It’s cloudy today – Rubrik Cloud Data Management 3.2

Cloud Data ManagementRecently Rubrik released version 3.2 of their Cloud Data Management platform. Time to take some moments to summarize what happens since their Cloud Data Management platform 3.0 was released. For all of my readers who don’t know who Rubrik is here is again a short introduction.

Rubrik Inc.

Rubrik was founded in January 2014 by Bipul Sinha (CEO), Arvind Jain (VP Engineering), Soham Mazumdar (Architect) and Arvind “Nitro” Nithrakashyap (CTO). All of these guys came either from Goolge, Facebook or Oracle. At the moment Rubrik has more than 250 employees including their snazzy Tech Evangelist Chris Wahl. Rubrik is a Cloud Data Management platform which combines backup software and backup storage appliance in a 2U appliance called “Brik”. You can think of Rubrik as the Time Machine backup for the enterprise. The primary aim for Rubrik is to simplify backup. The approach is not based on legacy (traditional) backup where you define backup jobs, start/end time, retention policy etc., but rather you set a data-protection policy per VM or groups of VMs and define there your SLA’s like RPO/RTO, retention etc.
I also want to point out the awesome people behind the Technical Marketing Team, Andrew Miller ( and the newest addition Rebecca Fitzhugh ( If you don’t follow this people follow them NOW.
I will not start with what is new in 3.2, I will go to the beginning and give a brief overview what happens in the platform since 3.0 was released.

Cloud Data Management 3.0

With the release of Rubrik Cloud Data Management 3.0 a.k.a Firefly, Rubrik changes the name from Converged Data Management to Cloud Data Management. The reason for the change was that more and more customers have already some kind of initiatives going on within their business that aligns with cloud. So you can’t build a cloud if you don’t have a data protection that is cloud-ready. Rubrik therefor is providing a data protection solution where you can easily manage, secure and protect your data, no matter where it is (onsite, offsite, cloud).
Compared to the 2.2 release and aside from the huge number of improvements and enhancements, Rubrik released a lot of new features.

Physical SQL

In 3.0 it’s now possible to backup physical SQL server. This doesn’t mean that the server needs to be physical. It means that Rubrik is directly talking to the SQL Application itself through an Connector service which is installed on the SQL server and function as an API endpoint. This service is delivered by a MSI package so you can deploy it through SCCM or whatever deployment method you’re using. There is also some security backed into this package so it can only talk to the Rubrik cluster which generated the package. There is automated database discovery with forever incremental backups and the Rubrik SLA policy engine delivers point-in-time recovery with intelligent log management.

Physical Linux

Like the physical SQL backup you will also have physical Linux server backup now. Again this doesn’t mean that the Linux server must run on bare-metal. It can also run as a virtual machine but again Rubrik is directly talking to the Linux OS. Similar to the Connector service in SQL, there is a rpm package you install on the Linux host which then talks to the Rubrik cluster which created the package. You can simplify the protection of Linux servers with an automated host discovery. On Linux you can use policy-driven automation to execute granular file-set protection and recovery.

Virtual Appliance (Rubrik Edge)

Rubrik Edge was build for Remote Offices and is a virtual appliance which is deployed as an OVA in the Remote Office location, to replicate the Off-site backup to your Headquarter. The Edge is using the same code and SLA policy engine like the big brother. After the initial backup Rubrik will only send deduplicated and compressed data to the Headquarter which saves a lot of WAN bandwidth.

Erasure Coding

Rubrik now utilizing erasure coding, which means with a simple software upgrade you get approx. twice the capacity and increased performance while delivering industry leading fault tolerance.


Now it’s also possible to use Azure blob storage for archiving data in the cloud. Other options for archiving are object storage, NFS or AWS S3.

Cloud Data Management 3.1

Native (physical) Windows Protection

One of the new features in the 3.1 release is that Rubrik adds support for native Windows protection. Like native SQL and Linux protection, Rubrik is talking to the OS directly through a Connector service. You can leverage all features Rubrik offers for Windows like:

  • same policy based management
  • Granular File & Folder level restore
  • Incremental-Forever backups
  • Automatic Connector upgraded
  • Secure Cloud Archival
  • etc.

