Preparing Azure for Virtual Machine restore

Managed Backup offers restore features for image-based and virtual machine backups to Microsoft Azure virtual environment.

To do that, your Azure environment must be configured properly. If you do not have configured Resource Group, a Storage account, an Azure Virtual Network, a Storage Container and a Network Security Group, follow the steps below before making restore jobs to Microsoft Azure VM.

1. Create a Resource Group

Resource groups enable you to manage all your resources in an application together.

1.1 Go to Azure Portal. Click "Create a resource". Search for Resource Group and select it in the results. Click "Create" button.

1.2 Specify the Resource group name. Select subscription and Resource group location.

For faster upload and download connection, you should select the closest location. You can check latency location on

2. Create a Storage Account and Container to store restored VM HDD.

Azure Storage is a service that you can use to store unstructured and partially structured data. IT professionals who deploy Azure virtual machines rely on Azure Storage for storing virtual machine operating system and data disks.

Blobs typically represent unstructured files such as media content, virtual machine disks, backups, or logs. There are three types of blobs.

  • block blob is optimized for sequential access, which is ideal for media content.

  • page blob offers superior random access capabilities, which is only suited for virtual machine disks.

  • append blob applies to data append operations, without the need to modify existing content. This works best with logging and auditing activities.

Find out more information about Azure storage:

Recommended storage configuration:

VM HDD container:

  • Deployment model: Resource manager or Classic
  • Account Kind: StorageV1 or StorageV2
  • Replication: LRS, GRS, RA-GRS
  • Performance: Standard or Premium
  • Access tear: Hot

Boot diagnostic storage (if required):

  • Deployment model: Resource manager or Classic
  • Account Kind: StorageV1 or StorageV2
  • Replication: LRS, GRS, ZRS, RA-GRS
  • Performance: Standard
  • Access tear: Hot

2.1 To create a new Storage Account open your Resource Group. Click +Add. Search for Storage Account and select it in the results. Click "Create" button. Specify options according to your requirements and recommended storage configuration. Click Create.

Next, you need to create a container to store your VM in blobs. A container organizes a set of blobs, similar to a folder in a file system. All blobs reside within a container. A storage account can contain an unlimited number of containers, and a container can store an unlimited number of blobs. Note that the container's name must be in lowercase.

2.2 Open your Resource Group → Your Storage account → Blob Service. Click +Container to add new container. Specify container name and click OK.

3. Create a Virtual Network with correct Subnet.

If you use Static IP addresses in your backed up Virtual Machine, you should use similar or the same subnet in the Azure Virtual Network. In this case, you will able to connect to your restored VM through Internet.

Please note that Azure reserves first three IP addresses in a subnet for internal usage.

3.1 Go to target Resource Group. Click "Add" button. Search for Virtual Network and select it in the results. Click Create.

3.2 Specify Virtual Network settings and click Create.

4. Create a Network Security Group

For security reasons, we strongly recommend you to create a Network Security Group and associate it with a Subnet. You can allow incoming connection to management TCP ports like 22 or 3389 in the Inbound security rules tab.

4.1 Open your Resource Group and click +Add button. Search for Network Security Group and select it in the results. Click Create.

4.2 Specify Network Security Group settings and click Create.

4.3 Open created Network Security Group and go to Inbound Security Rules which is part of the Settings group.

4.4 Click +Add button to add new security rule. Click Basic. Enter 22 in the Port ranges and name as SSH. Click Add to add a new security rule.

Add as many inbound security rules as you need to allow access to services hosted on the VM.

There are several common ports which you should allow access to.

5. Associate Network Security Group with a subnet

5.1 When all required rules are added, you need to associate Network Security Group with previously created subnet. Click Subnets in the Settings group.

5.2 Click "Associate" button. Select the Virtual Network and the Subnet and click OK.

6. Enabling Serial Console

For testing or troubleshooting purposes, we recommend you enable Serial Console in your Linux or Windows Machine. You will be able to configure and troubleshoot your Azure VM in the command line in Azure Portal.

Find out more in the links below.

Linux VM - Accessing serial console for Linux.

Windows VM - Virtual Machine Serial Console

Contact Us

Tech questions:

Sales questions: