Synology’s Active Backup for Business is one of the best backup tools I’ve come across. Assuming a Synology NAS, this tool is a very mature backup system for a complete productive environment in companies. Unlike QNAP’s HDP, ABB is a complete tool for almost all kinds of systems not only VMs but also servers, laptops, desktops and special purpose computers based on Windows, Linux. It is excellent for image backup and “ransomware protected” backup storage – when you do it the right way.
//DIESEN BEITRAG AUF DEUTSCH FINDEST DU HIER
As already described at the start of the series, we are creating a backup environment that is specifically designed to protect an active infrastructure from hackers (physical / network access), ransomware (software access), disasters (fire and other disasters). Synology’s ABB is our heart of the plan.
- Part 3: Synology Active Backup for Business best-practice
- QNAP Hyper Data Protector as backup for VM Best Practice Part 2
- VM backup with QNAP and Synology tools best practice – part 1
My experience with Synology (ABB) Active Backup for Business and disaster recovery
From my own experience I can report the following. A customer used ABB to secure their servers and cash registers externally. When his shop burned down, the restore worked flawlessly. Systems were online again one day after the fire. Since the original systems were destroyed, I had concerns BUT I was able to migrate the destroyed operating systems to new ones without any problems. I used the ABB recovery interface to create a boot disk and then copied the destroyed system over the new system. The systems are still running today.
My posts from that time (in GERMAN):
- Datenrettung nach Brand, neue Serie an Beiträgen.
- IT-Soforthilfe nach Brand
- FritzBox nach Brand wiederherstellen und Daten retten
- Happy-Birthday HP Z420 du König der Workstations
Best practice Active Backup for Business from Synology
- Use “btrfs” file system which offers a great balance between security and performance read more HERE or HERE.
- During setup, uses encryption and the defaults of the wizard for productive business environments.
- Do not integrate the NAS into the domain and do not set up any shared drives – it should be a pure backup NAS.
- Set up a 2FA for your admin accounts
- Do not use the account “admin” but consider another user name
- Change the default ports
- Blocks access to the Internet from the NAS and from the Internet to the NAS
- DO NOT USE CACHING for backups
- Use a USV for your Synology and install it inside the DSM
- Optional: Ideally, connects the NAS to the network via 10G
- Optional: Uses RAID 1 or RAID 5 depending on the amount of data
- Optional: If possible, use 2x RAID1 on a Synology to internally set up a snapshot with time data synchronization of the backed up data
When you are using VMware:
The most important thing at the end – back up the VMs via the hypervisor, not via the vCenter (if you use HDP as described in part 2, then back up the machines via the ESXI, not via the vCenter).
The data backup is active, which means that a tool can be installed on the system to back up the data. This is the best choice for standalone servers and systems. For VMs, ABB connects to the hypervisor (enabling SSH/CLI) and saves the data as a snapshot.
How the interaction is, I will show in the next post
More information HERE: Source Synology