Specify network configurations for disaster recovery

Microsoft Azure provides several services and solutions that help to design, implement, and manage disaster recovery, enabling SAP applications to stay up and running during unexpected events. The following are various ways to configure your network for disaster recovery in Azure:

Azure Virtual Network

Azure virtual network (VNet) is the cornerstone of Azure networking. It enables Azure resources to securely communicate with each other, the internet, and on-premise networks. One way to incorporate disaster recovery planning into your Azure VNet is by creating redundant connectivity. This involves establishing two or more connections from your on-premises network to Azure, ensuring that if one connection goes down, another can take over.

Example:

azure_subnets:
– name: sap-subnet
address_prefix: 10.0.1.0/24
id: /subscriptions/{subscriptionId}/resourceGroups/{rgName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName}

Azure ExpressRoute

Azure ExpressRoute is a dedicated, private connection from your organization’s infrastructure to Azure’s data centers. It offers increased reliability, faster speeds, and lower latitudes than typical internet connections. ExpressRoute circuits also support failover, enabling a secondary connection if the primary one fails, adding a vital layer to the disaster recovery strategy.

Azure Traffic Manager

Azure Traffic Manager allows you to control the distribution of user traffic to service endpoints in different locations. This service can significantly aid in disaster recovery when coupled with Azure’s load-balancing capabilities. For example, if a critical application crashes, Traffic Manager will automatically route users to the nearest available service endpoint.

To create a Traffic Manager in Azure, you need to specify various routing methods. For instance, the `Priority` method allows you to use a primary service endpoint for all traffic, and when that endpoint is unavailable, traffic is routed to the next-highest priority endpoint.

Azure Virtual WAN

Azure Virtual WAN simplifies branch-to-branch connectivity. It enables you to interconnect Azure VNets, on-premises networks, and individual users. Configuring robust disaster recovery procedures can be achieved by creating hub-and-spoke networks using Azure’s centralized hub.

Besides these, Azure Site Recovery should also be part of your disaster recovery plan. It is Azure’s native disaster recovery as a service (DRaaS), which contributes to business continuity and disaster recovery (BCDR) strategy by orchestrating and automating replication, failover, and recovery of workloads.

To conclude, configuring your network to handle potential disasters is crucial for any SAP workload running on Azure. It ensures business continuity, minimizes downtime, and safeguards your data. Understanding these concepts will be critical to excel in the AZ-120 Planning and Administrating Azure for SAP Workloads exam.

Practice Test

1) True or False: Azure Site Recovery is not a service offered as part of the Azure disaster recovery plan specifically intended for SAP workloads.

• Answer: False

Explanation: Azure Site Recovery is a service provided by Azure that helps ensure business continuity by keeping the SAP business applications up and running during outages.

2) In a disaster recovery plan for Azure, which of the following services is not included?

• a) Azure Backup
• b) Azure Site Recovery
• c) Virtual Machines
• d) Azure Nature Recovery

Answer: d) Azure Nature Recovery

Explanation: Azure Nature Recovery is not a service provided by Azure. Azure Backup, Azure Site Recovery, and Virtual Machines are all part of Azure’s disaster recovery plan.

3) True or False: All Azure regions provide the same disaster recovery functionalities for SAP workloads.

• Answer: False

Explanation: Different regions may have different features, services, and resources, and it is essential to review the functionality of each region before choosing it for disaster recovery.

4) During disaster recovery, the strategy of moving workloads to another region during a disaster event is known as:

• a) Regional transfer
• b) Geographical continuity
• c) Geo-redundancy
• d) Azure Recovery Vault

Answer: c) Geo-redundancy

Explanation: Geo-redundancy is part of the disaster recovery plan in which during a disaster event, workloads get moved to another region to ensure the continuity.

5) True or False: Azure Backup is only meant to recover data after a user accidentally deletes it, and it’s not a part of disaster recovery.

• Answer: False

Explanation: Although Azure Backup can restore deleted data, it is also an integral part of Azure’s disaster recovery strategy that preserves and restores data in the event of a disaster.

6) Which of the following are ways to ensure network redundancy for disaster recovery in Azure? (multiple selects)

• a) Implementing multiple VPN Gateways
• b) Utilizing Azure Load Balancer
• c) Using a single, centralized network hub
• d) Enable Azure Traffic Manager

Answer: a) Implementing multiple VPN Gateways, b) Utilizing Azure Load Balancer, d) Enable Azure Traffic Manager

Explanation: All the mentioned points except ‘Using a single, centralized network hub’ are ways to ensure network redundancy.

7) In mapping disaster recovery strategies, a lower RPO (Recovery Point Objective) aims for:

• a) Longer data restoration period
• b) Recovery in real-time
• c) Slower recovery speed
• d) High loss of data

Answer: b) Recovery in real-time

Explanation: A lower RPO means the system tries to restore data up to the point just before the disaster happened, which is essentially real-time recovery.

