Connection configuration and main features
CodeTwo Backup is designed to work with both Exchange Server on-premises and with Office 365 plans with Exchange Online. In both cases, the software uses the server’s domain administrator account (with impersonation rights) to access mailboxes' data via Exchange Web Services (EWS). The configuration of connection to Office 365 is pretty straightforward while connection to Exchange on-premises can be configured automatically (using the program's Autodiscover Exchange Server mechanism) or manually (a user needs to indicate a server using the server’s name or IP address).
The CodeTwo Backup user can define multiple connections via a built-in wizard to allow the software to perform backup and restore jobs from/to many different servers. The software automatically handles any resource conflicts: if multiple jobs are to be executed on the same mailbox, the same connection would have to be used to run several different jobs or the same storage would have to be accessed by more than one job at once. In such a case, the software’s engine will queue those jobs properly to avoid data corruption or looping. Non-converging jobs can be run simultaneously.
All connection details configured in the software are kept safe - they are encrypted and accessing any previously configured connections requires entering a password. This allows the main administrator to configure the software and then to delegate other, less privileged admins to run the software without the risk of them accessing sensitive credentials. However, as much as we agree with the “safety first” idea, the convenience of use is also important. That is why, once a password is provided, the connection details remain unlocked until the user closes the current Administration Panel session. Also, if the currently logged on user is the same as the one whose credentials were used to configure a server connection, entering a password to access this connection's configuration will not be required.
As for the backup process, CodeTwo puts reliability over speed. There is a specially crafted, complex algorithm implemented in the program that is running whenever any backup job is active. The algorithm makes sure that current process speed is optimal when it comes to the backup's safety. The algorithm constantly analyzes the backup process performance ratings and manages the number of concurrent connections. More connections are automatically allowed if the connection speed is sufficiently fast and reliable and if the Exchange server responds to the software’s queries consistently and quickly enough. Connection slots are automatically terminated if the software notices any transfer issues.
To ensure the safety of the backup process, manual overriding of the mechanism managing connection slots is deliberately prohibited.
The aim of disallowing any user-made tweaks and implementing the above-described algorithm is to ensure the reliability of the backup process. The development and internal/external beta testing of CodeTwo Backup proved that allowing users to manage all the backup parameters (e.g. the number of connection slots, items' batch sizes, bandwidth speed usage) without any restrictions often resulted in Exchange server connection timeouts. When it comes to data backup, the process reliability is crucial - connection timeouts that can lead to data loss or corruption are unacceptable, hence the focus on consistency and stability of the process rather than on maximizing the backup speed.
During the software development and testing, data backup speed varying from ~700 MB per hour to more than 6 GB per hour was observed. Aside from some obvious factors such as Internet connection speed, such a scatter of results is caused by the mailboxes' characteristics. The backup process is considerably faster for bigger items (e.g. emails with large attachments or embedded images). Backing up smaller items (e.g. simple text-only emails) puts more load on the Exchange server and requires setting up more connections between the user's computer and the Exchange Server machine. That is why the lower performance of the backup process can be expected.
In some cases, users may notice that the actual transfer rate of the backed up or restored data is considerably slower than their network bandwidth. This is because the speed of the whole process depends on multiple factors, e.g. local network and Internet connection speed, physical location of the mailbox server, servers’ throttling settings, Exchange Server performance. Be aware that while you can customize your Exchange on-premises throttling settings, doing the same for Exchange Online is not possible due to Microsoft’s policy.
If you're using Exchange Online, be aware that purchasing Office 365 subscription in one geographic region does not necessarily mean your data is actually stored in this region. As your mailboxes might be kept in datacenters located on a different continent, you need to consider the fact that bottlenecks in your network connection speed can theoretically occur in between Microsoft's servers. Also, the connection latency to such remote mailboxes may be higher and affect the speed of the backup process.
Note that you might not experience the above issues when you access mailboxes via Outlook on the web (OWA), because Office 365 CAS servers may actually be hosted in your region while the mailbox role servers might be located somewhere else. Please consult this Microsoft legal notice on the data country/region storage policy or contact Microsoft's support to find out where your Exchange Online mailbox data is physically stored.
In the case of any issues related to the speed of the backup process, please see our Knowledge Base article.
CodeTwo Backup supports multi-factor authentication (MFA) for Office 365. MFA is an effective security measure that prevents unauthorized access to your account. Once enabled, each time you log in to Office 365 tenant with your password, you will be asked to confirm your identity by providing a verification code which you receive via text message, phone call or Microsoft Authenticator app.
You can also use an MFA-enabled administrator account to connect to Office 365 in CodeTwo Backup. However, entering a regular account password isn’t enough, as you won’t be able to connect to Office 365. This is where the app password is used. App passwords are created for each MFA-enabled account to allow signing in to non-browser applications. To use an MFA-enabled administrator account with CodeTwo Backup simply enter the app password instead of the regular Office 365 password. Keep in mind that app passwords don’t expire and can be used in other programs as well.