Eve,
While this isn't a firewall question per se, it certainly is a security question. If your referring to the backup of your firewall, they tend to be pretty static so I usually take an image of the system (dd or Ghost) after the initial installation or after any OS or application patches or updates. All other changes to the firewall rule set should be under a "Change Control" process that requires the rule set to be backed up immediately after the change.
For regular system backups the "standard" depends on the rotation time you are looking for. If you want to keep backup data for 4 weeks then you would use 4 sets of weekly tapes. You might do a complete backup over the weekend and use incrementals on week days. Each tape set gets reused every 4 weeks.
For the most part, backup is a balancing act between time and system availability so good system engineering can help alot. If possible try to keep the static portions of your system (applications, OS files) on separate volumes and image them when they get changed. Only run your backups against data that gets changed regularly.
From a security standpoint there are these things to consider:
1 .Is the backup verified? - a bad backup is worthless, you should always verify backups and go back and capture anything that did not get recorded correctly.
2. Is the backup stored in a fire safe "media" container? - The standard UL ratings for fire safe containers is for paper, NOT plastic so make sure the container is rated for computer media.
3. Is the backup media labelled and cataloged? - If you can't track your backups restoration will be a nightmare. Make sure to use a logical labeling scheme and keep a good record of tape dates and usage.
4. Is backup media usage/lifetime tracked? - Manufacturer's usually specify a set number of uses or time span for their media. Make sure to track this. Replace media when it reaches it's usage limits and verify/refresh media when its storage approaches the retension lifetime.
The better backup packages will usually track this information for you.
I also suggest making two copies of all long term saves (monthly, quarterly) and storing them in two geographically different locations.
Long term storage for things like tax records, employee health records, etc. can be even more interesting. I recommend converting everything to ASCII text and storing it to CD or DVD ROM because technology changes so fast, in seven years you may not be able to find something that will be able to read the media or discypher the format. I still remember the day one of the auditors brought in a whole file box full of 8" Bernolli cartridges for me to read!
-- Bill Stackpole, CISSP
| "eve Singhara" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 03/18/01 07:35 PM
|
To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject: Backup Standard |
Hi everyone
I just wonder if anyone can suggest me about the standard of Backup
files recording. At this moment we have Daily back up (from
Monday-Thursday) 4 cycles; Weekly Backup 5 cycles; and Monthly Back up 12
cycles.
Please recommend me the existing records that I have, and if it's not
secure enough , please do recommend me more.
Thanks v.much in advance and looking forward to hear from u soon
Aclaire
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