When recovering files in Windows you can:

  • Restore (in place)
    • Overwrite original or create new folder
    • Preserver ACLs and timestamps
  • Export (out of place)
    • Export to another Windows Server
    • Preserver ACLs and timestamps
  • Download locally

In 3.1 Windows Server 2008 R2, 2012 and 2012 R2 are currently supported.

User Experience Improvements

  • Physical Server View
    • UI Improvements -> now host centric
    • Snapshot Search

SQL Server Failover Clustering

Rubrik now has complete support for Microsoft SQL Servers running on WSFC (Windows Server Failover Cluster). In this case Connector services must be installed on both nodes of the WSFC. Rubrik then automatically recognizes a WSFC and creates a dedicated Failover Cluster tab.

There are also some really cool improvements made with SQL Server protection.

  • Source Side Compression and Decompression
  • Microsoft SQL Server 2016 Support
  • Cross-Version Restore Support

With Cross-Version Restore Support (not backwards-compatible) it is possible to export e.g. SQL Server 2008 DB to either SQL Server 2008, 2008 R2, 2012, 2014 or 2016.

Source versionExport target versions
SQL Server 2008SQL Server 2008, SQL Server 2008 R2, SQL Server 2012, SQL Server 2014, SQL Server 2016
SQL Server 2008 R2SQL Server 2008 R2, SQL Server 2012, SQL Server 2014, SQL Server 2016
SQL Server 2012SQL Server 2012, SQL Server 2014, SQL Server 2016
SQL Server 2014SQL Server 2014, SQL Server 2016
SQL Server 2016SQL Server 2016

Rubrik Envision

Rubrik Envision is a fully customized dashboard and reporting system which is integrated into the Rubrik Cloud Management Platform. You can create and customize rich reports to manage, share and visualize analytics from data management, compliance and utilization. You can use the system build-in reports and dashboard to create your own. You can also schedule e-mails in HTML-5 format or download on-demand Excel reports.

Software Encryption at Rest

In 2016 Rubrik released the r528 appliance which is the Hardware Encryption Model. It uses Self-Encrypting Drives (SED) and is FIPS 140-2 Level 2 certified. In 3.1 Rubrik introduced Software Encryption at Rest. It’s AES-256 encryption with minimal overhead to the performance. It’s highly engineered which means Rubrik is using multiple encryption modes for speed and key wrapping for higher security and secure cluster erasure. You can start software encryption with only one Brik cluster and the key management is handled via TPM. Software encryption is currently supported on all r300 series Briks

More Improvements

  • 100% Customer Driven Upgrades
    • Self-service upgrades using the CLI
    • Simple Workflow
      • Download upgrade file
      • Upload to Cluster
      • Issue upgrade command
    • Beneficial for sites where internet connectivity is not allowed
    • Rubrik Edge Support
  • vSphere Improvements
    • Manual vCenter Refresh from GUI (normally 15min refresh rate)
    • Restore directly to ESXi host(s)
  • In-Place File Restore for Linux VMs
    • Streamlined File Recovery
    • Directed & Redirected Restore
    • Seamless Credentials Management
  • Log & Support Bundle Download
  • Chart & Graph Enhancement
    • Extended timeframes for Dashboards and System Charts
    • Changed from 4 hours to 24 Hours
  • General
    • REST API Improvements
    • Security Improvements & Hardening
    • Customer Supported Hard Drive replacement
    • Enhanced Compression for SQL and Linux Connector (Backup now compressed before sent over the network)
  • Destructive Restore
    • RBAC enhancement for the End User role
    • Checkbox during user creation
    • Focused on SQL restore

Cloud Data Management 3.2

After this “brief” overview of the last Rubrik releases we finally made it to the actual release of Rubrik. Starting with 3.0 we have roughly every quarter a new release of the Rubrik Cloud Management platform which is really impressive. Good job Rubrik. You will also see the effort Rubrik has put into this .2 release when you see all the new features and improvements they made to their platform.

