Feature Requirements

Some NAKIVO Backup & Replication features require certain conditions in order to function properly. To learn about the limitations of NAKIVO Backup & Replication, refer to the Feature Limitations section of the latest Release Notes. The requirements for product features are listed below.

• Auto-Update

• Hot Add

• File Recovery

• File Share Backup

• File System Indexing

• Object Recovery and Log Truncation for Microsoft Exchange Server

• Object Recovery and Log Truncation for Microsoft SQL Server

• Object Recovery for Microsoft Active Directory

• Site Recovery

• Real-Time Replication (Beta) for VMware

• Agent-Based VM Backup and Recovery

• Bare Metal Recovery

• Cross-Platform Recovery

• App-Aware Mode

• Encrypted Backup Repository

• Direct Connect

• Native Tape Support

• Backup Immutability

• VM Limitation for Multi-Tenancy

• Monitoring

• Permanent VM Agent

• External Database

• Generic S3-Compatible Object Storage

• Merge Jobs

• MSP Console

• Backup Malware Scan

• Universal Transporter

Auto-Update

Auto-update is available for instances of NAKIVO Backup & Replication installed on the following operating systems:

• Linux

• Windows

  Note
  
  Auto-update is not supported for NAS systems.
  
  

Auto-update is available for the following types of Transporters:

• Auto-injected Transporters on Linux (includes physical Transporters)

• Manually installed Transporters on Linux

• Auto-injected Transporters on Windows (includes Hyper-V and physical Transporters)

• Manually installed Transporters on Windows

• Auto-injected Transporters in AWS (Linux)

• Auto-injected Transporter in VMware (Linux)
  
  

  Note
  
  Manually installed Transporters on Linux and Windows must be v10.8 or newer to support auto-update.
  
  

Before initiating an auto-update, make sure that the following conditions are met:

• If updating a manually installed Transporter on Linux or Windows, make sure that you have configured a Master Password for the Transporter in the Managing Credentials menu.

• At least 1 GB of free space is available on the machine on which the full solution is installed.

• If you have a perpetual license, your Maintenance & Support period is active. You can verify this on the product Licensing page.

Note

To maintain maximum security on your Linux OS, always keep it up-to-date; however, if necessary, you may disable auto-updates by editing the /etc/apt/apt.conf.d/20auto-upgrades file.

For more details, refer to https://linuxconfig.org/disable-automatic-updates-on-ubuntu-22-04-jammy-jellyfish-linux.

Hot Add

In order for the Hot Add feature to work for VMware VM backup, replication, and recovery, the following requirements must be met:

• The Transporter that will be reading or writing data from/to the VM disks should run on a VM.

• The Transporter VM should:

  • Be available in the product Inventory,

  • Run on a host that has access to the datastore(s) with the VM disks, Run in the same datacenter as the VM that is to be processed.

A single SCSI controller on the VM hosting NAKIVO Backup & Replication can support up to 15 disks including the system disk of the VM with NAKIVO Backup & Replication and mounted disks of the Backup Repository. To process VMs with a total number of disks that is larger than that limit, it is necessary to install one or more additional SCSI controllers.

File Recovery

Recovered files can be downloaded or sent via email. They can also be recovered to a server or file share. Before using the feature, make sure the following packages and services are installed/running either on the (proxy) transporter or target server depending on the selected recovery method:

Microsoft Windows

• Net Security package should be installed

• Microsoft iSCSI Initiator service should be installed and running

• net.exe utility should be installed

• SMB (1.x, 2.x, 3.x)/CIFS File Sharing Support feature should be turned on

• PowerShell should be version 2.0 or above

• PowerShell ISE should be available

Ubuntu Linux

• openssh-server package should be installed

• sshd service should be running

• parted utility should be installed

• fdisk utility should be installed

• open-iscsi package should be installed

• iscsiadm utility should be installed

• iscsid utility should be installed

• iscsid service should be running (for v16.04 and v18.04)

• iscsi_tcp module should be installed

• SElinux service should be disabled

SUSE Linux Enterprise Server (SLES)

• openssh-server package should be installed

• sshd service should be running

• parted utility should be installed

• fdisk utility should be installed

• open-iscsi package should be installed

• iscsiadm utility should be installed

• iscsid utility should be installed

• iscsid service should be running (for v12)

• iscsi_tcp module should be installed

• SElinux service should be disabled

Red Hat Enterprise Linux (RHEL)

• openssh-server package should be installed

• sshd service should be running

• parted utility should be installed

• fdisk utility should be installed

• iscsi-initiator package should be installed

• iscsiadm utility should be installed

• iscsid utility should be installed

• iscsid service should be running

• iscsi_tcp module should be installed

• SElinux service should be disabled

Note

File recovery is not supported for 4K sector size drives and datastores. Refer to How to Check Drive and Datastore Sector Size for more information.