8) True or False: Azure provides no tools for testing your disaster recovery plan without impacting production workloads.

• Answer: False

Explanation: Azure Site Recovery provides the ability to perform non-disruptive recovery plan testing without impacting production workloads.

9) Which Azure service would you use to manage network traffic between different regions?

• a) Azure Traffic Controller
• b) Azure Network Manager
• c) Azure Traffic Manager
• d) Azure Network Traffic Analyst

Answer: c) Azure Traffic Manager

Explanation: Azure Traffic Manager allows users to control the distribution of network traffic across regions and ensures availability and responsiveness.

10) True or False: For SAP applications on Azure, it is recommended to have separate disaster recovery strategies for the database and application tiers.

• Answer: True

Explanation: Having separate strategies for the database and application tiers provides more flexibility and ensures that each tier is adequately protected.

Interview Questions

What is Azure Site Recovery (ASR) and how does it relate to disaster recovery?

Azure Site Recovery (ASR) is a service provided by Microsoft Azure to ensure business continuity by keeping business applications and workloads running during outages. ASR makes replication, failover, and recovery of workloads possible, making it a crucial component of disaster recovery.

What is the purpose of an Azure Backup in terms of disaster recovery?

Azure Backup offers a simple yet effective solution for protecting data in the cloud against any loss. It helps restore data from a specific point in time, ensuring business continuity in case of a disaster, accidental deletion, corruption or ransomware attack.

What recovery point objective (RPO) and recovery time objective (RTO) does Azure Site Recovery guarantee?

Azure Site Recovery guarantees an RPO of less than 15 minutes and an RTO of less than 2 hours. The service is designed to meet these stringent requirements for enterprise-grade disaster recovery.

Which Azure service helps in automating the order of the multi-tier applications running on multiple virtual machines in Azure?

Azure Automation Runbooks helps in automating the order of multi-tier applications running on multiple virtual machines in Azure, which is pivotal during disaster recovery scenarios.

What does Azure Traffic Manager do during a disaster recovery scenario?

Azure Traffic Manager automatically handles network traffic, redirecting it to a different region in case of a regional outage. This ensures the continued availability of the application by providing automatic failover capabilities.

What additional configurations are needed when deploying Azure Site Recovery for an SAP workload?

For SAP workloads, Azure Site Recovery requires disk exclusions for SAP swap and temp file systems. SAP HANA databases should be backed up using Azure Backup or other HANA-certified solutions.

What is the function of the Azure Recovery Services vault in recovery strategies?

The Azure Recovery Services vault is a backup data management and disaster recovery solution, storing backup data and managing recovery scenarios. It helps orchestrate disaster recovery and manages the backup policies.

How does Azure Site Recovery assist in the migration of on-premises SAP applications to Azure?

Azure Site Recovery can assist in migrating on-premises SAP applications to Azure by replicating these applications on Azure. The service ensures that the application is fully functional in the Azure environment before switching operations.

What happens during the failover process with Azure Site Recovery?

During the failover process with Azure Site Recovery, data in the secondary location is brought online and ready for use. This involves executing planned failovers or unplanned failovers depending on the scenario.

Where should SAP transaction logs be placed in Azure to ensure they are part of the disaster recovery plan?

SAP transaction logs should be placed on Azure premium storage to ensure that they are part of the disaster recovery plan. This means they can be replicated and restored as part of Azure Site Recovery.

Can you restore individual files or folders with Azure Backup?

Yes, Azure Backup allows for granular recovery of files and folders. This is particularly useful when dealing with situations where only specific files or folders have been impacted by a disaster and need to be restored.

How are data transfer costs managed in Azure Site Recovery?

Azure Site Recovery includes built-in data transfer at no extra cost, which means that both inbound and outbound data transfers associated with replication of data, regardless of quantity, are included in the pricing for disaster recovery.

What is the recommended practice for ensuring high availability of SAP HANA database during a disaster recovery scenario?

The recommended practice is to use Azure Site Recovery in combination with SAP HANA System Replication (HSR), which replicates data at a database level, ensuring high availability and business continuity during a disaster recovery scenario.

How does Azure Site Recovery handle potential data loss during disaster recovery?

Azure Site Recovery provides a near-zero RPO (Recovery Point Objective), which minimizes data loss by frequently replicating changes from the primary site to the secondary site as they happen. This ensures that potentially lost data is reduced to a minimum.

What kind of network connectivity is required for Azure Site Recovery to operate effectively?

Azure Site Recovery requires sufficient network connectivity between the primary and recovery sites to replicate data and changes. This typically involves either dedicated VPN links, Azure ExpressRoute connections, or the internet.