Rubrik Cloud Data Management on AWS and Azure (a.k.a Rubrik Cloud Cluster)

If you ask 3 people about “What is Cloud?” you will definitely get 3 different answers. Below an overview how Rubrik is seeing the Customer Cloud Journey today.

Aligned with this cloud journey this new feature allows a customer not only to archive to the cloud but also run a Rubrik instance including all features in AWS and/or Azure.
When looking under the hood, there is a minimum of 4 node cluster running on AWS so Rubrik can leverage erasure coding. It can protect currently SQL Server, Windows and Linux filesets. It is also possible to replicate to and from other clusters (cloud cluster or on-premises).

Sizing Information

The sizing of such “Cloud Cluster” is straight forward. For AWS you have M4.xLarge instances (6TB EBS volume) attached per node and for Azure standard D3 v2 instances (6TB standard managed disk) per node.

Use Cases


The benefits of using Rubrik in the cloud are obvious. You get all the benefits you also have when using the Briks which means:

  • Quick to deploy
    • Rubrik instance is up and running in minutes
  • Easy to manage
    • Same easy to use interface for on-premises, edge and cloud applications
  • Simple to scale
    • Start small and grow in locksteps

Native NAS Support

NAS support was introduced with 3.0. During this times a proxy VM (Windows or Linux) was needed where the NAS shares were mounted and then backed up with Rubrik. In 3.2 NAS shares are now directly mounted on Rubrik and therefor a proxy VM isn’t required anymore. Rubrik supports NFS and SMB shares.

Larger Edge Instance and MSP Enhancement

For Managed Service Providers the possibility to use larger Edge instances was introduced.

On-Demand Snapshot Policy

Whenever creating an on-demand snapshot there is now the ability so assign an existing policy, create and assign a new policy or retain forever. Snapshots which are associated with SLA domains are visible through managed objects and all compliance rules are applied to them. If you choose to retain “Forever” the snapshot will stay forever but is listed under the unmanaged objects. One use case for this is legal hold like for public or health care customers where data must be retained for several years.

Replication Enhancements

Replication can now have distinct retention for local, replication clusters and archival target. This is especially useful for ROBO scenarios using Rubrik Edge – it may be desirable to keep shorter retention on the primary Rubrik Edge cluster at the remote/branch office with longer retention on the replication target cluster in the main datacenter.
Also Rubrik clusters can now have multiple replication target. Each SLA can replicate to a single target but different SLA’s can now replicate to different target Rubrik clusters.

Cluster Time Zone

With 3.2 it is now possible to specify a time zone on the cluster level which effects activity logs, notifications, e-mail schedules, reports and SLA domains. The default time zone is UTC and 26 other time zones are now available. Half hour time zones are currently not supported.

External Key Management

Software encryption, which was introduced in 3.1, uses an internal key manager which is enable by an embedded TPM chip. In 3.2 also external key manager can be used for software (r300 briks) and hardware (r500 briks) encryption. All KMIP-compliant external key manager are supported (e.g. SafeNet KeySecure, HyTrust etc.)

Rubrik & Pure Storage Integration

Finally, one of the last new features is the integration with Pure Storage. The primary use case for this is a non-intrusive protection for I/O intensive VMs which can’t handle any stun times. This implementation is accomplished by using VMware APIs and Pure Storage Snapshot RESTful APIs. This integration reduces the VM STUN time for non-intrusive VM protection. This integration is available for ALL Pure Storage FlashArray products excl. FlashBlades and for VMware virtualized environments only. It also simplifies protection & restore workflow through complete automation.

How does it work?

Final Words

Unfortunately I never saw Rubrik live in action at a customer site but what I heard during all the sessions I attended is really impressive. Also the release cycle of roughly one quarter for a minor release and the amount of features in every minor release is also pretty awesome. I’m really looking forward what we will see from Rubrik when the next major release hits the floor. If you would like to hear more about the latest release you can join a webinar which will take place on May 11th 8am PT / 11am ET / 5pm CEST. Here is the registration link.
With this in mind Go Forward!

Leave a Reply

Your email address will not be published. Required fields are marked *