Below are the requirements which must be met for each recovery method.

Downloading Files to Browser or Sending Files via Email

The following file systems are supported:

• If the Transporter assigned to the backup repository is installed on Windows:

  • NTFS

  • FAT32

  • ReFS

• If the Transporter assigned to the backup repository is installed on Linux:

  • NTFS

  • FAT32

  • EXT2

  • EXT3

  • EXT4

  • XFS

  • SwapLinux

• For the ReiserFS file system, it is necessary to install the linux-image-extra-virtual package for Ubuntu.:

  apt-get -y install linux-image-extra-virtual

• Linux VMs where Transporter is deployed should have the lvm2 package installed to allow mounting LVM volumes.

• The ntfs-3g package should be installed along with Transporter on Linux to allow recognizing NTFS partitions.

Recovering Files to Server

To recover files to a server, make sure you meet the following requirements:

Supported OS

• Windows

  • Windows Server 2022 (21H2) (x64)

  • Windows Server 20H2 (20H2) (x64)

  • Microsoft Windows Server 2022 (x64)

  • Microsoft Windows Server 2019 Standard (x64)

  • Microsoft Windows Server 2016 Standard (x64)

  • Microsoft Windows Server 2012 R2 Standard (x64)

  • Microsoft Windows Server 2012 Standard (x64)

  • Microsoft Windows 11 (21H2/22H2) (x64)

  • Microsoft Windows 11 (x64)

  • Windows 10 Enterprise (20H2 / 21H1 / 21H2) (x64)

  • Microsoft Windows 10 Home (x64)

  • Microsoft Windows 10 Professional (x64)

• Linux 

  • Debian 12.1 (64-bit)

  • Debian 11.7 (64-bit)

  • Debian 11.6 (64-bit)

  • Debian 11.5 (64-bit)

  • Debian 11.4 (64-bit)

  • Debian 11.3 (64-bit)

  • Debian 11.2 (64-bit)

  • Debian 11.1 (64-bit)

  • Debian 11.0 (64-bit)

  • Debian 10.13 (64-bit)

  • Debian 10.12 (64-bit)

  • Debian 10.11 (64-bit)

  • Debian 10.10 (64-bit)

  • Debian 10.9 (64-bit)

  • Debian 10.8 (64-bit)

  • Debian 10.7 (64-bit)

  • Debian 10.6 (64-bit)

  • Debian 10.5 (64-bit)

  • Debian 10.4 (64-bit)

  • Debian 10.3 (64-bit)

  • Debian 10.2 (64-bit)

  • Debian 10.1 (64-bit)

  • Ubuntu 22.04 Server LTS (x64)

  • Ubuntu 20.04 Server (x64)

  • Ubuntu 18.04 Server (x64)

  • Ubuntu 16.04 Server (x64)

  • SUSE Linux Enterprise Server 15 SP4 (x64)

  • SUSE Linux Enterprise Server 15 SP3 (x64)

  • SUSE Linux Enterprise Server 15 SP2 (x64)

  • SUSE Linux Enterprise Server 15 SP1 (x64)

  • SUSE Linux Enterprise Server 12 SP5 (x64)

  • SUSE Linux Enterprise Server 12 SP4 (x64)

  • SUSE Linux Enterprise Server 12 SP3 (x64)

  • SUSE Linux Enterprise Server 12 SP2 (x64)

  • SUSE Linux Enterprise Server 12 SP1 (x64)

  • Red Hat Enterprise Linux 9.2 (x64)

  • Red Hat Enterprise Linux 9.1 (x64)

  • Red Hat Enterprise Linux 9.0 (x64)

  • Red Hat Enterprise Linux 8.8 (x64)

  • Red Hat Enterprise Linux 8.7 (x64)

  • Red Hat Enterprise Linux 8.6 (x64)

  • Red Hat Enterprise Linux 8.5 (x64)

  • Red Hat Enterprise Linux 8.4 (x64)

  • Red Hat Enterprise Linux 8.3 (x64)

  • Red Hat Enterprise Linux 8.2 (x64)

  • Red Hat Enterprise Linux 8.1 (x64)

  • Red Hat Enterprise Linux 8.0 (x64)

  • Red Hat Enterprise Linux 7.9 (x64)

  • Red Hat Enterprise Linux 7.8 (x64)

