Search
StarWind is a hyperconverged (HCI) vendor with focus on Enterprise ROBO, SMB & Edge

Protect Microsoft 365 with Rubrik Polaris

  • December 2, 2021
  • 8 min read
IT and Virtualization Consultant. Romain is specializing in Microsoft technologies such as Hyper-V, System Center, storage, networking, and MS Azure. He is a Microsoft MVP and MCSE in Server Infrastructure and Private Cloud.
IT and Virtualization Consultant. Romain is specializing in Microsoft technologies such as Hyper-V, System Center, storage, networking, and MS Azure. He is a Microsoft MVP and MCSE in Server Infrastructure and Private Cloud.


Rubrik Polaris is a SaaS platform that centralizes backup management. Polaris enables to manage On-Premises Rubrik appliances and to backup / restore cloud environments such as M365, Azure, AWS, or GCP. The main advantage of this solution is that you manage your backups the same way whether it is a VM, a database, a mailbox, or a SharePoint site. Rubrik relies on SLA Domains to handle protection. It is in SLA domains you set backup frequency and retention. Then you apply this SLA domain to the item you want to backup. In this topic, I’d like to show you the steps to back up an M365 tenant.

Connect to M365 tenant

When you open Polaris, navigate to inventory and click on set up in Microsoft 365 square.

Open Polaris

The following window appears it describes the tasks to protect your M365 tenant. In the first task, you choose the location where you store backups and in the second step, you authorize Polaris to connect to your tenant.

N.B: Polaris is hosted in Microsoft Azure. So, when you choose the backup location, you choose an Azure region.

Microsoft 365 Setup

Next, select your Azure region where will be your backup data.

Select an Azure region

In the next step, you have to grant Polaris to access Exchange, Onedrive, Sharepoint et Teams. Click on sign in to Exchange Mailbox to allow Polaris to connect to Exchange.

Grant Polaris Access

Specify credentials of an account with the elevated privilege to create Polaris application in Azure AD and allow the following permissions to this application:

Create Polaris application in Azure AD

Next, you can do the same things for Onedrive, Sharepoint, and Teams.

You can do the same things for Onedrive, Sharepoint and Teams Create Polaris application in Azure AD 2 Onedrive Autorization SharePoint Autorization

Once Polaris has permissions for each M365 application, you can click on complete setup to end the process.

Click on complete setup to end the process

Add an enterprise app to improve performance

Polaris can open several connections to M365 to increase bandwidth. For each connection, Polaris requires an Azure AD enterprise application. This is why when you open for the first time the M365 dashboard in Polaris you get a warning to add an additional app to improve performance.

So in the dashboard, clock on Add 1 app to improve performance.

Add 1 app to improve performance Enterprise App Management

Then select the application to connect to Polaris.

Select the application to connect to Polaris

Then select Basic to allow Polaris to create the enterprise application and apply the right permissions.

Select a method to connect

Select the subscription and click on sign in to Exchange Mailbox.

Sign in to Exchange Mailbox

Once you have specified your credentials, the app is added.

The app is added

You can repeat the above steps for Onedrive and Sharepoint. Once all apps are added, all services should be green.

Repeat the above steps for Onedrive and Sharepoint

Create an SLA domain

An SLA domain is an object that will define your backup policy. To create an SLA domain, navigate to the SLA domain and click on Create SLA domain.

Create SLA domain

Specify the name of the SLA domain and choose what you want to protect with it.

Select object types

Next specify the backup frequency and your retention policy.

Frequency and your retention

Then click on create.

Click on create

Protect mailbox, OneDrive, SharePoint and Teams

Open the M365 dashboard and select view users in Exchange Mailbox.

Select view users in Exchange Mailbox

Select Groups and click on Authorize Microsoft 365 Management APP.

Authorize Microsoft 365 Management APP

Provide credentials and allow Polaris to get the following permissions.

Provide credentials and allow Polaris

Now that permissions are added, you can add Azure AD group to Polaris. For that click on Next.

Add Azure AD group to Polaris

Then select groups you want to add to Polaris.

Select groups you want to add to Polaris

Now select a group where users you want to protect belong and click on manage protection.

Manage protection

Select the SLA Domain you created before and click on next.

Select the SLA Domain

To start the protection, click on assign.

Start the protection

You can repeat these steps to protect the Sharepoint site and Teams.

When SLA domains are assigned, Polaris will start backup soon. You can open the M365 dashboard in Polaris to check if the protection is working.

Open the M365 dashboard in Polaris

Conclusion

In this topic, we have seen how to protect M365 from Rubrik Polaris and it was really easy and step forward to backup mailbox, Onedrive, Sharepoint, and Teams. In the next topic, I’ll show you how to restore data from these backups.

Found Romain’s article helpful? Looking for a reliable, high-performance, and cost-effective shared storage solution for your production cluster?
Dmytro Malynka
Dmytro Malynka StarWind Virtual SAN Product Manager
We’ve got you covered! StarWind Virtual SAN (VSAN) is specifically designed to provide highly-available shared storage for Hyper-V, vSphere, and KVM clusters. With StarWind VSAN, simplicity is key: utilize the local disks of your hypervisor hosts and create shared HA storage for your VMs. Interested in learning more? Book a short StarWind VSAN demo now and see it in action!