Overview of disaster recovery

Applies To: Forefront Client Security

Your Microsoft® Forefront™ Client Security deployment is a critical part of your enterprise infrastructure. It is recommended that you back up your Client Security data on a regular basis.

As with any enterprise software deployment, you can take steps to minimize the risk of data loss and equipment failure. Using fault tolerant hardware and system redundancy methods can help reduce your overall exposure to data loss and system downtime.

For more information about fault tolerance strategies, see Fault tolerance strategies.

It is not recommended that you back up any information that is easily recoverable by reinstallation of software (such as files in your Program Files directory). Backups should be focused on data that you cannot recover through reinstallation, such as Microsoft SQL Server™ data and Group Policy objects (GPOs).

When you are recovering from a system failure, the basic sequence of events to restore your Client Security deployment is:

  1. Reinstall the server that was affected by the failure.

  2. Restore any lost data from data backups.

For detailed information about how to install a server, see the Client Security Deployment Guide (http://go.microsoft.com/fwlink/?LinkID=86998). For information about how to restore your data, see Recovering your deployment.

This chapter describes what data you should back up, how to restore data, and options for reducing your data loss exposure.

Introduction to disaster recovery

In recent times, organizations have dramatically increased their reliance on computer-based data storage. As a result, it is important for information technology (IT) workers to reduce costs to organizations by maintaining critical applications and preventing unnecessary system downtime.

System administrators must protect their networks from both data loss and system downtime. This involves both routine procedures performed on an ongoing basis and nonroutine steps taken to prevent or recover from unexpected downtime.

Some of the potential causes of system downtime include:

  • Hard disk subsystem failure

  • Power failure

  • Systems software failure

  • Accidental or malicious use of deletion or modification commands

  • Destructive viruses

  • Natural disasters

  • Theft or sabotage

This guide is designed to help you develop a disaster recovery plan for your Client Security deployment. In addition to reading this guide, you should have the following elements of a disaster recovery plan in place:

  • Plan to acquire replacement hardware

  • Communication plan

  • List of people to be contacted in the event of a disaster

  • Instructions for contacting the people involved in the response to the disaster

  • Information about who owns the administration of the plan

An effective disaster recovery plan ensures that you can quickly recover your data if it is lost. Be sure to develop and test your backup and restore strategies with appropriate resources and personnel.

A disaster recovery plan should ensure that all of your systems and data can be restored to normal operation quickly in the event of a natural disaster (such as a fire) or a technical disaster (such as a two-disk failure in a redundant array of independent disks Level 5 (RAID-5) array). When you create a disaster recovery plan, you identify all of the actions that must occur in response to a catastrophic event.

Thoroughly test your backup and recovery plan before deploying Client Security in a production environment. When testing, look for vulnerable areas by simulating many possible failure scenarios. It is recommended that you verify your disaster recovery plan by simulating the occurrence of a catastrophic event.

When planning your disaster recovery strategy, consider the following questions:

  • To what medium will you send the backup (tape or disk)?

  • Will you do the backups manually or schedule them to be done automatically?

  • If backups are automated, how will you verify that they successfully occurred?

  • How will you ensure that the backups are usable?

  • How long will you save the backups before reusing the medium?

  • Assuming failure, how much time will it take to restore from the most recent backup? Is that an acceptable amount of downtime?

  • Where will you store the backups, and do the appropriate people have access to them?

  • If the responsible system administrator is unavailable, is there someone else who knows the proper passwords and procedures to perform backups and, if necessary, to restore the system?

As part of any disaster recovery plan, it is recommended that you do the following: