resources which are created, but not protected. So like you see, here we already have that right. You can just click on this tile and it will take you to the appropriate view, which is the protectable resources view where you will get the list of all those virtual machines or all those resources based on the filter that you have selected, which we say are not protected. Now here is the list. What you can do is there are multiple ways you can trigger the protection on these resources. Either you can get started from the action available on the top of the page or on an individual item also, you can use this configure protection from the item menu. So let me go ahead and get started from this one. Now here as you notice, you get a couple of options to select. Now this resource is already an Azure resource. So you need not to select, but if you would have started the journey in from the top of the page, you would have the option to select because that time you did not have the resource information passed. So that time you can select whether you are planning to protect the Azure resource or non Azure resource. You can also select what type of data source you want to protect and you can also select from the list of available solution. So far there was a separate flow for customers to get started with backup, separate flow for to get started with Azure Site Recovery. Now it's the same endpoint. Customers can just select the backup as a solution or Site Recovery as a solution to protect this particular resource and click on continue. Once they do so, they will be navigated to the view where they will be asked for the additional information which is required for protecting the resource. So as you see, now it is asking me which vault I would like to go ahead and use for protection. What policy is I want to use for defining the schedule, frequency, the retention, etc. And I if I am happy with all these settings, which are the default one, I can just go ahead and click on enable backup. It performs few validations and that's it. The backup is taken care of. Now going back to business continuity center in the protectable resources, I go ahead and configure the protection on a similar front from the overview page as well. As I told you, there were also these set of actions available from there also you can go ahead and trigger the configure protection. So absolutely a lot of flexibility available for you in terms of where you want to go ahead and get started to configure the protection. Awesome. This is fantastic. Again, like as a backup admin or someone who's responsible for data protection and backups, this is absolutely a great way to actually have this overview and find resources which are not protected and make sure that I can actually configure them. Now, you just showed us how to identify a resource which is not protected in terms of start the protection process. How can I monitor if the protection is actually configured successfully? Absolutely. That's the next step. In fact, day-to-day monitoring is actually the most for business continuity administrators because they need to make sure not only the one which are manually triggered backup, but the scheduled backup by the systems are also configured or also successfully getting completed. So there are a couple of ways by which you can do it. One, under the monitoring section, you can see there is jobs. When you reach out to this jobs page in the business continuity center, it helps you to get the list of all the jobs that are triggered in the specific range that has been selected in terms of the time range. Now here on this view, we can see the last 24 hours data is shown up for the customers across both of these solutions as your backup and as your site recovery. If you're interested to monitor only the specific type of jobs from a specific solution, you do have option to filter that. Here you have as your backup. We configured the backup so we can only say that I want to see the backup jobs. Now it will show me the list of backup jobs. If you remember, this was the machine for which we configured the backup. As you notice, the status of that configuration of backup has been already completed. That is one place from where you can go ahead and see the backup related information or the actions that you have triggered maybe for backup or maybe for site recovery from the single place itself. We also have these summary tiles here on each of these views where you can filter based on not only these filters available on the top of the screen, but let's say for example, I only want to see the completed jobs here. I just can click on that tile and the view below that will automatically get filtered to only show the information based on the tile that you have selected. And if I want to see only the failed job, I can just click on the failed job and it will then show me list of only the failed jobs. Now that is one way you can go ahead and monitor. Another thing is once it is protected, then you need not to go ahead and every day come here to see it. There is some set of information that you want to see for the protected items. So there is another view here which is protected items. In this view, you will be able to see the list of all your resources which are protected maybe just up or maybe sometime back in the past. So here is the list and as you see this is the virtual machine that we protected just now using Azure backup. So it's showing up as it's getting protected and currently because it will take some time for it to go ahead and do the validation and take the first full backup. That's why it is saying as pending protection. So service is doing the validation and other activities in the backend. But another thing to note here is this particular view helps you to not only understand the resources which are protected, but it also tells you have you configured or have you protected them enough. In terms of here you see the status of the resources in the primary region as well as the protection status for the resources in the secondary region. It's very important for the customers to protect the resources in more than one region because when the entire region is down having the protection in the secondary region enables them to still meet their business continuity goal. And when we recommend this we also have this recommendation documented in the business continuity center. So I just clicked on learn more about what is the importance of protecting the resources in primary and secondary region. That information is documented here so that customers understand the rationale