Backing Up and Restoring the ISA Configuration

Backing up important system information is a vital part of any network administrator's routine, and ISA Server includes a backup and restore feature that allows you to save and reapply configuration information in the event of a failure.

Backup Principles

You should back up the configuration each time you make any major change to the ISA server or array settings. In particular, Microsoft recommends that you make a backup of the array configuration immediately after you do any of the following:

• Modify the installation mode (firewall, caching or integrated)

• Modify the enterprise policy settings in any way

• Add, remove, or rename an ISA server or array

• Change the location or size of the cache

• Add or remove Web filters

You should also back up server-specific information on a periodic basis. This is done on each ISA Server computer. The process includes:

• Passwords

• Local Registry parameters/settings

• Cache configuration information

• Cache contents

• The H.323 Gatekeeper configuration

• Local settings for application filters

• Performance-tuning parameters

• Reports

• Log files

Backing Up and Restoring Stand-Alone Server Configurations

You will recall that when an ISA server is installed in stand-alone mode, the ISA configuration settings are stored in the computer's local Registry. When you back up a stand-alone server, the configuration information is restored to the same stand-alone server.

To use the Backup feature, simply right-click the server name in the left console pane of the ISA Management MMC, and choose Back Up (or make the same choice on the Action menu while the server name is highlighted), as shown in Figure 25.26.

Figure 25.26: The ISA Management Console Provides a Tool for Backing Up Server Information

You will be prompted to enter a location where you want to store the backup confirmation information. You can type a path or browse for a location. The backup information file will be saved with a .BIF extension.

You can also enter a comment to provide more information about the backup file or to identify who made the backup, as shown in Figure 25.27.

Figure 25.27: You Can Provide an Identifying Comment for the Backup File

To restore the data, right-click the server name and select Restore from the context menu, and you will receive a warning message notifying you that the existing configuration will be replaced when you restore from a file. When you click OK, you will be asked to enter or browse for the path to a backup (.BIF) file.

Backing Up and Restoring Array and Enterprise Configurations

When ISA Server is installed as an array member (even if the array has only one member), the configuration information is stored in Active Directory.

Backing Up and Restoring an Array Configuration

Backing up and restoring configuration information for an array is similar to the process for stand-alone devices. ISA Server backs up the array's general configuration information, including the following:

• Array policies

• Access policy rules

• Publishing rules

• Policy elements

• Alert configuration

• Cache configuration

The process for backing up the array is the same as shown for a stand-alone server; you right-click the array name in the left console pane, select Back Up, and follow the same steps.

Some server-specific configuration information, including cache content, activity logs, reports, and effective enterprise policy, is not backed up when you back up the array. The restoration process, once again, involves selecting Restore from the context menu and entering a path or browsing for the backup file, as shown in Figure 25.28.

Figure 25.28: You Must Enter a Path to the File in Which You Backed Up the Array Configuration

Backup file information will be displayed, as shown in Figure 25.29, so that you can ensure this is the correct file before you go ahead with the restoration process.

Figure 25.29: Backup File Information Is Displayed Prior to the Restoration

The restoration process might take a few moments. When it is completed, a message will be displayed notifying you that the array has been successfully restored.

Backing Up and Restoring an Enterprise Configuration

You can back up the enterprise configuration data to a separate file. Backing up the enterprise configuration saves all enterprise-specific information. This includes enterprise-level policy elements and policies as well as information regarding which arrays in the enterprise use specific enterprise policies.

The enterprise configuration is stored in a file with the .BEF extension (for backup enterprise file, to differentiate it from the .BIF array backup files). You should back up all arrays in the enterprise after you back up the enterprise configuration, and after restoring the enterprise, you should restore all arrays. This process ensures that arrays that use enterprise policies will have the policies applied correctly.

To back up the enterprise configuration, right-click the Enterprise object in the left console pane of the ISA Management MMC and select Back Up, then follow the same steps already discussed for backing up a stand-alone server or an array.

The restoration process is the same as for a stand-alone server or array: Right-click the object (in this case, Enterprise) and select Restore, then select the appropriate .BEF file.