1. CubeBackup Documents
  2. CubeBackup for Microsoft 365 Documents
  3. FAQ
  4. CubeBackup for Microsoft 365 Technical Specifications

CubeBackup for Microsoft 365 Technical Specifications

Overview

This document provides a detailed technical overview of CubeBackup for Microsoft 365 to assist in understanding, deploying, and managing CubeBackup within a Microsoft 365 environment.

Product Description

Supported Microsoft 365 Editions and User Types

  1. Microsoft 365 Editions:
    • Microsoft 365 Home/Business
    • Microsoft 365 for Nonprofits/Education
  2. User Types:
    • Active Users
    • Shared mailboxes

Functionality

Backup and recovery for Microsoft 365 data, including:

  • Exchange Online Mail, Calendar and People
  • OneDrive data
  • SharePoint Online sites

Key Features

  • Incremental Backups: Only new and modified data is downloaded for each backup task
  • Comprehensive Backups: Email labels, folder structures, file share permissions, created and modified time, multiple versions of every minor change, etc.
  • Automatic and periodic Backups: Set automatic backup schedules and customize backup intervals.
  • Unlimited version history: Backup snapshots are preserved for an unlimited period of time, even for deleted users.
  • Customized data retention policy: Flexible configuration to accommodate different data regulations.
  • Automatic backups for new users: Automate user management and license assignment.
  • Parallel Backups and restore: Efficiently backup and restore multiple users simultaneously.
  • Multi-admin support and Self-service portal: Allow role-based admin access and individual users to perform self-service data recovery.
  • Multi-tenancy backups: Manage backups for multiple Microsoft 365 tenants on a single CubeBackup instance.
  • Granular Restores: Ability to restore specific versions of individual files and messages.
  • Cross-user and cross-domain restoration: Facilitate data restoration for deleted users and data migration between different tenants.
  • Data export: Download backups to local machines.
  • Email Notifications: Receive alerts for backup status and issues on a daily basis.
  • Data encryption: Data encryption in transit and at rest.
  • Throttling settings: Option to configure bandwidth conservation during work hours.

System Requirements

Hardware Requirements

  • CPU: Minimum 2 cores.
  • Memory: Minimum 4 GB RAM. 6 GB or more is recommended for optimal performance.
  • Network Connectivity: Stable internet connection for data transfer to Microsoft servers and network or cloud storage. The internet bandwidth should be at least 50 Mbps.

Storage Requirements

  • Local storage for data index: Minimum 10 GB available for local data index (data index size will expand based on the number of backup users).
  • Storage for the backup data: Both on-premises storage and private cloud storage are supported. Generally, backup storage space should be double the size of your current Microsoft 365 data to accommodate a complete backup and future changes.
Supported On-premises Storage
  • Local disk within the company's physical or virtual servers.
  • Network-Attached Storage (NAS).
  • SAN and on-premises data center.
Supported Cloud Storage and storage classes included
  • Amazon S3 (storage class: Standard-IA)
  • Google Cloud storage (customized storage class can include Standard, Nearline, Coldline, Archive)
  • Microsoft Azure Blob storage (access tier: Cool)
  • Backblaze B2
  • Wasabi
  • Other S3-compatible storage

Software Requirements

CubeBackup is a 64-bit application and requires a 64-bit OS. Both Windows and Linux are supported.

Windows

Both Windows Server and Windows Desktop are supported:

  • Windows Server 2016 64-bit and above.
  • Windows 10 64-bit and above.
Linux

The following Linux distributions are supported:

  • CentOS(RHEL) 7 (x86_64) and above
  • Ubuntu 20 (x86_64) and above
  • Debian 9 (x86_64) and above
  • openSUSE 13 (x86_64) and above
Docker

CubeBackup's docker image is based on Debian and can be only run on Linux distributions.

  • Docker version 1.10 or later

Architecture

Components

  • Backup server: Manages backup tasks, data encryption, and data transfer.
  • Storage: Configurable to use local disks, NAS, or private cloud storage (e.g., Azure Blob Storage, Google Cloud storage, Amazon S3, Wasabi, Backblaze B2, or other S3-compatible storage).