  • Red Hat Enterprise Linux 7.7 (x64)

  • Red Hat Enterprise Linux 7.6 (x64)

  • Red Hat Enterprise Linux 7.5 (x64)

  • Red Hat Enterprise Linux 7.4 (x64)

  • Red Hat Enterprise Linux 7.3 (x64)

  • Red Hat Enterprise Linux 7.2 (x64)

  • Red Hat Enterprise Linux 7.1 (x64)

  • Red Hat Enterprise Linux 7.0 (x64)

  • CentOS Stream 9 (x64)

  • CentOS Stream 8 (x64)

  • CentOS Linux 8.5 (x64)

  • CentOS Linux 8.4 (x64)

  • CentOS Linux 8.3 (x64)

  • CentOS Linux 8.2 (x64)

  • CentOS Linux 8.1 (x64)

  • CentOS Linux 8.0 (x64)

  • CentOS Linux 7.9 (x64)

  • CentOS Linux 7.8 (x64)

  • CentOS Linux 7.7 (x64)

  • CentOS Linux 7.6 (x64)

  • CentOS Linux 7.5 (x64)

  • CentOS Linux 7.4 (x64)

  • CentOS Linux 7.3 (x64)

  • CentOS Linux 7.2 (x64)

  • CentOS Linux 7.1 (x64)

  • CentOS Linux 7.0 (x64)

  • AlmaLinux 8.7 - 9.1 (x64)

TCP Ports

Connection to the following TCP ports should be allowed by the firewall of the target system:

• 22 – Used by SSH for secure logins, file transfers (scp, sftp) and port forwarding.

• 9445 – Used by NAKIVO Backup & Replication to communicate with the VM.

• 10000 – Used by NAKIVO Backup & Replication for iSCSI communication.

Note

ICMP Ping traffic should be allowed by the firewall of the target system.

Permissions

The following permissions for Microsoft Windows VMs should be granted:

• Users should be members of a local Administrators group.

• Users should have access to default administrative shares.

• Users should have permissions to access the corresponding folder\file.

• Users should have executive permissions for running some utilities, for example, net.exe utility.

• User Account Control (UAC) remote restrictions should be disabled for some Microsoft Windows versions.

• Users should have permissions to "Log on as a batch job".

The following permissions and settings should be set up for Linux VMs:

• Users should belong to the sudo group to complete recovering files to server successfully.

• Users should have executive permissions for running some utilities, for example, /sbin/parted, /sbin/fdisk, /sbin /iscsiadm, /sbin/iscsid.

• PasswordAuthentication should be set to "yes".

• Provide special permissions to NAKIVO recovery service. For more details, refer to Required Permissions for Linux Recovery Server.

Recovering Files to File Share

The following file share types are supported:

• NFS
• CIFS
  
  

The target share must have one of the following protocols installed:

• NFS 3.x

• SMB 1.x

• SMB 2.x

• SMB 3.x

To recover file/folder attributes or encrypted files, the machine on which the Transporter is installed, recovery share, and backed up machine must have the same OS capabilities and file system type. To avoid potential issues while conducting file recovery, ensure the following:

• If the target is an NFS file share, check that nfs-utils is installed.

• If the target is a CIFS share, add a localhost domain to the user credentials (e.g. localhost\Administrator).

File Share Backup

The following requirements must be met to use the feature:

• File shares must be located on a NAS, Windows Server, Linux Server, or Nutanix File Server that supports the NFS or CIFS/SMB protocol.

• Read permission is required to back up the file shares.

• Read/write permission is required to restore to a file share.

• To use NFS file shares with Windows, NFS client feature must be enabled.

• To add a Windows-configured NFS share to the Inventory, the nfs file share location must be reachable by the Transporter. For more details, refer to NFS File Share Location Cannot Be Reached by the Transporter.

• File shares with the following protocols are supported:

  • NFS 3.x

  • SMB 1.x

  • SMB 2.x

  • SMB 3.x

• The following operating systems do not support any NFS Server versions:

  • Windows 7

  • Windows 8.1

  • Windows 10

File System Indexing

File System Indexing is supported on all supported browsers for NAKIVO Backup & Replication and runs on all supported operating systems.

File System Indexing skips files and folders on disks attached via FC and FCOE.

File System Indexing skips tmpfs mountpoints on Linux operating systems and the following system folders:

• Windows OSs:

  • %ProgramFiles%

  • %ProgramFiles(x86)%

  • %ProgramW6432%

  • %windir%

  • %TEMP%

• Linux OSs:

  • /boot

  • /dev

  • /cdrom

  • /media

  • /proc

  • /run

  • /selinux

  • /tmp

  • /sys

Before you can use the File System Indexing feature, make sure the source VM must meet the following requirements:

• VMware Tools or Hyper-V Integration Services must be running on VMware or Hyper-V VMs correspondingly.

