|
Backing up important system information is a vital part of any network administrator's routine, and ISA Server includes a backup and restore feature that allows you to save and reapply configuration information in the event of a failure.
You should back up the configuration each time you make any major change to the ISA server or array settings. In particular, Microsoft recommends that you make a backup of the array configuration immediately after you do any of the following:
Modify the installation mode (firewall, caching or integrated)
Modify the enterprise policy settings in any way
Add, remove, or rename an ISA server or array
Change the location or size of the cache
Add or remove Web filters
You should also back up server-specific information on a periodic basis. This is done on each ISA Server computer. The process includes:
Passwords
Local Registry parameters/settings
Cache configuration information
Cache contents
The H.323 Gatekeeper configuration
Local settings for application filters
Performance-tuning parameters
Reports
Log files
You will recall that when an ISA server is installed in stand-alone mode, the ISA configuration settings are stored in the computer's local Registry. When you back up a stand-alone server, the configuration information is restored to the same stand-alone server.
To use the Backup feature, simply right-click the server name in the left console pane of the ISA Management MMC, and choose Back Up (or make the same choice on the Action menu while the server name is highlighted), as shown in Figure 25.26.
Figure 25.26: The ISA Management Console Provides a Tool for Backing Up Server Information
You will be prompted to enter a location where you want to store the backup confirmation information. You can type a path or browse for a location. The backup information file will be saved with a .BIF extension.
Note | Microsoft recommends that you always store the configuration backup on an NTFS partition for security purposes. Doing so will allow you to protect the files from unauthorized access, using NTFS permissions. |
You can also enter a comment to provide more information about the backup file or to identify who made the backup, as shown in Figure 25.27.
Figure 25.27: You Can Provide an Identifying Comment for the Backup File
To restore the data, right-click the server name and select Restore from the context menu, and you will receive a warning message notifying you that the existing configuration will be replaced when you restore from a file. When you click OK, you will be asked to enter or browse for the path to a backup (.BIF) file.
Warning | Be certain that the file you select is the most current backup of your ISA configuration. The existing configuration will be overwritten when you restore from backup. Restoring from the wrong file could have undesirable effects on your ISA server. |
When ISA Server is installed as an array member (even if the array has only one member), the configuration information is stored in Active Directory.
Backing up and restoring configuration information for an array is similar to the process for stand-alone devices. ISA Server backs up the array's general configuration information, including the following:
Array policies
Access policy rules
Publishing rules
Policy elements
Alert configuration
Cache configuration
The process for backing up the array is the same as shown for a stand-alone server; you right-click the array name in the left console pane, select Back Up, and follow the same steps.
Note | Microsoft's ISA Server documentation states that the backup files must be stored on the local computer—in other words, you cannot save them to a network location. The authors' experiments, however, indicate that it is possible to save the backups across the network and restore them from the remote location. |
Some server-specific configuration information, including cache content, activity logs, reports, and effective enterprise policy, is not backed up when you back up the array. The restoration process, once again, involves selecting Restore from the context menu and entering a path or browsing for the backup file, as shown in Figure 25.28.
Figure 25.28: You Must Enter a Path to the File in Which You Backed Up the Array Configuration
Backup file information will be displayed, as shown in Figure 25.29, so that you can ensure this is the correct file before you go ahead with the restoration process.
Figure 25.29: Backup File Information Is Displayed Prior to the Restoration
The restoration process might take a few moments. When it is completed, a message will be displayed notifying you that the array has been successfully restored.
Note | You cannot back up an array configuration and then restore that configuration to a different array or to a stand-alone server. You must restore to the same array. |
You can back up the enterprise configuration data to a separate file. Backing up the enterprise configuration saves all enterprise-specific information. This includes enterprise-level policy elements and policies as well as information regarding which arrays in the enterprise use specific enterprise policies.
Note | When you back up the enterprise configuration, array-specific data will not be saved. You must back up the array configuration separately, as described earlier. |
The enterprise configuration is stored in a file with the .BEF extension (for backup enterprise file, to differentiate it from the .BIF array backup files). You should back up all arrays in the enterprise after you back up the enterprise configuration, and after restoring the enterprise, you should restore all arrays. This process ensures that arrays that use enterprise policies will have the policies applied correctly.
To back up the enterprise configuration, right-click the Enterprise object in the left console pane of the ISA Management MMC and select Back Up, then follow the same steps already discussed for backing up a stand-alone server or an array.
Note | A .BEF file cannot be restored to an array, nor can a .BIF file be used to restore the enterprise. |
The restoration process is the same as for a stand-alone server or array: Right-click the object (in this case, Enterprise) and select Restore, then select the appropriate .BEF file.
|