- Azure Sentinel—A real-world example - Tue, Oct 12 2021
- Deploying Windows Hello for Business - Wed, Aug 4 2021
- Azure Purview: Data governance for on-premises, multicloud, and SaaS data - Wed, Feb 17 2021
Of these three, DPM has some interesting improvements in this release, whereas the others received very little TLC. The basics are covered. They can all now run on Windows Server 2012 R2, with SQL 2012 as the backend, and they support Windows 8.1 or Windows 2012 R2 as clients where applicable.
Data Protection Manager ^
In the move to make sure all products in the System Center suite can be virtualized, the fact that DPM can run as a VM is probably the biggest new feature in R2. You can run DPM in a VM in production (which hasn’t been supported until now), and you can store backup data on VHD storage pool disks through the VMM library.
If you want to virtualize DPM, be aware that if you back up to tape today, the only drive type that can be connected to a VM is an iSCSI drive (and you need a dedicated NIC for that connection). Also, if you’re planning to store backup data on VHD files, be aware of all the limitations: in short, no VHD on storage spaces, no disk deduplication, and no BitLocker or NTFS compression. The sentence indicating that “performance can suffer in scaled up environments using VHDX files compared to SAN” in the same TechNet article really doesn’t create confidence.
A genuinely useful new feature is Linux VM backups, which can now be done while the VM is running, whereas previous versions would pause the VM (briefly) while creating the snapshot. Be aware that this is a file-consistent—not an application-consistent—backup, as there are no VSS writers for Linux applications.
Planning your Protection Groups and schedules is a key part to maximize the benefit of DPM.
Another thing to take into account is your domain/forest structure. If you have a separate forest for hosts versus VMs, setting up DPM to back up both environments becomes a tricky proposition. Mostly, you’ll want to back up from the host side, since it’s cheaper to have a DPM agent on the host compared to having one in each VM, but there are cases such as SQL Server and Exchange where only an agent in the VM gives you the full experience for restores.
The backend of DPM has received some attention. Now, there’s a SQL database for each DPM server, making it easier to spread the load across multiple servers. DPM also supports SQL clusters, for the first time, which should improve reliability. However, it only stores metadata and indexes in the database; the actual backed-up data is stored on disks or tapes.
The extra flexibility around the backend database for DPM is welcome.
Not strictly new in R2 (as it was added in 2012 SP1) is the ability to back up to Azure. Unlike a vanilla Windows Server backup, this lets DPM back up Hyper-V VMs and SQL databases (but still not System state or Exchange).
App Controller ^
I really think Microsoft hasn’t figured out their “self-service console” story. There has been a new console in almost every version of Virtual Machine Manager, followed by the System Center 2012 release where App Controller was poised to take over. The unique point to App Controller is that it can connect to multiple Virtual Machine manager private, on-premises, clouds as well as one or more Azure subscriptions. Furthermore, it can connect to third-party hosted clouds that use the free Service Provider Foundation (SPF). So, you can manage your on-premises VMs, third-party clouds, and Azure resources in one web-based console.
But with the 2012 R2 release, Microsoft provided Windows Azure Pack, which is another console for self-service provisioning. Built on the old (since the new Azure DevOps preview portal was announced at Build 2014) console that Microsoft uses in Azure, this allows you to offer self-service provisioning of VMs, networks, and databases on your on-premises infrastructure only.
So where does that leave App Controller in 2012 R2? Well, the only new feature is that it can connect to Virtual Machine Manager 2012 R2 (and that’s the only version it can connect to). That’s it.
My suggestion for Microsoft? Two options. One is to expand App Controller to do the same as the Azure Pack for on-premises as well as connect to Amazon Web Services, so ALL public and private cloud resources can be managed from one console. Or, ditch App Controller and use the Azure Pack to manage both on-premises and Azure; after all, the console was originally built for Azure, so it shouldn’t be hard.
Whichever you select, please stick with one or the other, not another self-service console in SC vNext.
This is another product that seems to have fallen between the chairs a bit. Introduced in SC 2012 as a way to visually automate IT tasks, and built on the Opalis acquisition, it offered a great way to build runbooks. But then Service Management Automation (SMA) was released, which is the backend for the Azure Pack—not Orchestrator (although the two work together).
That seems to be reflected in the lack of new features in the R2 release. The only new features are that you can create runbook workers for the Azure Pack, a new Integration Pack (IP) for SharePoint and you will see some updates to the Orchestrator IP and the Virtual Machine Manager IP.
If you have Windows 2012 R2/8.1 in production, upgrading to System Center 2012 R2 makes sense; just don’t expect any big surprises in the three products covered here. I really like DPM, but, to be taken seriously in the Enterprise space, it needs built-in data deduplication (not just the ability to back up deduped data but to dedupe the data it’s storing).
And Orchestrator is still an excellent product that’s fun to play with. I just wish Microsoft had added some great new features.