• iSCSI must be available.

• SMB must be enabled on Windows OS.

• SSH must be enabled on Linux OS.

• TCP port 9445 must not be blocked.

• SElinux service must be disabled on Linux OS.

• Special permissions must be configured for Linux OS.

• Special permissions must be configured for Windows OS.

• To run File System Indexing on RHEL 7.9 and RHEL 7.4, the Netstat (network statistics) command line tool must be installed on the source VM.

Object Recovery and Log Truncation for Microsoft Exchange

To successfully perform object recovery and log truncation for Microsoft Exchange, make sure you meet the following requirements:

Supported Microsoft Exchange versions

NAKIVO Backup & Replication supports the following versions of Microsoft Exchange for object recovery and log truncation:

• Microsoft Exchange 2019

• Microsoft Exchange 2016

• Microsoft Exchange 2013

Permissions

The following requirements should be met for log truncation:

• Selected users should have permissions to "Log on as a batch job".

• Active Directory Module For Windows PowerShell must be installed.

• The VM must be accessible over network.

• The following user permissions should be provided:

  • If NAKIVO Backup & Replication uses the administrator user account, it should belong to the following groups:

    • Administrators

    • Domain Users

    • Organization Management

  • If NAKIVO Backup & Replication uses accounts other than the administrator user account:

    • The user should belong to the following groups:

      • Administrators

      • Domain Users

      • Organizational Management

    • The user should have the Full control permission granted for the folder in which the Exchange database is located.

Services and Settings

NAKIVO Backup & Replication requires PowerShell v2 or later to be available on the Microsoft Exchange machine.

• VMware VM must be running on VMware ESXi 5.0 and later.

• VMware Tools or Hyper-V Integration Services must be running on VMware or Hyper-V VMs correspondingly.

Object Recovery and Log Truncation for Microsoft SQL Server

To successfully perform object recovery and log truncation for a Microsoft SQL Server, you must meet general requirements as well as requirements for object recovery and log truncation.

General Requirements

To successfully perform object recovery and log truncation for a Microsoft SQL Server, make sure you meet the following general requirements:

Supported Versions of Microsoft SQL Server

NAKIVO Backup & Replication supports the following versions of Microsoft SQL Server for object recovery and log truncation:

• Microsoft SQL Server 2022

• Microsoft SQL Server 2019

• Microsoft SQL Server 2017

• Microsoft SQL Server 2016

• Microsoft SQL Server 2014

• Microsoft SQL Server 2012

Supported Editions

NAKIVO Backup & Replication supports the following editions of Microsoft SQL Server:

• Enterprise

• Standard

• Web

• Developer

• Express edition

Permissions

• A user logging in to Microsoft SQL Server must have a sysadmin role.

• The user running Microsoft SQL Service should have permissions to "Log on as a batch job".

Services and Settings

• NAKIVO Backup & Replication requires PowerShell v2 or later.

• VMware Tools or Hyper-V Integration Services must be running on VMware or Hyper-V VMs correspondingly.

• sqlcmd utility must be installed on the machine running Microsoft SQL server.

• Ports 137-139 must be opened for cifs.

• The SMB v1 or higher version of SMB protocol should be enabled.

Requirements for Microsoft SQL Server Object Recovery

• The user running Microsoft SQL service must have executive permissions to the Data folder and all other folders in which the databases are located.

• If "Rename recovered item if such item exists" option is selected during the recovery, NAKIVO Backup & Replication skips keys, constraints, indexes, and statistical properties when recovering a table to an original location.

• If "Overwrite the original item if such item exists" option is chosen, all the above properties are preserved. Tables that contain a foreign key cannot be recovered with this option.

• Full administrative permissions are required.

• Default administrative shares must be enabled.

• The "File server" role must be enabled.

• Ports 445 and 9445 must be opened on the instance.

Requirements for Microsoft SQL Server Log Truncation

• VMware VM must be running on VMware ESXi 5.0 and later.

• System databases are skipped during the log truncation.

• Databases with the "Simple" recovery model are skipped during the log truncation.

• A database must be in the "online" state.

• The SMB v1 or higher version of SMB protocol should be enabled.

