N2WS Backup & Recovery (CPM), known as N2WS, is an enterprise-class backup, recovery and disaster recovery solution for the Amazon Web Services (AWS). Designed from the ground up to support AWS, N2WS uses cloud-native technologies (e.g. EBS snapshots) to provide unmatched backup and, more importantly, restore capabilities in AWS.
N2WS is sold as a service. When you register to use the service, you get permission to launch a virtual Amazon Machine Image (AMI) of an EC2 instance. Once you launch the instance, and after a short configuration process, you can start backing up your data using N2WS.
Using N2WS, you can create backup policies and schedules. Backup policies define what you want to back up (i.e. Backup Targets) as well as other parameters, such as:
- Frequency of backups
- Number of backup generations to maintain
- Whether to copy the backup data to other AWS regions, etc.
- Whether to back up a resource immediately
- Backup targets can be of several different types, for example:
- EC2 instances (including some or all of the instance’s EBS volumes
- Independent EBS volumes (regardless of whether they are attached and to which instance)
- Amazon Relational Database Service (RDS) databases
- RDS Aurora clusters, except for Aurora Serverless
- Redshift clusters
- DynamoDB tables
- Elastic File System (EFS)
In addition to backup targets, you also define backup parameters, such as:
- In Windows achieving application consistency using Microsoft Volume Shadow Copy Service (VSS)
- Running backup scripts
- Number of retries in case of a failure
Schedules are used to define how you want to time the backups. You can define the following:
- A start and end time for the schedule
- Backup frequency, e.g. every 15 minutes, every 4 hours, every day, etc.
- Days of the week to run the policy
- Special times to disable the policy
A policy can have one or more schedules associated with it. A schedule can be associated with one or more policies. As soon as you have an active policy defined with a schedule, backups will start automatically.
N2WS is available in several different editions which support different usage tiers of the solution (e.g. number of protected instances, number of AWS accounts supported, etc.) The price for using the N2WS software is a fixed monthly price which varies between the different N2WS editions.
To see the different features for each edition, along with pricing and details, go to the N2W Software Web site. Once you subscribe to one of N2WS’ editions, you can launch an N2WS Server instance and begin protecting your AWS environment. Only one N2WS Server per subscription will actually perform a backup. If you run additional instances, they will only perform recovery operations (see section 1.3.3).
Moving between N2WS Editions
If you are already subscribed and using one N2WS edition and want to move to another that better fits your needs, you need to perform the following steps:
Note: Before proceeding, it is highly recommended to create a snapshot of your CPM data volume before proceeding. You can delete that snapshot once your new N2WS Server is up and running. The data volume is typically named CPM Cloud Protection Manager Data.
Terminate your existing N2WS instance. It is recommended to do so while no backup is running.
Unsubscribe from your current N2WS edition. It is important since you will continue to be billed for that edition if you don’t cancel your subscription. You will only be able to unsubscribe if you don’t have any running instances of your old edition. You manage your subscriptions on the AWS Marketplace site in the Your Software page.
Subscribe to the new N2WS Edition and launch an instance. You need to launch the instance in the same Availability Zone (AZ) as the old one. If you want to launch your new N2WS Server in a different zone or region, you will need to create a snapshot of the data volume and either create the volume in another zone or copy the snapshot to another region and create the volume there.
During configuration, choose Use Existing Data Volume and select the existing data volume.
Once configuration completes, continue to work with your existing configuration with the new N2WS edition.
If you moved to a lower N2WS edition, you may find yourself in a situation where you exceed the resources your new edition allows. For example, you used N2WS Advanced Edition and you moved to N2WS Standard Edition, which allows fewer instances. N2WS will detect such a situation as a compliance issue, will cease to perform backups, display a message, and issue an alert detailing the problem.
To fix the problem:
Move back to an N2WS edition that fits your current configuration, or
Remove the excessive resources, e.g. remove users, AWS accounts or instances from policies.
Once the resources are back in line with the current edition, N2WS will automatically resume normal operations.
The N2WS Server is a Linux based virtual appliance. It uses AWS APIs to access your AWS account. It allows managing snapshots of EBS volumes, RDS instances and clusters, Redshift clusters, and DynamoDB tables. Except in cases where the user chooses to install our Thin Backup Agent for Windows Servers, N2WS does not directly access your instances. Access is performed by the agent, or by a script that the user provides, which performs application quiescence.
N2WS consists of three parts, all of which reside on the N2WS virtual server:
A database that holds your backup-related metadata.
A Web/Management server that manages metadata.
A backup server that actually performs the backup operations. These components reside in the N2WS server.
The N2WS architecture is shown in Figure 1-1. N2WS Server is an EC2 instance inside the cloud, but it also connects to the AWS infrastructure to manage the backup of other instances. N2WS does not need to communicate or interfere in any way with the operation of other instances. The only case where the N2WS server communicates directly with and has the software installed on, an instance, is when backing up Windows Servers for customers who want to use Microsoft VSS for application quiescing. If you wish to have VSS or script support for application quiescence, you will need to install the N2WS Thin Backup Agent. The agent will get its configuration from the N2WS server, using the HTTPS protocol.
