Upcoming Changes in Replibit Release 9.0.0
IMPORTANT! Please read this advisory carefully.
Replibit partners are advised of the following important changes in the 9.0.0 release.
Please read this advisory carefully and contact Axcient Support with any questions prior to the release of 9.0.0.
Replibit Release 9.0.0 is scheduled for staggered release to partners between Dec 16-30, 2019.
Advisory #1 - Changes to Default Retention Policy
Beginning with 9.0.0, the default retention policy setting for protected systems is changing.
Important: Existing protected systems configured with the pre-existing default retention setting of ‘Basic: 120 Days’ will be updated to the new retention policy.
The new default retention policy is now :
- Keep all snapshots for 14 days
- Keep the last daily snapshot for 30 days
- Keep the last weekly snapshot for 10 weeks
- Keep the last monthly snapshot for 6 months
Note that the retention period for daily, weekly, monthly, and yearly snapshots starts AFTER the 14 days of keep-all snapshot. (e.g., keep all for 14 days, then keep 1 daily snapshot for the NEXT 30 days, for 44 days total, etc.)
Once version 9.0.0 is installed, any protected system configured with the pre-existing default retention setting of ‘Basic: 120 Days' will be changed to the above tiered policy and intermediate snapshots will removed.
No action is required on your part to automatically inherit this tiered retention policy.
Any retention polices that have been modified from the default Basic 120 Days will NOT BE UPDATED.
If you prefer to keep a ‘Basic’ retention mode similar to the current default to retain ALL SNAPSHOTS for 120 days, you must take action NOW before the v9.0.0 update is deployed to your devices.
What to do
If you are currently using the original default retention policy and do not wish to accept the new default policy, you must change the current policy to something other than ‘Basic: 120 days’ before the 9.0.0 release is installed. For example, change to ‘Basic: 121 days’ or some other tiered retention setting of your liking.
Note this must be updated on each appliance and vault in use and cannot be done globally.
To change your existing retention policy, login to the affected device(s) and navigate to the Protected Systems page. From the Protected Systems Details page of each protected system on the device, change the retention policy settings to something other than ‘Basic: 120 days’
Why are we making this change?
- The legacy retention policy is extremely wasteful of disk storage and is not in line with best practices for retention. Switching to a tiered retention policy provides for a significant reduction in total disk usage without materially altering the ability to recover data from an extended historical period.
- The new tiered default retention policy represents a good baseline, balancing the need to keep a reasonable number of historical backups available for recovery against storage constraints.
- The new default policy provides 2 additional months of total recoverability (120 days vs 6 monthly recovery points) while significantly reducing the total storage requirements for existing protected systems.
All partners currently using any type of ‘Basic’ retention policy are strongly encouraged to switch to an equivalent ‘Tiered’ policy in order to save disk space on your BDR appliances.
Advisory #2 - Snapshot Deletion Protection
Due to the increase in malicious attacks targeted against MSP’s and their backup data, Axcient is taking steps to ensure partners have enough recovery point options available in the event that their backup appliances become compromised. Release 9.0.0 includes an enhancement to the Safety Archive feature originally released in the previous 8.5.0 version.
With this new release, a set of the most recent backup snapshots will be protected from deletion. This includes both manual and automated snapshot deletions.
If partners have BDR devices deployed that are extremely tight on storage space and cannot tolerate retaining the protected snapshots, your storage pool may become full after upgrading to 9.0.0.
To address this issue, partners are advised to disable automatic updates for such affected units and perform a manual upgrade to 9.0.0 with the assistance of Axcient Support.
After performing a manual upgrade, Axcient Support can apply a temporary patch to the system to ensure backups continue properly. Additional steps will be implemented in a future release to more permanently address this issue.
To disable automatic updates, login to your affected device(s), navigate to Settings -> Update Manager and deselect the ‘Enable Auto Update’ option.
The Axcient Support team will be available to address manual updates of devices after January 1st, 2020. To schedule a manual upgrade, please submit a ticket to Axcient Support after January 1st, requesting that your device be manually upgraded and patched to exclude it from snapshot deletion protection.
Note: Updating to version 9.0.0 is a mandatory requirement prior to upgrading to version 10.0.0 being released in Q1 with the Ubuntu Xenial (16.04 LTS) operating system upgrade.
Why are we making this change?
This change is being made as a vital step towards protecting partner’s customer data in the event of a malicious user gaining access to the backup appliance. Version 9.0. of Replibit ensures both protected systems and individual snapshots are safe from malicious attackers and accidental deletion.