All of the technologies we have discussed so far operate internally to a system. They perform their backup and restore operations from the inside of a running machine. In the following sections we will explore some data protection technologies that operate externally and some of the situations that make that capability necessary.

Companies that have acquired a lot of virtual machines may have to consider doing some of their image backups at the hypervisor level. Many virtual appliances do not provide a built-in means of backup, or perhaps only a configuration dump, and many others have only a management interface for the network port and no backup capability at all.

On most virtual appliances, you generally also cannot install a block-level backup tool to take running image backups from inside the appliance. The best option you are left with that will give acceptable restore performance in a total disaster would be to take an image backup of the virtual machine through the hypervisor.

Virtual server backups are also preferred in environments with many virtual machines for greater ease of management.

However, virtual server backup products are not universal. They are specific to one hypervisor, and you can only restore virtual server backups directly onto one type of hypervisor. You need to be aware of that before you move forward with virtual server backup in your recovery plan. If you plan to have a secondary site, you need to make sure the hosts in the secondary site will be able to receive your virtual machine backups, and you need to be sure that recovered machines can quickly get back into production with minimal interruption or reconfiguration.

The software and architecture you have chosen to run your virtual environment needs to support your data protection goals, reflect your restore priorities, and meet your recovery performance requirements. This can only be assured through regular testing of your disaster recovery procedures.

At a minimum, a good virtual machine backup will give you at least all of the following capability:
Create full and incremental backups of your virtual disks on separate full and incremental schedules

• Provide an easy means of restore to any host
• Compress the backup data to conserve backup storage
• Retain a history of past backups for however long you want
• Send you an email report of backup progress/status

While a great virtual machine backup will give you even more capability and flexibility:

• Have some form of CBT (changed block tracking) for creation of incremental backups very rapidly and very often
• Provide a means of sending the images to cloud storage for recovery of machines in a cloud or secondary site
• Provide a centralized management where you can monitor and administer all of your backups in one place

Similar to image backups, you will have to create a backup schedule and retention policy that can work with your backup storage and meets the requirements of your recovery plan. You also need to make sure that your virtual storage is compartmentalized in accordance with your restore priorities.
While they trade operational convenience for reduced restore flexibility, the merits, use cases, and caveats of virtual server backups and restores are in large part very similar to block-level image backups.

Virtual Machine Snapshots

Another form of data protection that operates externally from a production system is the virtual machine snapshot. A virtual machine snapshot is the data and configuration states of a virtual machine that are frozen in read-only files on the hypervisor storage. Snapshot data is inaccessible from guest VMs and you can revert to a snapshot state instantaneously.

While the application of this technique is limited to virtualized environments, and the locality of VM snapshot data on production storage makes the snapshots worthless in a complete physical disaster, that locality also gives the snapshots a dramatic restore performance advantage over conventional backups in all other situations.
In those situations, a snapshot restore could be the preferred option and an image restore would be the last resort.

Truly, the fastest restore operations will be the ones that do not require any data transfer, any configuration, or really, any time at all to execute them before the affected system is back in production.

While snapshots cannot protect you from data loss in a total disaster, they will protect individual virtual machines from downtime in any disaster where the scope of that disaster is limited to that virtual machine.

If you have a file server being compromised by ransomware you will find that all files gets encrypted extremely fast, rendering the entire server useless in minutes. You can recover the server by restoring the file level backup or the image backup, but while these full system restores are effective, they are also time consuming, and all you really need is the ability to restore the server to the last good snapshot before the server got hit with the virus.

There are many scenarios involving virtual appliances such as phone systems, security systems, network appliances, spam filters, web servers, chat servers, or other fixed-function appliances where there is no production data changing on the appliance, but a configuration issue prevents you from using the appliance. Worse, a software update or new configuration could have gone wrong and you are unable to log into the appliance directly in order to make corrections.