The N2WS instance is an EBS-based instance with two EBS volumes. One is the root device, and the other is the CPM data volume. All persistent data and configuration information reside on the data volume. From N2WS’ perspective, the root device is dispensable. You can always terminate your N2WS instance and launch a new one, then using a short configuration process continue working with your existing data volume.
Although you have access to the N2WS Server instance via SSH, N2W Software expects the N2WS Server instance will be used as a virtual appliance. N2W Software expects you not to change the OS and not to start running additional products or services on the instance. If you do so and it affects N2WS, N2W Software will not be able to provide you with support. Our first requirement will be for you to launch a clean N2WS server.
Note: Remember that all your changes in the OS will be wiped out as soon as you upgrade to a new release of N2WS, which will come in the form of a new image (AMI). If you need to install software to use with backup scripts (e.g. Oracle client) or you need to install a Linux OS security update, you can. N2W Software recommends that you consult N2W Software support before doing so.
Backing up the N2WS Server
N2WS server runs on an EBS-based instance. This means that you can stop and start it whenever you like. But if you create an image (AMI) of it and launch a new one with the system and data volume, you will find that the new server will not be fully functional. It will load and will allow you to perform recovery, but it will not continue performing the backup as this is not the supported way to back up N2WS servers. What you need to do, is to back up only the data volume, and to launch a fresh N2WS server and connect it to a recovered data volume (see section 11.4.3).
N2WS needs connectivity to AWS endpoints to be able to use AWS APIs. This requires Internet connectivity. If you need N2WS to connect to the Internet via an HTTP Proxy, that is fully supported. During configuration, you will be able to enable proxy use and enter all the required details and credentials: proxy address, port, user and password. User and password are optional and can be left empty if the proxy server does not require authentication. Once you configure proxy settings at the configuration stage, they will also be set for use in the main application. In any event, proxy settings can be modified at any time in the Proxy section of the General Settings screen in the main N2WS application.
Multiple N2WS Servers
If you are trying to launch multiple N2WS servers of the same edition in the same account, you will find that from the second one on, no backup will be performed. Each such server will assume it is a temporary server for recovery purposes and will allow only recovery. Typically, one N2WS server should be enough to back up your entire EC2 environment. If you need more resources, you should upgrade to a higher edition of N2WS. If you do need to use more than one N2WS server in your account, contact N2W Software support.
Upgrading the N2WS Server Instance
At certain times, you may need to terminate the current N2WS Server instance and start a fresh one. The typical scenario is upgrading to a newer N2WS version or update the N2WS edition.
To upgrade/restart the N2WS Server Instance:
- Launch a new N2WS Server instance in the same region and AZ as the old one. You can launch the instance using the Your Software page on the AWS web site.
- To determine the AZ of the new instance or to launch it in a Virtual Private Cloud (VPC) subnet, launch the instance using the EC2 console rather than using the 1-click option.
- Terminate the old instance, preferably while no backup is being performed. Wait until it is in the terminated state.
Recommended: Go to the Volumes view in the AWS Management Console and create a snapshot of the CPM data volume. The volume is typically named CPM Cloud Protection Manager Data. The snapshot is only needed in the event there is a problem with the upgrade process and it can be deleted afterward.
When the new instance is in the running state, connect to it with a browser using HTTPS.
Approve the exception to the SSL certificate.
Choose Use Existing Data Volume and paste in your AWS credentials.
Select your old data volume from the list of volumes to complete the configuration process. Operations will resume automatically.
If you are using backup scripts that utilize SSH, you may need to login to the N2WS Server once and run the scripts manually, so the use of the private key will be approved.
As part of the cloud ecosystem, N2WS relies on web technology. The management interface through which you manage backup and recovery operations are web-based. The APIs which N2WS uses to communicate with AWS, are web-based. All communication with the N2WS server is done using the HTTPS protocol, which means it is all encrypted. This is important since sensitive data will be communicated to/from the N2WS server, for example, AWS credentials, N2WS credentials, object IDs of your AWS objects (instances, volumes, databases, images, snapshot IDs, etc.).
Most interactions with the N2WS server are done via a web browser.
N2WS supports Mozilla Firefox, Safari, Google Chrome, and Microsoft Internet Explorer (version 9 and newer).
N2WS will not work for IE versions 8 and older.
Other browsers are not supported.
For Firefox and Chrome users who would like to remove the browser warnings for the default certificate, see the Appendix section of the Quick Start Guide for instructions.
If you want to view a getting-started tutorial or try the fully-functional N2WS free for 30 days, go to the AWS Marketplace at https://n2ws.com/support/video-tutorials/getting-started. Follow the instructions in the How to Install Cloud Protection Manager video.
Note: It is not necessary to reinstall N2WS after purchasing a license.
It is now possible to have a free trial of N2WS with the usage limitations customized for your specific AWS infrastructure. Contact N2W Software sales at firstname.lastname@example.org to start your customized free trial. The N2W Software sales team may provide a reference code for your customized installation.