This was originally published by the Tao of Backup in 1997, and looks like it hasn’t been updated in over 13.5 years (judging by the Backup Wailing Wall).

It’s also really focused on data, and I thought it would be useful to write a version focused on network and security devices (while also making sure to give proper credit).

The 7 Original Lessons Plus 1

Those who don’t know the secrets might think… sure just back it up and it’s there if you need it. Unfortunately, we know first hand from prospects’ horror stories that backups aren’t that simple.

In fact, though many buy BackBox for network automation, just about every single customer users our backup capabilities for their simplicity and reliability.

Let’s take a look at the seven aspects of backups that make every network or security device backup program fraught with danger and one that I’ve added special for those considering BackBox.

1. Coverage

Backup everything.

Not just device boot configurations but running configurations. Not just configurations but license information.

Grab metadata so you know all about the backup in case you need to know what it is (like what version of device OS it’s a backup of).

2. Frequency

Backup every day.

Does your network team work every day? Then they’re changing things or troubleshooting every day. So they should backup every day.

The only way to make sure there is time to backup every day, is to automate the entire backup process. Including verification that a backup is valid.

3. Separation

Keep offsite backups.

You want to do this without custom scripts for moving files. Moving files can be corrupted. BackBox can check for corruption so that a successful backup corrupted when it’s moved off-site doesn’t become a critical failure when trying to restore.

Importantly, you should also have a consistent off-site storage plan for cross-vendor backups. Each team should not be given the ability to store backups somewhere.

If there’s a good way to store off-site backups, there’s a best way to do it. Make sure everyone does it the best way (for the company) without lots of individual team overhead.

4. History

Keep old backups.

BackBox keeps a long history of backups (that you control) so that you can use them to troubleshoot network changes that might not be realized right away.

It also gives you the opportunity to restore from a backup before some nasty change made its way into your network, even if that change wasn’t recent.

5. Testing

This one’s my favorite.

“To believe in your backups is one thing, to use them, another.”

BackBox’ one-click restore makes it super easy to restore from backup, but that doesn’t mean you shouldn’t practice anyways.

6. Security

Encrypt your backups. Keep multiple copies. Put them somewhere safe.

7. Integrity

Last, but not by any means, least. Test. Every. Backup.

With BackBox we validate every single backup. We validate it again should we need to restore.

Backups are a good tool for troubleshooting. Has anything changed? What? What about from a week ago? Your backup tools should assist in troubleshooting changes to your network, and in fact, should notify network administrators when things unexpectedly change.

8. One More for Automation

I’m going to add one more bit since a lot’s changed in the 25 years since the original Tao of Backup was written.

Your backup should be automated in such a way that it can be easily incorporated into any potentially destructive administrative activity (like a software update). By making it a simple and modular automation, running a backup becomes an effortless part of every activity (before and after) to ensure that activities are completed safely.

An automated and consistent plan avoids shortcuts common with late-night or weekend network changes, and keeps networks safer as a result.


See for yourself how consistent and reliable your device backups and upgrades can be