behind why do we recommend it and how does that impact if you do not do that configuration as per the recommendation. So that's where you can go ahead and see the protection information for your protected items. Another thing is like I said we also have the option to see the various information based on whether you are looking forward for Azure resources or hybrid resources. Here if you notice it is currently showing the protection status of Azure resources you do have option to change. For example I also want to see the detention related information because for the compliance I need to make sure that they are retained for maybe more than seven years just a scenario. So here you can come and click on the retention information and click on okay and it will then help you to go ahead and see only that retention set of information. So as you notice now the columns here have changed the information that is shown up on the screen is now primary region retention and the secondary region retention. It shows that you have configured few resources with 30 days of retention few for 35 and few for other. So this becomes a single place from where you not only can see whether they are protected not protected protected in both the regions but also get the retention related information. Another thing to note is when you have a single solution selected here as your backup you can see those solution specific actions. So for example when I click on this resource as you notice here the action are getting highlighted. Same happens with if you select some another solution. So for example if I select as your site recovery as a solution I will be able to see the site recovery related actions like failover, test failover etc. But when you select the solution equal to all the common actions across the solutions will be shown up right in that case the solution specific action will not show up and only the enhanced protection recover etc will show up. Let me also introduce a new thing which is enhanced protection here. When you protect a resource with one solution it's enough it's of course if as long as you are able to get the protection in more than one region yes it serves the purpose right but if the solution is only helping you to protect in a single region then you might want to protect the same resource with another solution which can offer the protection in another region right. So like for example you can either use as your backup to protect in primary and secondary region port or you can also use as your backup to protect in the primary region and as your site recovery to protect in the secondary region or vice versa based on your RPA requirement. So when you have protected a resource with a single solution and you want to still add protection with some another solution you can use this enhanced protection as an action right. So for example here the virtual machines are protected with as your backup and I want to maybe also protect it with some more solutions I will be able to use this action and you will notice on this view that it is showing that because you have already used as your backup as a solution now from the solution you only get to select as your site recovery right. So that's the use of enhanced protection. So these are the two places from where you can understand if you have triggered the backup job or site recovery job how is the current progress and once it is protected what all information is available for you to look for on day to day basis. This is fantastic again makes me super happy so we can actually see all the resources how they are protected in which state they are but also then directly trigger for example to protect them or even enhance the protection to add more and I also like this view on the retention where I can see it in a single page I can actually see how long that is so I can actually check that so that's awesome. So at beginning we talked about how to onboard resources right so as an admin I usually can go and see which are the non protected resources but if my organizations for example sets up a lot of like let's say virtual machines I probably don't want to go in there every hour and select the virtual machines I want to to back up is there a way to automatically enroll VMs to be protected. Absolutely we do understand that the environments which are huge or large-scale environment you cannot go ahead and configure the protection for the resources on day to day and keep a trap of those resources as and when they are getting added and then protect them with available solutions right so what Azure business continuity center does is it has the list of all the built-in Azure policies right there available for the customers which can help customers automate these set of configurations so I will go ahead and show you this list of all the policies available which are the built-in policies and to your requirement you want to configure the backup for the virtual machines with the help of you know either a given tag or without a tag right so if you notice here is the policy that is actually going to help you to configure the backup on the virtual machine with the given tag to the new recovery services what so what you can do is you can use this policy assign it to specific scope maybe for example you want to assign it to specific subscription or for that matter resource group or even the management group once you do so automatically the policy that you have assigned all the resources which are getting created in that particular scope automatically will get protected right and once that is done this is the view where you can see all the list of policies there is another view which is protection compliance when you click on that here it will show you how many resources are compliant based on the scope that you have selected and how many are non-compliant so for example here is the machine here sorry here is the policy which is for configure the backup on virtual machine for a given tag out of which you can see only the 25 virtual machines are the one which are protected so this helps you understand the list of automated list of building policies which can help you achieve the automation and view the compliance against those fantastic again love to have that especially if I think about scenarios where customers have their prod subscriptions or they tag the resources with production and they want to obviously make sure that they're always backed up everything which is deployed in there so this is great use of Azure policy I love to see that and so my next and almost last question is about security and