Welcome to this module on designing a backup strategy for Azure Virtual Desktop. In this module, we will cover the following topics:

• We will walk through a demo of how to back up VMs with Azure Backup
• Next, we will walk through a demo of how to back up VMs with site recovery
• And finally,  we will look at how to back up VMs with snapshots

Let’s start this module with walking through a demo of backing up a virtual machine by using the Azure Native service called Azure Backup.

Here we are logged into our Azure Portal. We need to navigate to the virtual machine we want to backup first so we click on virtual machines.  We have two VMs here, so let’s click on ‘Demo VM’.  Here we now see the overview page, but we need to navigate down the multiple options on this VM until we see backup.

Now as we can see we have not set any backups for this VM yet, so we first need to select the recovery services vault.  We can either select an existing one or create a new one.  For the purpose of this demo let's create a new one.  We then need to give the backup vault a name which we are going to leave as the default value which is automatically set.  Ensure you have the correct resource group selected for where you want the recovery vault to reside which in our case we do.  

Now we need to set our backup policy so we will click on edit this policy.  We are going to leave the policy name, then we can move down to ‘backup schedule’.  Here we can select the frequency of the backup, so daily or weekly.  We can then set the time we want the backup to start and then make sure we set the relevant time zone.  We then select the number of instance recovery snapshots, in our example, we will leave this set as two, however, you can set this to whatever your backup policy requires.  Finally, we need to set the number of weekly, monthly and yearly backup retentions we want as part of our schedule.  Once we are happy with the settings we can have a final quick review of our settings before creating the backup.

Let’s just take a look at the backup blade on the VM again.  Now you can see our options are different.  We can see the number of restore points and now at the top we can see an option to run a backup now, restore a VM once we have some backups, do a file recovery and stop the backup.

Now let's do a walk-through demo of configuring Azure Site recovery for a virtual machine.  Here we are again in the Azure portal.  We navigate to the virtual machine we want to set up with replication, and whereas before we selected the backup pane, we are now going to select the Disaster recovery pane.

The first item we need to configure is the target zone.  There are a whole host of supported geographical regions which support replication.  With our primary location being UK South, we are going to leave the default region of the East US.  Let’s click on Advanced settings at the top now.  Here we have a few different values we need to configure, including the target subscription, VM resource group, virtual network, availability group, and proximity placement if applicable.  Due to me having no resources in the East US region, most of these resources are all going to be new.  

We then need to look at the capacity reservation group which allows you to reserve compute resources in the target region. Finally, we can specify any storage settings like the disk type, replication settings or extension update settings.  We can then review our final configuration and start the replication process

For this final demo in this module, we are going to show how we can snapshot virtual machines and use this as a backup.  We are back in the Azure portal for the final time in this module and once again navigating to the virtual machine we want to snapshot.  Now we are actually going to snapshot the OS disk, so we select disks and then the OS disk.

Here we see the Create Snapshot option so we select this.  Now we need to enter all the relevant values like a name, subscription, and resource group.  We also need to decide on the snapshot type, do we want a full read-only copy, or do we want to use an incremental snapshot and save on disk space.

The rest of the settings are locked in and grayed out so we cannot change them.  Let’s move on to the encryption options, and here we can either use encryption at-rest with a platform-managed key, which is default.  Or we can use encryption at-rest with a customer-managed key, or finally, we can use double encryption with platform-managed and customer-managed keys.  We will leave it the default setting and move into networking.

With network connectivity, we can either allow Public endpoints which are all networks, Private endpoints which are through disk access, or deny all network connectivity.  We are going to leave it in public and move on to tags.  Here, as with most Azure resources, you can set any tags you may be required to set, then finally you can review and create your snapshot backup