Centrally Controlled Local Backup System Options

scottalanmiller

For anyone struggling to visualize what a common need this is....

Imagine this super common scenario:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure. Their WAN is slow and would take too long to consider for a normal backup, if it is possible at all. The only option is to back up to a USB hard drive. But they can't afford to have someone spend 15+ minutes every day logging in to verify that the backup has worked, but they need the backup to work. If they can do a WAN backup, it's only for "last resort" and restores would take so long that they can't do that until all else is lost. (Our example this weekend, an online backup would have taken them around two months to do and would have shut down their Internet for those two months.)

This isn't an "off the wall" scenario, this is something like 50%+ of all American businesses.

Now sure, if they followed my DevOps Backups approaches they could protect themselves that way, except for their file server. When you have 300GB of images to back up, there is very little that you can do to speed that up.

So to address the data needs, it needs to be a USB attached drive. We can complain that this isn't "enterprise" all we want, but it's more enterprise than a solution that they can't afford, justify, or make work. Is it ideal, no, but not every business can justify a nice NAS to get over having a USB drive, and a NAS will rarely provide any significantly better protection than a USB drive (both are just network attached storage of different sorts.)

And to address the monitoring needs, we need a central console that can verify and alert without depending on email from the same device that may have failed.

Basically we need to treat the backups at the customer the same way that we typically do RMM, AntiVirus, Remote Access and other functions. All of the risk already exists from those covering the same bases. They just seem to all lack the ability to kick off and monitor a backup.

Obsolesce

@scottalanmiller said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

But always pushed for no local backup, and to use modern means of working file storage (ODfB, Google Drive File Stream / Backup and Sync, etc).

Except that rarely works in the real world. SMB clients rarely have enough bandwidth to take an online backup, let alone to depend on that for a restore. That's only viable as a "sometimes" secondary backup target. Primary almost always has to be local. Restores need to be hours, not days or weeks.

It depends on the data. I thought we were talking about user devices though. If this is for servers, you're not going to find anything because nobody is going to create and maintain functionality like this barely anyone would or should use. Even in SMBs I worked for in the past, it was extremely rare for anyone to on board with having USB drives dangling from the servers.

And if is actually is for user devices, read up more in Google drive file stream and backup and sync. File stream works online while backup and sync is just that. If something like that wouldn't work for this use case because of bandwidth constraints and/or data size, then you're stuck again.

I don't know your actual intentions, is it MSP Backup like Dustin was saying? I don't know what you're planning, and all the details, but this seems like a pretty special request. Something doesn't seem right.

Edit, spoke too soon, just seen your above post and reading it now.

DustinB3403

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure. Their WAN is slow and would take too long to consider for a normal backup, if it is possible at all. The only option is to back up to a USB hard drive. But they can't afford to have someone spend 15+ minutes every day logging in to verify that the backup has worked, but they need the backup to work. If they can do a WAN backup, it's only for "last resort" and restores would take so long that they can't do that until all else is lost. (Our example this weekend, an online backup would have taken them around two months to do and would have shut down their Internet for those two months.)

Rclone is command line driven, super simple and works on the LAN (to a local storage) and as a secondary can backup to cloud as well.

scottalanmiller

@Obsolesce said in Centrally Controlled Local Backup System Options:

If this is for servers, you're not going to find anything because nobody is going to create and maintain functionality like this barely anyone would or should use.

This seems odd. Who wouldn't want this functionality in the SMB space?

Obsolesce

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure.

This is where built-in OS backup, scripts, and email come in real handy... for businesses that have data they didn't plan for, and can't afford to support. They can easily schedule a backup script to back up to local device, send email alerts, even have some free serverless app in Azure or AWS watch for things and also send out alerts if something fails.

I haven't seen what OSs need backed up, but I think it doesn't matter.

scottalanmiller

@DustinB3403 said in Centrally Controlled Local Backup System Options:

Rclone is command line driven, super simple and works on the LAN (to a local storage) and as a secondary can backup to cloud as well.