Data Flow

When CubeBackup initiates a backup session, it securely transfers data from Microsoft 365 to the designated backup storage location. Here's a detailed overview of this process:

  1. Authentication and Authorization: CubeBackup connects to Microsoft Graph APIs, Office 365 Exchange Online APIs and SharePoint APIs using OAuth tokens to authenticate and authorize data access.
  2. Data Retrieval and Encryption: As data is retrieved, CubeBackup performs additional integrity checks and encrypts it using your private encryption key.
  3. Secure Data Transmission: Encrypted data is transmitted to your backup storage destination over a secure HTTPS connection.

Security Features

  • Role-based access for the CubeBackup web console
  • Immutable audit log for the CubeBackup web console
  • HTTPS/TLS connection for web console access and data during transmission
  • AES and RSA encryption for data in the backup repository
  • Two-Factor Authentication for web console login
  • Microsoft OAuth 2.0 Authentication: Secure authorization for accessing Microsoft 365 data

Configuration and Deployment

Deployment Options

  • Local Deployment: Suitable for organizations that prefer to manage their data in-house. Requires a compatible operating system and sufficient hardware to host and run the CubeBackup server.
  • Docker Deployment: Ideal for organizations looking for a scalable and easily manageable solution. Requires Docker and can be run on any system that supports Docker, regardless of the underlying OS.
  • Cloud Platform Availability: CubeBackup VM images are readily available on AWS Marketplace, Azure Marketplace, and Google Cloud Marketplace. This availability facilitates quick deployment within these popular cloud platforms.

Installation Steps

  1. Installation on a local machine or cloud VM.

  2. Configuration of backup storage path and storage credentials for cloud storage deployment.

  3. Integration with Microsoft 365: Register and authorize an application in Microsoft Entra ID (Formerly Azure AD) in the CubeBackup setup wizard. The application should have the following APIs granted with tenant-wide consent to function correctly:

    Note:
    All necessary permissions are granted to your own Microsoft Entra ID application. CubeBackup Inc. does not require direct access to your Microsoft 365 data, ensuring that your information remains secure and under your control.

    • Microsoft Graph API: Calendars.ReadWrite, Channel.Create, Channel.ReadBasic.All, ChannelMember.ReadWrite.All, ChannelMessage.Read.All, ChannelSettings.ReadWrite.All, Contacts.ReadWrite, Directory.ReadWrite.All, Files.ReadWrite.All, Group.ReadWrite.All, Mail.ReadWrite, Sites.FullControl.All, Team.Create, Team.ReadBasic.All, TeamMember.ReadWrite.All, TeamSettings.ReadWrite.All, TeamsTab.Create, TeamsTab.ReadWrite.All, User.ReadWrite.All

    • Office 365 Exchange Online API: full_access_as_app

    • SharePoint API: Sites.FullControl.All, TermStore.ReadWrite.All

  4. Configuration of backup user list, retention policies and other options in the CubeBackup web console.

Maintenance and Support

Upgrading CubeBackup

  • Upgrade Notification: Upon login, the CubeBackup web console automatically displays notifications for available updates, including bug fixes and feature enhancements. Administrators can easily upgrade to the latest version by following the on-screen prompts directly within the web console.

Server Maintenance

  • Server Migration and Disaster Recovery: Connect to existing backups from a new installation, ensuring smooth transition and reliable disaster recovery.

Troubleshooting and Support Resources

  • Error reports and logging: All backup and restore errors are logged within the histories and reported via email notifications. For detailed analysis, the CubeBackup diagnostic file can be downloaded from <host_ip/domain_name>/diagnose.zip.
  • Technical Support: CubeBackup support team available at [email protected]
  • Online resources and FAQs: Documentation base available at CubeBackup Docs.

Licensing and Compliance

Licensing Model

CubeBackup licensing is user-based, ensuring that organizations only pay for what they need, with the flexibility to scale as they grow. The pricing plans for CubeBackup licenses are:

  • $5 USD/User/Year for Home/Business plan.
  • $2 USD/User/Year for a Education/Nonprofits plan.

Privacy and Security