obviously ransomware is a big challenge for the industry right now do we have any features which can help with those challenges as well absolutely I align with the concern that you just raised it's it's very important for the customers nowadays to secure their resources from ransomware right on a similar front they also need to protect their data which is coming from the business continuity protection also to be secured against these ransomware attacks because that's the you know single point for them to recover when the resource goes corrupt so yes in the business continuity center we have specially designed a view which is security posture this particular view helps our customers to get the insights into how their security features are configured today this is limited to Azure backup as a solution here what you can see is all the resources have a specific security level assigned now this security level is generated by doing the assessment against these capabilities that the solution provides like for example Azure backup does provide the range of security capabilities at a vault level something to call out like soft delete multi-user authorization immutability etc right now for customers it is very much important that they understand the importance of these capabilities their major role in protection against the ransomware attacks so what we have done is to bring the awareness of for these capabilities we have designed this view where we are explicitly assessing the resources and calling out from the security perspective where their resources stand so as you see for few resources the security level is shown up as poor for few resources it is shown up fair etc right now this helps customer understand how these security levels look like for the resource now another question that might come to your mind is what exactly do you mean by poor fair right this is new i don't understand whether poor means good whether fair means good right so we do have the inbuilt guidance built in within business continuity center so if you click on learn more how available here it tells us about what do we mean by these levels it calls out underlying security settings which contribute for a resource to reach to this level so for example when i say the security level is excellent for a resource that means either the immutability or the softly must be enabled along with the lock as well as you must have the multi user authorization enabled right so users can understand that from the protection of security settings perspective they need to reach to if they want to reach to the excellent level these are the two settings which needs to be configured on a resource so that way users can not only understand the importance of the settings but they readily get the assessed view by which they understand where exactly their resource stands in terms of the security configuration so this really helps customers to make sure that they are configured secure in terms of you know protection against the threats like ransomware attacks malware attacks etc this is fantastic now you showed this view can i also see other configurations than security yes absolutely like i said business continuity center is going to become a single place for all your business continuity need any data protection need you have just come to business continuity center and you will get all the information so other other you know components that you can use for the configuration is the protection policies and the wards what is the storage entity in which all of your data is kept when you take the backup or data application right so if we get started with the protection policies protection policies is something where you use them to specify the schedule the retention for which you know the recovery points which are getting generated should be retained now this is a single place from which you can see those settings or those configurations applied using the as your using the as your protection policies across you know these walls so for example if i'm talking about these are the set of policies as you see it is for as your site recovery as well as as your backup and these policies if i want to go ahead and look for only the specific solution i can go ahead and filter that one here it will help me not only to understand how many resources are associated with this policy but it also tells me what is this frequency that i have configured what is the policy type i have used and do i also use this smart theory so mainly we focused on you pivoting this view around the rpo the recovery point objective and the cost related settings we wanted to make sure that these settings are bring upfront for the customers to understand how they are going to impact their recovery point objectives and how it can help them save the cost on a similar front on a vault as well we have made sure that all the settings that customers are going to require from the rpo and the cost perspective are bring upfront right there on the screen so as you see what is the redundancy that you have configured based on the redundancy you will get charged right so here it shows the redundancy that is configured also at a vault level how the security looks like because from the vault security the security is going to get applied to the resources also backup offers you to have the capability to restore the resources in the secondary region so have you configured that capability because if you have not it's going to impact your recovery point objective right so all these set of configuration either you use applied from the security perspective or from the schedule or retention or restorable restorability perspective all of those are right available in the business continuity center and you can go ahead and see those here fantastic this is absolutely great this is really the one place you need to go if you deal with business continuity so amazing so now obviously i'm very interested in it and i know that a lot of our viewers are probably now be interested in that as well where can people learn more hey we have well designed documentation available for our customers which helps them all of these concepts which i just walked you through along with how to articles to get started so customers can definitely have a look at the documentation and learn their journey and get started with the business continuity awesome thank you very much this was fantastic it was great to have you here and also thank you to everyone watching we obviously put all the links into the description below so i hope you enjoyed the video and see you in the next one