Skip to content

Afi Platform Update - Apr 2025

This update brings many new features and significant improvements to the Afi platform, extending support for Microsoft Azure, Microsoft 365, Google Workspace, and Kubernetes backup.

Update summary

Microsoft Azure

  • Introduced MS SQL database backup and recovery for Microsoft Azure
  • Added an ability to recover individual disks from virtual machine backup
  • Added support for volume content browsing for linear LVM partition layouts and for partitions with XFS file system
  • Supported live browse of resource groups, subscriptions, etc. in the virtual machine and database recovery wizards
  • Improved backup and recovery stability

Microsoft 365 backup

  • Added an ability to recover a selected calendar event
  • Improved backup and recovery stability

Google Workspace backup

Kubernetes backup

  • Improved backup and recovery stability

Platform

  • Introduced an option to restrict sensitive operations through lockdown mode
  • Added ability to enforce SAML/Okta-only access to an Afi organization account
  • Added support for custom self-service access groups for Google Workspace and Microsoft 365
  • Introduced an option to enforce backup immutability utilizing cloud retention locking
  • Improved heuristics for file name matching in search results
  • Improved navigation experience by preserving Protection tab filters when a user navigates between the Protection tab and backup browse view

Partner


Detailed update description

Microsoft Azure

MS SQL database backup and recovery

The update introduces comprehensive protection for Azure MS SQL databases, including database configuration, schema, and data backup to the Afi cloud, and provides the ability to recover databases back to the Azure cloud. During a database backup, Afi automatically provisions a staging SQL server, clones the database into the staging server, and then uploads the data to the Afi cloud.

To provide convenient database data navigation and backup management, Afi supports an extensive set of features, including:

  • Ability to preview and download database configuration in Azure-native JSON format;
  • Ability to view database configuration changes history;
  • Ability to browse and preview SQL schema and table data as well to download selected SQL tables in CSV format;
  • Global search across all or a selected set of backups in a tenant that allows to easily locate a backup by various properties (ID, name, tag, location, resource group, etc.);
  • Annotation labels highlighting resource configuration and database schema changes.

Screenshots below show configuration, table data, and schema preview for a sample test database.

Configuration

Table data

Schema

Virtual machine disk recovery

You can now restore a selected disk from a virtual machine backup and then attach it to a virtual machine of your choice in Azure. To restore a disk, go to the Disks tab inside the virtual machine backup browse view, select the disk, and click Recover.

LVM and XFS support

Afi now supports volume content browsing for linear LVM partition layouts and for partitions with XFS file system.

Info

Striped and mirrored volumes are currently unsupported for volume content browsing, although support for these volumes is planned in upcoming service updates.

Microsoft 365

Recover a selected calendar event

Afi now allows to recover an individual calendar event from the calendar backup browse view as well as from search results. Previously, only entire calendar restore was supported.

Google Workspace

Recover a selected calendar event

Afi now allows to recover an individual calendar event from the calendar backup browse view as well as from search results. Previously, only entire calendar restore was supported.

Platform

Lockdown mode

In this update Afi introduces the lockdown mode feature that restricts sensitive operations in an Afi organization account, including access management and data deletion. Once lockdown mode is enabled, protected operations are blocked for all administrators and backup operators. If necessary, an administrator with access to the lockdown secret code (generated during configuration) can temporarily lift lockdown mode.

Once lockdown mode is enabled, you will see a Lockdown mode: On banner at the top of the Afi portal pages where protected controls and settings are located.

To temporarily lift lockdown mode, click the lock icon on the right side of the banner and enter the lockdown secret in the prompt. Lockdown mode will then be turned off for 15 minutes, allowing access to protected operations during that time.

SAML-only access enforcement

Afi now provides an ability to enforce SAML/Okta-only access for account administrators and users. SAML access enforcement is managed on the Configuration → Access policies tab in the Afi portal together with other context-aware access policies (access restrictions based on the user's country or IP address).

Custom self-service access groups

Afi now allows to grant self-service access only to selected users or user groups in a Google Workspace or a Microsoft 365 tenant by creating a custom self-service access group.

Backup immutability

As an additional protection measure, it is now possible to ensure backup indelibility by enabling underlying object storage immutability (sometimes called data retention locking). When enabled, backup tasks periodically advance a lock timestamp on all backup archive objects, preventing them from being deleted or modified for a certain period (approximately one month). While a retention lock for a backup is active, it cannot be deleted or tampered with by any party, including Afi.

You can contact Afi Sales at (sales@afi.ai) to configure data immutability for your Afi tenant. Please note that retention locks are applied during periodic backups. Therefore, once retention locking is configured, ensure that all your backups remain protected by backup SLA policies that include a periodic backup schedule.

Info

The backup datastore format designed by Afi is implemented on top of object storage and is designed in a way which ensures that backup data and metadata objects are never rewritten. Data and metadata updates are never performed in place, and all data is fingerprinted for integrity verification. Enforcing immutability on the cloud storage side adds an additional data protection layer on top of the existing guarantees provided by Afi.

Partner

Multi-tier reseller support

Afi now provides multi-tier reseller support for distributor organizations that resell SaaS services to downstream resellers and managed service providers.

Info

Please contact Afi Sales at (sales@afi.ai) to discuss distributor channel partnership with Afi.