Overview and Concepts​

Terms and Definitions

Admin: A user with elevated privileges who can create additional admins and users, define backup policies, access job history, configure email notifications, and manage backup and restore operations.

Backup Users (Users): Accounts used to log into devices with the Zmanda Pro client software installed. These users can be created individually, aligning with specific users and their devices (e.g., creating distinct accounts for each user within a company), or collectively for a group of devices serving a similar function (e.g., establishing a unified account for all MySQL servers).

Devices: Systems with the Zmanda Pro client software installed, which can be based on Windows, Linux, or macOS. These devices execute tasks like deduplication, encryption, compression, and data transmission. Each device is associated with a single backup user.

Protected Items: Actual sources of data, including filesystems, shares, databases, disk images, VMs, M365, or other relevant sources.

Storage Vaults: Storage locations for backed-up data, serving as entities for deduplication and encryption. Vaults can be provisioned from various storage media, including local disks, mounted filesystems, and different cloud storage options. It's important to note that data deduplication does not occur across different Storage Vaults.

User Configuration

Security & Encryption

Encryption is a crucial security measure, and it is strongly advised that users opt for robust passwords to enhance their security. Even the most advanced security protocols can be compromised if users choose weak or commonly used passwords, such as "123456" or "admin."

Zmanda Pro prioritizes the security of your data by implementing strong encryption before storage. This involves utilizing a robust encryption method known as AES-256-CTR with Poly1305 in AEAD mode, accompanied by high-entropy random keys.

The client automatically handles the generation and management of encryption keys. These keys, responsible for encrypting the data, undergo an additional layer of security by being encrypted with the customer's password before being securely stored on the Zmanda Pro server. This approach ensures that:

a. Data remains inaccessible without the user's password. b. In case of a user's PC loss, access to the account and data restoration only require the user's password.

Custom Commands

Zmanda Pro empowers you to execute specific commands before or after backup jobs, providing exceptional control over your backup process. This customizable feature allows you to fine-tune actions for specific elements:

• Protected Items: Execute commands tailored to individual items, such as dumping a database before its backup.

• Storage Vaults: Implement custom commands for storage vaults, like performing unique network authentication procedures.

• Schedules: Automate actions linked to schedules, enabling tasks like shutting down your computer after a backup.

Command Execution Sequence: During a backup job, commands are executed in this precise order:

• Schedule Before

• Protected Item Before

• Storage Vault Before

• Backup

• Storage Vault After

• Protected Item After

• Schedule After

Shell Built-ins for Enhanced Flexibility: Expand your command capabilities by incorporating shell built-ins, ensuring compatibility with your operating system through either cmd.exe or /bin/sh execution.

Environment Variables

When executing custom before or after commands, the following environment variables are made available:

1. BACKUP_TOOL_USERNAME

• Type: String

2. BACKUP_TOOL_DEVICE_ID

• Type: String

3. BACKUP_TOOL_JOB_ID

• Type: String

4. BACKUP_TOOL_JOB_STATUS

• Type: Integer

• Comment: Job status is accessible exclusively within After commands.

Zmanda Pro Client Software​

Device Registration

Each Zmanda Pro user is applicable to multiple devices, enabling the deduplication of backups from various devices by directing them to the same Storage Vault.

Upon logging in to the Zmanda Pro user account from an additional device, such as a laptop or tablet, you will have a private view of Protected Items but a shared view of Storage Vaults.

You have the ability to view, edit, and utilize Storage Vaults configured by other devices.

However, you do not have the ability to view, edit, or utilize Protected Items configured by other devices.

Data restoration is possible from any device's Protected Item, although it is hidden by default.

Similarly, you can view job logs from any device, but this is also hidden by default.

Backup Approach​

Zmanda Pro employs a backup strategy by initially dividing data into variable-sized chunks, which are individually compressed, encrypted, and then uploaded. The process utilizes data-dependent chunking, effectively breaking down a file into consistent chunks even in the presence of random inserts.

In a backup job, a list of files and the required chunks for their reconstruction are created. Subsequent incremental backup jobs recognize existing chunks on the server, eliminating the need for re-uploading.

Key features of this chunking technique include:

• Both the oldest and most recent backup jobs can be restored at the same speed.

• Duplicate data doesn't necessitate additional storage due to identical chunks (deduplication).

• There is no requirement to re-upload the entire file, regardless of the number of backup jobs.

• The server doesn't need to be trusted to decrypt data.

Zmanda Pro Console​

You can access the Zmanda Pro console by logging in with a user account, allowing you to perform remote backups and restores. Additionally, you can modify settings for Protected Items and Storage Vaults, as well as review job history.