Lessons on disaster recovery

By Joel M. Snyder
Network World, 11/05/01

Original article from Network World web site

Disaster recovery is on everyone's mind right now - or should be. Here are lessons some of my clients have learned in the wake of recent events.

  • Test your backups. Often companies set up and test backups, and then proceed (over the years) to change software versions and patches, operations procedures, physical media and everything else - without retesting. If you don't test your backups, you'll never know if they're going to work. Once is not enough.

    As long as you're testing your backups, step back and re-evaluate your entire operation. Do you move tapes off-site frequently enough? Daily should be your goal, but if you can't afford that, at least try for weekly. Do you have a long enough back-up cycle? A retention cycle of between two weeks and a month is typical, but the longer the cycle, the better the chance you'll have the data when you need them.

  • Get a VPN. If you're using private lines to link offices, get a VPN - not necessarily to replace those lines, but at least to back them up. If the private lines go down, you can safely and securely send your site-to-site data over the Internet.

    If you have Cisco routers at the edge of your network, then you already have all the hardware you need for a disaster-recovery VPN. All you need to do is get your IOS upgraded and spend some time configuring - and testing - the back-up plan. If you've got a remote-access system at corporate headquarters, such as Nortel's Contivity, then you also have a big piece of the picture. As last month's VPN interoperability review shows , you can link almost everything. Look at products from folks such as Red Creek for low-cost VPN back-up devices. Or consider using your Windows 2000 servers as site-to-site VPN gateways. Some connectivity, no matter how hokey, is better than none.

  • Check your Internet connection. Don't depend on your ISP to keep your Internet connection up in the event of a problem; take charge of this yourself.

    It is difficult for most companies to multihome to different ISPs properly. Autonomous system numbers are expensive and a finite resource, and setting up the routing and getting the address space is a challenge. But for disaster-recovery purposes, you can probably get by with a back-up connection and an arrangement for the back-up ISP to advertise your IP addresses when the primary ISP (or your circuit to the primary ISP) is unavailable. That can be a tricky configuration, but if you work on it now - and test it periodically - you can survive a major outage.

    There's no time like the present to examine and test your disaster-recovery procedures. Take advantage of the slowdown in business to solidify your network and get yourself ready for tomorrow.

  • Snyder, a Network World Test Alliance partner, is a senior partner at Opus One in Tucson, Ariz.

    Read more of Snyder's Bottom Line columns.