Yeah, like Duplicati (also command line driven) which we already have, it's the start of something good, but missing the piece I'm asking about.

scottalanmiller

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure.

This is where built-in OS backup, scripts, and email come in real handy... for businesses that have data they didn't plan for, and can't afford to support. They can easily schedule a backup script to back up to local device, send email alerts, even have some free serverless app in Azure or AWS watch for things and also send out alerts if something fails.

I haven't seen what OSs need backed up, but I think it doesn't matter.

Right, but the email system means it doesn't do what's needed.

scottalanmiller

@Obsolesce said in Centrally Controlled Local Backup System Options:

I don't know your actual intentions, is it MSP Backup like Dustin was saying? I don't know what you're planning, and all the details, but this seems like a pretty special request. Something doesn't seem right.

Not special, in the SMB MSP space it has to be like 80%+ of scenarios. It's the "least niche", the most mainstream of needs.

Obsolesce

@scottalanmiller said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure.

This is where built-in OS backup, scripts, and email come in real handy... for businesses that have data they didn't plan for, and can't afford to support. They can easily schedule a backup script to back up to local device, send email alerts, even have some free serverless app in Azure or AWS watch for things and also send out alerts if something fails.

I haven't seen what OSs need backed up, but I think it doesn't matter.

Right, but the email system means it doesn't do what's needed.

What's that? A fancy management portal some non-IT person can take care of? That's just too bad then. Windows and Ubuntu make it easy enough to backup a system.

DustinB3403

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure.

This is where built-in OS backup, scripts, and email come in real handy... for businesses that have data they didn't plan for, and can't afford to support. They can easily schedule a backup script to back up to local device, send email alerts, even have some free serverless app in Azure or AWS watch for things and also send out alerts if something fails.

I haven't seen what OSs need backed up, but I think it doesn't matter.

Right, but the email system means it doesn't do what's needed.

What's that? A fancy management portal some non-IT person can take care of? That's just too bad then. Windows and Ubuntu make it easy enough to backup a system.

Exactly, this is the part that I'm not getting that scott is saying he wants.

What it sounds like he wants is a vector for a hacker to get to every MSP's client and ransom their data.

Obsolesce

@DustinB3403 said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure.

This is where built-in OS backup, scripts, and email come in real handy... for businesses that have data they didn't plan for, and can't afford to support. They can easily schedule a backup script to back up to local device, send email alerts, even have some free serverless app in Azure or AWS watch for things and also send out alerts if something fails.

I haven't seen what OSs need backed up, but I think it doesn't matter.

Right, but the email system means it doesn't do what's needed.

What's that? A fancy management portal some non-IT person can take care of? That's just too bad then. Windows and Ubuntu make it easy enough to backup a system.

Exactly, this is the part that I'm not getting that scott is saying he wants.

What it sounds like he wants is a vector for a hacker to get to every MSP's client and ransom their data.

If an MSP is managing it, then the need that isn't there I would think, as the MSP should be IT oriented enough to manage that per client basis.

DustinB3403

@Obsolesce said in Centrally Controlled Local Backup System Options:

@DustinB3403 said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Tiny customer with a single server, no other hardware. They need to take a backup of their data and be able to restore it in a reasonable amount of time for most problems, primarily hard drive failure.

This is where built-in OS backup, scripts, and email come in real handy... for businesses that have data they didn't plan for, and can't afford to support. They can easily schedule a backup script to back up to local device, send email alerts, even have some free serverless app in Azure or AWS watch for things and also send out alerts if something fails.

I haven't seen what OSs need backed up, but I think it doesn't matter.

Right, but the email system means it doesn't do what's needed.

What's that? A fancy management portal some non-IT person can take care of? That's just too bad then. Windows and Ubuntu make it easy enough to backup a system.

Exactly, this is the part that I'm not getting that scott is saying he wants.

What it sounds like he wants is a vector for a hacker to get to every MSP's client and ransom their data.

If an MSP is managing it, then the need that isn't there I would think, as the MSP should be IT oriented enough to manage that per client basis.

Which is where I would think, as an MSP each should have their own environment. Not one central (global for the MSP), because that would be one massive target for any attacker.

Obsolesce

@scottalanmiller, is that what this is? You (MSP) wanting some broad scoped on-prem local backup solution that ties together all the clients that can be monitored via a single portal? Is that the missing piece that is preventing this from moving forward?

Or what exactly is the case here, rather than the hypothetical general SMB need of whatever it is you are looking for?

DustinB3403

@Obsolesce said in Centrally Controlled Local Backup System Options:

@scottalanmiller, is that what this is? You (MSP) wanting some broad scoped on-prem local backup solution that ties together all the clients that can be monitored via a single portal?

This is exactly what is lacking, along with the functionality to have said portal hosted in the cloud with the ability to direct backups to the client facilities.

Obsolesce

I imagine they have zero IT to monitor backups, and need an MSP to take care of it, but said MSP wants to do it as efficiently as possible, preferably via some portal to monitor the backup status of clients. But let's see what he says, I feel i'm still missing info.

DustinB3403

What could easily exist though is multiple portals (headache for the MSP) which restores to local (client) facilities.

But that isn't what @scottalanmiller is looking for.

Obsolesce

@scottalanmiller said in Centrally Controlled Local Backup System Options:

Basically we need to treat the backups at the customer the same way that we typically do RMM, AntiVirus, Remote Access and other functions. All of the risk already exists from those covering the same bases. They just seem to all lack the ability to kick off and monitor a backup.

This you can do for free:

Have the built-in backup software do a backup, or even the free version of Veeam. You could use a PowerShell script to run a Veeam backup, verify success, send a webhook to an Azure function or Runbook, or an email, to do whatever you want. This specific part of the how isn't the point, as there's tons of ways to do it to fit any requirement.

But after that part, you can schedule an Azure Runbook to run daily or whenever, to check for X, if not X, then it alerts. If X, then sends success message if you prefer. This way, no matter what, even if the on-prem solution totally fails and MS Azure or AWS is still up, you'll get whatever you want to happen still happen.

Example:

1. Built-in backup runs via powershell or bash script.
2. Backup success or fail webhook or email is sent via powershell or bash, or backup software if supported.
3. Depending on method, you have a free serverless script take care of back end processing.
4. Back-end processing can take care of whether or not something happened when it was supposed to, and if so, if it was a success for failure, and respond appropriately, by doing anything you can imagine... send email, write to database that your fancy web GUI can read, write to cloud storage, basically anything.

There you'll have a way to verify backups whether success, failure, or complete failure. You can even automate, via scripting, backup restore testing as well.

If Windows backup, I know you can back up to VHD(x), auto mount, attempt to restore a known file to somewhere, test for that, respond appropriately.

stacksofplates

I mean an outside the box scenario is you could use Jenkins to schedule all of this. Then just use something like Restic or Borg to do the backups either locally or to a central location.

Then you can have Jenkins send messages/emails on a failure. You'd just need a Jenkins slave at every site (can be whatever you are running the backup on).

stacksofplates

I use Borg for my laptop and it's been running forever. It's just a systemd timer, but you could easily have that script customized for each site and run the exact same job at each site, just the script would determine what happens.

Obsolesce

@stacksofplates said in Centrally Controlled Local Backup System Options:

I mean an outside the box scenario is you could use Jenkins to schedule all of this. Then just use something like Restic or Borg to do the backups either locally or to a central location.

Then you can have Jenkins send messages/emails on a failure. You'd just need a Jenkins slave at every site (can be whatever you are running the backup on).

Hmm, Jenkins running Onprem or remotely from the MSP?