For a "firewall", I do not recommend even allowing any sort of network file
access, so you can't back it up using Arcserve. It's not practical to put a
DLT drive on the firewall itself either...
Ideally, you should consider using a distributed system where firewall logs
are stored on a a management server (ala CheckPoint) and then the firewall
itself should be almost static in nature. No changes to filesystem, so no
need for incrementals. Instead, use a product such as REMBO along with PXE
interface. Each time firewall boots, all partitions are slicked and a "known
good" image loaded. Host-base IDS on firewall detects change and system
reboots. Bye bye root kits.
I have REMBO-C code developed for this purpose, as well as bastion hosts,
production servers etc. Baseline imaging, incremental imaging etc.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Hedges, Nigel
Sent: Sunday, March 18, 2001 11:38 PM
To: eve Singhara; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: Backup Standard
Hi, Not sure if this is directly firewall mail list material BUT:
I can smell a ArcserveIT backup scheme from a mile away. (-:
You have just described a GFS (Grandfather-Father-Son) rotation scheme.
In my time as a network administrator, this scheme has always worked
favourably.
Depending on your backup media is whether you would do an incremental or
full backup.
In my office (for all daily, weekly and monthly) we do a full backup, and
exclude certain files
and directories which are not apart of the network policy. For example,
*.chk, *.bak, *.tmp, pr0n*.jpg.
Even *.pst if you don't like people storing their archives on your network
file server(s).
If you are storing your tapes offsite with an outsourced data storage
company, you really should only bother
with storing Fridays and Monthly tapes. Monday - Thursday would just be
optional depending on how dynamic or important your environment is.
Do a test restore in a given interval, say... once a month, just to make
sure that the restore is working as it should.
Trust me on that one!
Cheers,
Nigel H
Computer Associates
-----Original Message-----
From: eve Singhara [mailto:[EMAIL PROTECTED]]
Sent: Monday, 19 March 2001 2:36 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Backup Standard
Hi everyone
I just wonder if anyone can suggest me about the standard of Backup
files recording. At this moment we have Daily back up (from
Monday-Thursday) 4 cycles; Weekly Backup 5 cycles; and Monthly Back up 12
cycles.
Please recommend me the existing records that I have, and if it's not
secure enough , please do recommend me more.
Thanks v.much in advance and looking forward to hear from u soon
Aclaire
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
