January 28, 2016
How Screenshot Backup Verification technology works
Datto’s patented Screenshot Backup Verification technology is designed to offer proof that backups are successful and verifies that restores can be performed. Following a backup, the system automatically boots virtual machines from the backup and takes a screenshot when completed. An alert is then emailed directly to you (and your client, if desired) confirming that the backup is successful. In the event that the boot fails, details are provided explaining what went wrong. The frequency of alerts can be configured to meet your specific needs. That’s all well and good, of course, backup monitoring is obviously important – especially for MSPs dealing with multiple clients. But, how can Datto monitor the status of systems we don’t have permissions to?
To accomplish this, Screenshot Verification uses a process typically used for debugging – tracking the CPU register states of protected systems. CPU register states are modes designed to restrict processes being run by the CPU. Operating systems run in the unrestricted mode (often called kernel mode), while applications run in a restricted mode (aka user mode). This allows the operating system to run with more privileges than applications. But, tracking what’s happening with this stuff is easier said than done.
That’s because on Windows 8 and above, Microsoft applies sophisticated address space layout randomisation (ASLR) to protect against buffer overflow attacks. ASLR randomly arranges the address space positions of key data areas of processes. However, the CPU also has to move real (non-randomised) data. When you mix randomised and non-random data, the result is not perfectly random. This allows Datto systems to perform entropy testing on CPU register states to determine signatures that indicate whether a system is up, which services are running, etc. This information is compiled into a signature library, which is regularly updated using an automated process.
Why you should care
Screenshot Backup Verification allows you to proactively monitor your clients’ backups and resolve issues before they develop into bigger problems. It also eliminates the need for third-party backup monitoring software. While there are a variety of excellent backup monitoring tools available today, these products can be expensive and complex – and are typically geared for enterprise IT environments. Finally, the verification process has no impact on performance and protected systems are completely unaware of the monitoring process.