Cyrus Backup Server v1 Documentation

Click here to skip down to the part of this document that actually explains how Cyrus works.

The Importance of Disaster Preparedness

Disasters happen every day. Disasters are anything that takes a service down or causes it to become corrupt, unusable, or stolen. Examples of disasters include tornadoes, hurricanes, fires, terrorist attacks, hardware failures, software failures, data loss, and security disasters (including data theft, malicious configuration, data corruption, and ransomware).

Michael Peel, IT Director for Collegedale Academy, states that “Datacenters can be rebuilt from scratch, but data must be restored from a backup.” Backups are one of the most crucial aspects of disaster preparedness and response. These backups should be: frequent, regular, complete, reliable, secure, organized, and quickly able to be restored. Because of this, IT departments need to log and test their backups.

The Importance of a Simple and Flexible Backup Solution

Backup solutions require three main things: a price point that is affordable to small and medium businesses (SMBs), the simplicity to be used by already over-worked IT teams, and the flexibility to adapt to and backup an extreme variance in service types, such as: file shares, single applications, entire virtual machines, network appliances, and more.

Numerous disaster recovery (DR) and business continuity (BC) solutions are currently available. Solutions range from simple backup and recovery systems—such as Veeam, Unitrends, HPE VM Explorer, i365, and others—to fully redundant datacenters and office spaces—such as Sungard Availability Services. While these solutions vary greatly in price, even the cheaper ones can still be expensive. Free versions of backup software lack many core features essential for any DR plan. Backup solutions like these do not offer the flexibility to easily and quickly backup the varied mission-critical services that need to be protected.

Additionally, solutions like these can be complex and time consuming to setup and manage. When organizations expand, or infrastructure simply changes, making the appropriate changes to the backup solution is often a complex task that is left undone. These factors limit the usefulness of existing backup solutions for SMBs and non-profits, including Collegedale Academy (CA). These organizations may not have the budgets for existing VM backup solutions, nor the personnel to manage them. Core, mission-critical services often go unprotected because they are not backed up.

One possible solution to these issues is utilizing Powershell. Because of this, CA’s IT department has developed a Powershell backup solution. This solution, named Cyrus, is an automated and scheduled backup solution for multiple IT services, including: file shares and user data, all VMs hosted on Hyper-V hypervisors, network appliances, Group Policies, Active Directory, and many individual applications.

In addition to its backup functionality, Cyrus’ Powershell base allows for it to be easily scaled and adapted to new and changing environments. Cyrus offers many essential backup features for no cost other than man-power costs.


With a large range of available programming and scripting languages available to IT teams, it can be difficult to pick one language to create new solutions with. Powershell is able to fully manage Windows systems. In addition, Powershell can be used to manage many non-Windows systems. Modules providing SSH capabilities lead to Powershell being capable of managing just about any system with relative ease.

Microsoft Powershell is simpler to learn and use than many programming and scripting languages, and it requires less of a learning curve for system administrators familiar with Windows. It is a high-level scripting language, meaning that it is easy to read and write. This means that IT teams can easily expand a Powershell-based backup solution, like Cyrus, to meet the needs of changing IT environments.

Veeam Backup and Recovery Free Edition

Veeam Backup and Recovery Free Edition does not allow for scheduled backups, as does its paid counterpart. It does, however, offer Powershell integration with a Veeam Powershell module. This opens up the door for home-grown VM backup solutions to be built using free technologies. Cyrus utilizes the Veeam Powershell module for this purpose.


While there are numerous hypervisors available, Microsoft Hyper-V provides several benefits over its competitors. Hyper-V is built on Windows Server and can be managed both by Group Policy and by Powershell. Being a Microsoft Server product, Hyper-V integrates with Active Directory natively. Another advantage of Hyper-V is that it is free. In addition, there is less of a learning curve for SAs experienced with Windows Server than there is for Linux based hypervisors, such as ESXi.

VMWare’s free hypervisor, the free version of ESXi, offers only limited functionality. Most critically, the free ESXi does not allow access to the API used to export and backup guest VMs. It is possible to backup VMs from ESXi, however it is more difficult and time consuming than with Hyper-V as most well-known backup and recovery solutions, such as Veeam Backup & Recovery Free Edition, cannot support free ESXi hypervisors.

Cyrus Backup operates on these core principles: centrality and modularity. The temptation with scripting languages like Powershell can be to create multiple scripts and run them separately. This, however, makes it difficult to make changes that affect multiple scripts. The opposite of that approach is combining all functions into one massive script. While this eliminates the need to touch multiple script files for minor changes, this method comes with its own challenges. For example, it can be horrendous to try and shift through the code in such a large file.

Cyrus seeks to take the middle path between these two paths, that of complete separation and that of one massive script. Cyrus is broken up into two parts: Cyrus-Backups-Server and Cyrus-Backups-Client. At the core of each of these is a single Powershell script which is run via Windows Task Scheduler. This core script calls the other Powershell scripts which perform backups of the various services. The frequencies for which each backup is to be done (i.e. How often each script is to be run) are specified inside of the core scripts.

This document is a living document and should be updated whenever a change to Cyrus is made.


The server portion of Cyrus is located on a dedicated, physical backup server. This server is located on an isolated VLAN dedicated to backups. The only other servers on this backup VLAN are the Hyper-V hypervisors and the primary file share server (all with second network interfaces on the backup VLAN). This isolation helps secure the server and the backups.

Cyrus-Backup-Server handles performing backups for the VMs and for the file shares. Additionally, it performs cleanup (deletion) of the backup files as per their individual retention policies. Cyrus’ server aspect also handles logging of the backups and backup cleanups.

An example of the Powershell scripts’ functionalities included in the Server aspect of Cyrus are: backing up VMs using the Veeam Powershell module, backing up file shares using a 7-Zip module, and cleaning up backup files according to specified retention policies.

Cyrus1 is the primary backup server on the backup VLAN. See the Inventory Google Sheets file for its hardware and OS specs.

See for (what should be) the current versions of the scripts.

There is a basic dashboard to monitor the history of various backups. See for the code. This dashboard is contained in the CyrusDashboard folder inside of the Cyrus-Backup-Server folder on Cyrus1.

The dashboard can be accessed at <path to web dashboard> (you must be a member of the dept-helpdesk AD group). It works best in Chrome, not all display features work correctly in Firefox.

Cyrus Backup Client

The backup server’s isolation, while increasing security, makes it impossible for it to it to directly backup services other than the file shares and the Hyper-V VMs. Thus, Cyrus-Backup-Client handles these services, such as network appliances, GPOs, and other things. The client portion of Cyrus is installed on a server located in the standard zone of the network.

The Client’s responsibility it to perform backups and the various services across the network and save them to a secured share on the file share server. From here, Cyrus-Backup-Server handles the secure backup of these backup files. The Client also logs its performed backups.

An example of the Powershell scripts’ functionalities included in the Client aspect of Cyrus are: backing up network switches, backing up firewalls, backing up GPOs, and backing up various applications hosted across the network.

For the full list of backups performed by Cyrus-Backup-Client, see the list of scripts below.

The client aspect of Cyrus Backup Solution is located on the CyrusClient1 server (see the Inventory Google Sheets file for more information about that server).

See for (what should be) the current versions of the scripts.

Cyrus-Backup-Client.ps1 is run every 30 minutes from Task Scheduler. The frequencies for the various backup scripts are specified inside this script.

  • dr/cyrus_documentation.txt
  • Last modified: 2019/03/15 16:25
  • by ericclaus