Object Recovery for Microsoft Active Directory

Supported Versions

NAKIVO Backup & Replication supports the following versions of Microsoft Active Directory for objects recovery:

• Windows Server 2022 (21H2)

• Windows Server 20H2 (20H2)

• Windows Server 2019

• Windows Server 2016

• Windows Server 2012 R2

• Windows Server 2012

Requirements for Object Recovery for Microsoft Active Directory

• The ISCI Initiator service must be running on the recovery server.

• The vc_redist.x86.exe (v.2015) file must be installed on the recovery server.

• Active Directory Web Services must be running.

• Port 5000 must not be blocked by other services and must be opened in the firewall of AD.

• Active Directory Module For Windows PowerShell must be installed.

Site Recovery

To successfully perform a site recovery, make sure you meet the following requirements:

Run Script Action

The list of supported operating systems where the Run Script action may be run can be found in the Recovering Files to Server subsection above.

TCP ports

Connection to the following TCP ports should be allowed by the firewall of the target system:

• 22 – Used by SSH for secure logins, file transfers (scp, sftp) and port forwarding.

• 9445 – Used by NAKIVO Backup & Replication to communicate with the VM.

Note

ICMP ping traffic should be allowed by the firewall of the target system.

Required permissions for Microsoft Windows VMs:

• Users should be members of a local Administrators group.

• Users should have access to default administrative shares.

• Users should have permissions to access the corresponding folder/file.

• User Account Control (UAC) remote restrictions should be disabled for some Microsoft Windows versions.

• Users should have permissions to "Log on as a batch job".

Services and Settings

• For Windows source VMs, the SMB (1.x, 2.x, 3.x) / CIFS File Sharing Support feature should be turned on.

• For Linux VMs, users should belong to the sudogroup.

• VMware Tools or Hyper-V Integration Services must be running on VMware or Hyper-V VMs, respectively.

Real-Time Replication (Beta) for VMware

Real-time replication is supported for the following ESXi versions:

• Source hosts: ESXi 7.0 cluster managed by vCenter

• Target hosts: see Supported Platforms

 

NAKIVO Backup & Replication requires the following listening TCP ports to be open for a successful operation:

33088 – Used by the I/O Filter (source daemon installed on ESXi host) for receiving requests (or commands) from the Director.

33089 – Used by the Journal Service (installed on the target Transporter) for receiving requests (or commands) from the Director and the I/O Filter. (Outgoing ports on the I/O Filter).

33090 – Used by the Journal Service (installed on the target Transporter) for receiving changed data from the I/O Filter. (Outgoing ports on the I/O Filter).

33091 – Used by the Journal Service (installed on the target Transporter) for receiving heartbeat requests from the I/O Filter. (Outgoing ports on the I/O Filter).

 

The following requirements must be met to use the feature:

• Source hosts must have the Host Image Profile Acceptance Level setting set to Community level. Therefore, only clusters managed by vCenter are supported as a source (no clusters using a single image are supported). To configure this, select the host and navigate to Configure > System > Security Profile.

• Source hosts must have secure boot disabled.

• For each target ESXi host or cluster, a virtual appliance must be deployed with a Transporter discovered on at least one host and the Journal Service installed on the Transporter.

• The target Transporter must use Hot Add mode to access the replica and utilizes 4 SCSI controllers (in case it has less than 4 SCSI controllers, the product shall add more SCSI controllers).

  Note

  • If a replica and a Transporter/Journal Service VM are located on different hosts in the cluster and single datastore mounted to both cluster hosts, the real-time replication job will run as this is a Hot Add requirement (Transporter should have access to replica disks).

  • If a replica and a Transporter/Journal Service VM are located on different hosts in the cluster and different (not local) datastores mounted to both cluster hosts, the real-time replication job will run as this is a Hot Add requirement (Transporter should have access to replica disks).

  • If a replica and a Transporter/Journal Service VM are located on different hosts and different datastores (for example, local datastores) visible per particular host, the real-time replication job will fail (Transporter VM should have access to replica disks. Otherwise, the job fails).

• The time on the source ESXi host and the target Transporter appliance must be synchronized.

• The target datastore must have 5 GB as a minimum of free space.

• The source ESXI host must have 16 GB RAM as a minimum.

• For one real-time replication job/real-time replication failover job, the Transporter's maximum capacity is limited to 11 source VMs in case there is one disk per VM or up to 50 disks per source VM. For more information, see this article.

• The supported object maximums for real-time replication are:

Type	Limit
VMs per host	100
Disks per VM	50
Disks per host	500
Source VM size	30 TB
Source VMs per job	100
Source VMs per product/tenant	500
Source VM disks per product/tenant	1000
Jobs per product/tenant	100
Journal size per disk	20 TB

 

Agent-Based VM Backup and Recovery

To create image-based backups of virtual machines discovered as physical machines, the following requirements must be met:

• A physical machine agent/Transporter should be installed in each discovered VM.

