In this chapter we have covered a variety of tools and procedures that can be implemented in Windows Server 2003 to protect your servers and data in case of a disaster. However, disaster planning and recovery involves more than learning a few procedures; it has to be part of an overall strategy. Just firing up Windows Backup and filling up media with data does not make a good disaster-recovery plan. You have to have a plan in place for what to do with your backups when you need them. A good disaster-recovery plan starts with the basics:
When making your disaster-recovery plan, you should prepare not only for common daily occurrences, such as users or administrators accidentally deleting files, but also more serious problems, such as tornadoes, hurricanes, and extended power outages. Your disaster-recovery plan should be documented. If the chief technology officer walks into your office and starts asking what-if questions, you should be able to reach into your desk and pull out a binder that contains a detailed layout of what disasters you have planned for, what the contingencies are, who to contact, and where the materials you need (such as spare parts, offsite media, passwords, and so on) are stored and how to obtain them. Copies of this disaster-recovery "cookbook" should be distributed to the personnel who have a part in recovery. In addition, this cookbook should be updated frequently as new hardware and software are added to your network or as additional personnel are added or removed. This should be a "living" document. To keep this document effective, you should schedule frequent test runs to verify that the procedures work and that necessary personnel are comfortable with them. Feel free to make liberal use of screenshots in the documentation. Just like the old adage says, "A picture is worth a thousand words," especially when you're in the middle of a disaster and trying to recover. Implementing and Using Good Backup ProceduresAs part of your disaster-recovery plan, you should have solid backup and restore procedures. Here are some of the recommended best practices for backups:
Managing and Rotating Backup Storage Media
After spending a lot of time and effort backing up your servers, it can all be negated by a bad tape or a tape that was overwritten when it shouldn't have been. There are several standard industry practices for managing and rotating backup storage media. For proper disaster-recovery protection, they should be followed. For example, if you use the same tape or tapes every day, they soon become worn out. There is nothing worse than being in the middle of restoring critical files when you discover that a backup tape cannot be read because of an error. Best practices for working with backup tapes recommend that you cycle tapes so that they are not used too frequently, and that you track their in-service date. You should have a plan in place for the tapes to be replaced either when they are showing errors in the backup log or sometime before their "end of life," as recommended by the manufacturer of the tape. Let's look at a typical weekly backup schedule and the differences in the media required for a full restore (see Tables 17.3 and 17.4).
In both cases, you should use five media sets (one or more tapes) each week. These tapes should be stored in a fireproof media safe during the week, and the previous week's backup should be stored offsite in a secure, climate-controlled location. A common practice is to have three or four sets of backup media so that there is a longer period before older data is overwritten. This protects the system administrator from a user who deletes a file just before he leaves for a two-week vacation and then wants his file back when he returns to work. These backups can be supplemented by a monthly, quarterly, or even yearly normal backup that can be kept for a longer period of time. |