The reason why it is important to back up these types of devices is because their configurations can be difficult to manually replicate. If you don't believe me, then try answering the following questions without looking up the answers:
- How many DHCP scopes do you have, and what is the IP address range for each scope?
- What IP address does your firewall forward SMTP traffic to?
- How many firewalls do you have, and which ports are open on each one?
If you have a small network, then you might be able to answer these questions with relative ease. In larger organizations, it would be very difficult for a single person to memorize all of the router and firewall configurations. Without a backup and/or adequate documentation, it would take a lot of time and effort to manually reconfigure such a device.
How to back up network hardware devices
It is obviously important to back up network hardware devices, but how should you do it? Given the nature of network hardware devices, including them in your nightly tape backups is probably going to be impossible. That's OK, because device configurations are typically fairly static, so frequent backups aren't important so long as you have a reliable backup of your most recent configuration.Document you backup hardware configuration
As important as backups of hardware devices are, they are no substitute for proper documentation of their configuration. To give you a better idea of why I am saying this, let me tell you about something that happened to me a few years ago.
I had just gotten off of a plane, and I decided to check the messages on my cell phone. Among the usual messages was a frantic message from my wife telling me that my office had just been hit by lightning. Although I take steps to protect my equipment from power surges, surge protectors and UPSes don't provide adequate protection against a direct hit by a bolt of lightning. To make a long story short, my primary firewall was among the casualties.
I decided to go online and order another firewall. What I wasn't counting on was the fact that my firewall had been discontinued. Therefore, I had to buy a different model. Although I was unable to restore the backup of my firewall directly, I was still glad that I had the backup.
It turned out that the backup file created from my old firewall was nothing more than a text file, similar to a Windows .INF file. This allowed me to read the various configuration settings, and use them to configure my new firewall.
As you can see, it is important to back up your network hardware devices any time that you change the device's configuration. At the same time, it is also important to realize that you can't always depend on the backups that you have made. As such, I recommend documenting your device configurations (preferably with screen captures), and keeping a copy of any firmware updates that you may apply.
About the author: Brien M. Posey, MCSE, has previously received Microsoft's MVP award for Exchange Server, Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. You can visit Brien's personal website at www.brienposey.com.
This was first published in April 2010