Microsoft Internet Security and Acceleration (ISA) Server 2004 Unleashed

Understanding ISA Server's Backup and Recovery Capabilities

ISA Server 2004 provides a flexible backup and recovery toolset that enables the entire configuration set, as well as individual elements, to be backed up or exported. Those elements can then be restored or imported back to the same firewall on the same machine or to another firewall on another machine.

The big advantage to this type of process is that a full system and OS backup is not required to restore the configuration of an ISA Server. Instead, a small, Extensible Markup Language (XML) text-formatted file is all that is necessary, facilitating a wide degree of flexibility in backup and restore approaches.

Using Export and Import Functionality to Simplify Recovery

Using the export and import features of ISA Server 2004 makes it possible to preserve and recover individual components of the firewall installation. In case of a problem with a specific and known component of the system, importing the component from a trusted export is all that's necessary to restore the firewall.

Backing Up Individual ISA Components

Individual ISA components can be backed up with the export functionality built into the product. The following components can be exported:

  • Entire ISA configuration

  • All networks or an individual network

  • All network sets or an individual network set

  • All network rules or an individual network rule

  • All web chaining rules or an individual web chaining rule

  • All policy rules or an individual policy rule

  • System policy

  • All connectivity verifiers or an individual verifier

  • Monitoring filter definitions

  • All cache rules or an individual cache rule

  • All content download jobs or an individual content download job

  • VPN client configuration

  • Remote site definition

Components that have been exported in this manner can be imported into the same firewall for recovery purposes or into another firewall for configuration purposes (cloning, mass distribution, migration from ISA Standard to Enterprise Edition or vise versa, and so on).

If the components selected for export include confidential information (user credentials, pre-shared keys or secrets, and so on), a password is required for export. This password is used to encrypt the sensitive information in the export file and is required for importing the file.

    Категории