  Note

  The agent is installed automatically in the course of virtual machine discovery.

Supported Hypervisors

• KVM (Proxmox) (8.x)

Supported Operating Systems

• All guest operating systems supported by NAKIVO Backup & Replication for physical machine backup.

Bare Metal Recovery

To perform bare-metal recovery of physical machines, make sure you meet the following requirements:

Bootable Media

• When creating bootable media using the Bootable Media Wizard—that is, you select Create bootable flash drive at the Type step—you can only select a Windows OS-based host as the destination for bootable media creation.

• CD/DVD drives are not supported for bootable media creation.

Bare Metal Recovery

• Before initiating bare-metal recovery:

  • A backup of the source physical machine must be available in a supported Backup Repository.

  • Bootable media must be created and available.

• The target Transporter version and product configuration must match the product version on the source physical machine.

• Secure Boot must be disabled on the target machine during bare-metal recovery.

• Minimum hardware requirements:

  • CPU: x86

  • RAM: 2 GB

  • Flash drive size: 8 GB

For a full list of supported physical machine operating systems, see the Physical Machine Requirements section in Supported Platforms.

Cross-Platform Recovery

The following scenarios are supported if a VM is exported from backup and imported into a different hypervisor:

	Target Platforms
Source Platforms	VMware vSphere 8	Microsoft Hyper-V 2016/2019/20H1/2022	Nutanix AHV 5.10/5.15
VMware vSphere 8	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0
Microsoft Hyper-V 2016/2019/20H1/2022	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0
Physical Machines	Windows Server 2012 Windows Server 2012R2 Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 22.04 RHEL 9.2 CentOS 8.5	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0	Windows Server 2016 Windows Server 2019 Windows Server 20H1 Windows Server 2022 Ubuntu Server 18.04 RHEL 7.4 CentOS 7.0

* To run a VM with RHEL 7 on Microsoft Hyper-V 2016/2019, the following option must be configured in grub boot parameters:

ata_piix.prefer_ms_hyperv=0

As an alternative, the source machine can be pre-configured with the command below:

mkinitrd -f -v --with=hid-hyperv --with=hv_utils --with=hv_vmbus --with=hv_storvsc --with=hv_netvsc /boot/initramfs-$(uname -r).img $(uname -r)

App-aware Mode

To enable application awareness for source objects, make sure the following requirements are met:

VMware

• VMware Tools should be installed, running, and up to date on all source VMs.
• VMware Snapshot Provider service must be running on the source VMs.

Microsoft Hyper-V

• Target system must be in the running state and custom OS quiescing must be enabled for it.

• Only the following target systems are supported for custom OS quiescing:

  • Windows Server 2012 Standard (x64)

  • Windows Server 2012 R2 Standard (x64)

  • Windows Server 2019 Standard (x64)

• Connection between the product and target system should be established.

• Refer to the Knowledge Base article for more details.

Nutanix AHV

• Nutanix Guest Tools should be installed and running on all source VMs.

• The necessary permissions should be granted. Refer to the Knowledge Base article for more details.

Amazon EC2

To enable application awareness for AWS EC2 instances running on Windows, make sure you meet the following requirements:

Supported Operating Systems

• Windows Server 2019 Standard (x64)

• Windows Server 2016 Standard (x64)

• Windows Server 2012 R2 Standard (x64)

• Windows Server 2012 Standard (x64)

Requirements for Windows-based Amazon EC2 Instances

Default administrative shares in Windows-based AWS EC2 Instances should be enabled in order for application awareness to work.

Requirements for Security Groups of Source EC2 Instances

Ports 445, 9445, and 9446 should be added to the security group of source AWS EC2 Instances to be backed up or replicated.

Requirements for the Director Machine

If the Director is installed on an Amazon EC2 Instance, the following requirements should be met:

• OS firewall should allow access to the TCP port 9446 on the machine where the Director is installed.

• The security group of the Instance where the Director is installed should allow access to TCP ports 445, 9445, and 9446.

Physical Machines

• Transporter should be available and configured on the source machine.

• All source objects of the job should be running OS that is supported for OS quiescing.

• Microsoft VSS should be available and configured on Windows-based source objects of the job.

• Custom OS quiescing should be enabled on Linux-based source objects of the job.

• The physical source machine should contain supported volumes.

