Rubrik Polaris is a SaaS platform that centralizes backup management. Polaris enables to manage On-Premises Rubrik appliances and to backup / restore cloud environments such as M365, Azure, AWS, or GCP. The main advantage of this solution is that you manage your backups the same way whether it is a VM, a database, a mailbox, or a SharePoint site. Rubrik relies on SLA Domains to handle protection. It is in SLA domains you set backup frequency and retention. Then you apply this SLA domain to the item you want to backup. In this topic, I’d like to show you the steps to back up an M365 tenant.
Connect to M365 tenant
When you open Polaris, navigate to inventory and click on set up in Microsoft 365 square.
The following window appears it describes the tasks to protect your M365 tenant. In the first task, you choose the location where you store backups and in the second step, you authorize Polaris to connect to your tenant.
N.B: Polaris is hosted in Microsoft Azure. So, when you choose the backup location, you choose an Azure region.
Next, select your Azure region where will be your backup data.
In the next step, you have to grant Polaris to access Exchange, Onedrive, Sharepoint et Teams. Click on sign in to Exchange Mailbox to allow Polaris to connect to Exchange.
Specify credentials of an account with the elevated privilege to create Polaris application in Azure AD and allow the following permissions to this application:
Next, you can do the same things for Onedrive, Sharepoint, and Teams.
Once Polaris has permissions for each M365 application, you can click on complete setup to end the process.
Add an enterprise app to improve performance
Polaris can open several connections to M365 to increase bandwidth. For each connection, Polaris requires an Azure AD enterprise application. This is why when you open for the first time the M365 dashboard in Polaris you get a warning to add an additional app to improve performance.
So in the dashboard, clock on Add 1 app to improve performance.
Then select the application to connect to Polaris.
Then select Basic to allow Polaris to create the enterprise application and apply the right permissions.
Select the subscription and click on sign in to Exchange Mailbox.
Once you have specified your credentials, the app is added.
You can repeat the above steps for Onedrive and Sharepoint. Once all apps are added, all services should be green.
Create an SLA domain
An SLA domain is an object that will define your backup policy. To create an SLA domain, navigate to the SLA domain and click on Create SLA domain.
Specify the name of the SLA domain and choose what you want to protect with it.
Next specify the backup frequency and your retention policy.
Then click on create.
Protect mailbox, OneDrive, SharePoint and Teams
Open the M365 dashboard and select view users in Exchange Mailbox.
Select Groups and click on Authorize Microsoft 365 Management APP.
Provide credentials and allow Polaris to get the following permissions.
Now that permissions are added, you can add Azure AD group to Polaris. For that click on Next.
Then select groups you want to add to Polaris.
Now select a group where users you want to protect belong and click on manage protection.
Select the SLA Domain you created before and click on next.
To start the protection, click on assign.
You can repeat these steps to protect the Sharepoint site and Teams.
When SLA domains are assigned, Polaris will start backup soon. You can open the M365 dashboard in Polaris to check if the protection is working.
Conclusion
In this topic, we have seen how to protect M365 from Rubrik Polaris and it was really easy and step forward to backup mailbox, Onedrive, Sharepoint, and Teams. In the next topic, I’ll show you how to restore data from these backups.