Encrypted Backup Repository

To enable encryption, the following requirements should be met:

• The Transporter assigned to the encrypted backup repository must be installed on Ubuntu, SLES or RHEL. Currently, Transporters installed on other Linux versions, Windows, and NAS do not support this feature.

• For certain SLES and RHEL versions, only full device/partition encryption is available. Learn more.

Direct Connect

The following platforms are supported:

• VMware vSphere (including Free ESXi)

• Physical machines (Windows, Linux)

• NAS systems

Requirements

To use Direct Connect, the Transporter must be installed on one of the following operating systems:

• Windows

• Linux

• NAS

Direct Connect supports the following Nodes:

• Onboard Transporter

• Installed service

• VMware vSphere appliance

Note

Direct Connect is not supported for Onboard Transporters located on NAS devices.

The following deployment scenarios are supported:

• Director and Transporter(s) installed at the MSP’s site and more than one Direct Connect Transporter installed at each tenant site.

• Primary repository at the tenant’s site (managed by one of the tenant’s Transporters) and a secondary repository at the MSP’s site.

Additionally, the following requirements must be met:

• A static external IP address is required at the remote environment.

• A single TCP port must be exposed to the Internet at the remote environment.

• Port forwarding must be configured at the remote environment to forward requests from this external port to the deployed Transporter.

Supported Features

Direct connect supports the following product features:

• Inventory discovery/refresh

• Repository creation/management

• VM backup

• VM replication

• Full VM recovery

• VM verification

• Flash boot (from client repository to client infrastructure/from MSP repository to MSP infrastructure)

• Backup copy

• File recovery to browser

• Auto update

• Backup Export

• Site Recovery

Native Tape Support

NAKIVO Backup & Replication supports tape environments with the following configurations:

• Robotic tape libraries and standalone devices of LTO3 and later generations.

• AWS Storage Gateway service with a Tape Gateway that functions as a Virtual Tape Library (VTL).

• Only VTLs connected to Linux are currently supported.

•  The gateway VM deployed on-premises needs to have the following minimum resources:

  • CPU: x86-64, 4+ cores

  • RAM: 16+ GB

  • Free Space: 80 GB

• According to the requirements for Amazon EC2 instances, when deploying the gateway on Amazon EC2, the instance size should be at least 2xlarge for the compute-optimized instance family.

• The instance type should be c4 or c5 instance types. The 2xlarge instance size or higher can be chosen to meet the required RAM requirements.

• All physical tape cartridges must have barcodes.

• Installation is supported on all Windows OS and Linux OS, as listed on the Supported Platforms page.

• Installation on NAS OS is not supported.

• The "mtx" and "lsscsi" utilities need to be installed on the Linux transporter server in order to detect the tape library changer.

Backup Immutability

To make backups immutable in Backup Repositories located in Amazon S3, generic S3-compatible storage, or Wasabi, the following options must be enabled for the buckets where the repository is located:

• Object Lock

• Versioning

To make backups immutable in Backup Repositories located in Backblaze B2 Cloud Storage, File Lock (also known as Object Lock) must be enabled.

To make backups immutable in Backup Repositories located in Azure Blob Storage, the following options must be selected for the Azure storage account or container:

• Enable version-level immutability support

• Enable versioning for blobs

To enable immutability for Local Folder type of Backup Repository, the following conditions must be met:

• Target file system must support extended attributes modified by chattr and setfattr commands.

• The Backup Repository type must be Local Folder.

• The Backup Repository must have Store backups in separate files selected.

Note
Only Linux OS and NAS OS specified in operating systems are supported.

 

VM Limitation for Multi-Tenancy

The feature is only available if a license with Socket limit mode is installed.

The following hypervisors are supported:

• VMware vSphere

• VMware Cloud Director

• Microsoft Hyper-V

• Nutanix AHV

Monitoring

For the feature to function correctly, the following conditions must be met:

• For NAKIVO Backup & Replication to display disk usage, VMware Tools must be running in a VM.

• VM must be powered on for the monitoring to be available.

• The fontconfig library must be installed for reports to work correctly.

The feature supports the following platforms:

• Paid versions of VMware vCenter Server

• Paid versions of VMware ESXi host

The following types of items are supported:

• VMware vSphere host

• VMware vSphere datastore

• VMware vSphere VM

The full list of supported versions of vCenter and ESXi can be found here.

If monitoring over 1000 workloads, make sure your machine meets the following requirements:

• CPU: x86-64, 4+ cores 

• RAM: 8 GB

• Disk Free Space: 5 GB

Permanent VM Agent

VM agents are available for the following platforms:

• VMware vSphere

• Microsoft Hyper-V

• Amazon EC2

• Nutanix AHV

VM agents support the following features:

• OS quiescing

• File recovery to source

VM agents can be used in the Windows and Linux operating systems listed in this section of Deployment Requirements.

External Database

The following external databases are supported:

• PostgreSQL v10-16

The following system requirements apply to the machine housing the external database:

• CPU: x86-64, 4+ cores 

• RAM: 4-8+ GB

• Free Space: 50 GB

• OS: Windows and Linux operating systems.

Notes

• Using SSD is highly recommended.

• The external database can be created on a physical machine or VM or stored in a container.

• Database migration is supported for both the single-tenant and multi-tenant modes of the solution. However, only the Master Admin can perform database migration in multi-tenant mode.

• All tenants share the same database server after the migration, but each tenant has a separate database.

• All tenant databases must be the same type as the database of the Master Admin.

• Some NAS devices may already contain the PostgreSQL as inbox package.

Generic S3-Compatible Object Storage

The following vendors for generic S3-compatible object storage are currently supported:

• MinIO

• Ceph

• Cloudian

• C2 Object Storage

• SeaGate LyveCloud

Merge Jobs

The feature supports the following types of jobs:

• Backup

• Backup copy

• Replication

Job merging can be performed in the following cases:

• Both source and target jobs are of the same type and platform.

• The source job is in an idle state.

Job merging cannot be performed in the following cases:

• One of the selected jobs is a backup copy job with the destination set to tape.

• The target job uses the Policies view.

• The Transporter selection settings of the target job cannot be applied to the source job objects.

• Both source and target jobs contain or reference the same workload.

MSP Console

To use the MSP Console feature, the managed service provider (MSP) needs to configure the following TCP ports:

• MSP Director port: This is the TCP port used by the Director for the MSP's instance of NAKIVO Backup & Replication. By default, this is TCP port 4443. The MSP must provide a remote tenant with their Director port number during configuration. The remote tenant needs to enter this port number when adding the MSP.

• Listening port: Additionally, the MSP must have a port open for listening to the remote tenant. By default, TCP port 6702 is used. The MSP may change the listening port used by changing the system.msp.console.listening.port parameter in Expert settings.

Backup Malware Scan

The following recovery jobs with image-based backups are supported:

• VMware vSphere VM recovery

• Microsoft Hyper-V VM recovery

• Nutanix AHV VM recovery

• VMware Cloud Director recovery

• Physical Machine recovery

• Flash boot recovery

• Universal object recovery

The scan server must adhere to the following requirements:

• A supported version of antivirus software must be installed on the scan server.

• iSCSI must be available on the scan server.

• SMB must be enabled on the scan servers using Windows OS.

• SSH must be enabled on the scan servers using Linux OS.

• TCP port 9445 must not be blocked.

• SElinux service must be disabled on the scan servers using Linux OS.

• The NTFS-3G package must be enabled on the scan servers using Linux OS.

• Special permissions must be configured for NAKIVO Backup & Replication recovery service.

The following antivirus software is supported:

• Windows OS:

  • Microsoft Windows Defender

    • Antimalware Client Version: 4.10.14393 or higher

    • Engine Version: 1.1.12805 or higher

    • Must support the command line: Scan -ScanType %type% -File %path% -DisableRemediation -BootSectorScan

    • See more details here

  • ESET NOD32 Antivirus:

    • Version 14.2.24 or higher

    • Must support the command line: %path% /clean-mode=None /no-symlink

    • See more details here

  • Kaspersky Internet Security:

    • Version 2015 (15.0) or higher

    • Must support the command line: scan %path% -i0

    • See more details here

  • Sophos Intercept X:

    • Version 2.0.20 or higher

    • Must support the command line: scan --noui --expand_archives %path%

    • See more details here

• Linux OS:

  • Clam AV:

    • Version clamav-0.99.0 or higher

    • Must support the command line: clamscan --infected --recursive %path%

    • See more details here

  • Sophos Protection:

    • Version 1.1.8 or higher

    • Must support the command line: avscanner %path% --scan-archives

    • See more details here

Notes

• Sophos Protection can be used only for Linux server recovery.

• Sophos AV software is limited to the specific Linux operating systems.

• Antivirus software on Windows OS cannot scan Linux OS backups.

• Scanning process may not detect malware if the antivirus software has the run-time (real-time) protection enabled.

Universal Transporter

The Universal Transporter feature supports the following platforms and must meet the corresponding requirements:

• Microsoft Hyper-V VMs

• Oracle databases

• Physical servers

• Tape.