17.3. Backup

The Intra2net system contains the current configuration data and all emails and groupware data as well as statistics, log files and the email attachment quarantine. Therefore a regular backup is important.

Since the emails and groupware data can quickly grow to a large volume, a full backup may take many hours. Therefore, the system offers the possibility to create not only full backups, but also differential backups. These then only contain all changes since the last full backup. They can be created much faster and therefore allow to back up the data several times a day.

In the default configuration the Intra2net system creates a full backup once a week on Saturday at 22h and a differential backup three times a day at 6:30h, 12:30h and 19h on all days except Sunday. This means that the full backup can run the whole Sunday without disturbing the employees with increased system load. At the same time, the three backups per day provide only a small window for data loss should there ever be serious problems.

You can adjust these default settings to your requirements in the menu System > Backup > Settings or also trigger a backup manually.

If a differential backup is to be created manually or via the defined time control, but there is no full backup yet, a full backup will be created automatically instead.

17.3.1. Backup protection

The backups contain all emails, groupware data and the configuration with passwords of email retrievals, among others. It is therefore essential to protect them from access by unauthorized persons.

As basic protection of the backups, access can be restricted to a computer or user. By default, access to the backups is restricted to a user with a randomly generated password. Change this password to enable access.

For extended protection, the backups can be encrypted. The symmetrical AES-128-GCM method is used for this. The password entered is converted to a key block directly after entry using the scrypt method and only this key block is stored in the internal configuration database. This means that the password used cannot be later read out of the configuration database.

[Caution]Caution

Make sure to keep the password safe and check the exact spelling via the eye button next to the input field. If the password is lost, there is no realistic possibility for Intra2net to make the backup readable again.

For an optimal level of protection, it is recommended to change the password at least every 5 years. On one hand, the scrypt parameters are adapted to current threat scenarios if necessary, and on the other hand, a regular exchange prevents the reuse of initialization vectors.

17.3.2. Storage period

Backups are always created exclusively on the local hard disk of the system and then initially kept locally as well. This primarily serves the purpose of fast restore in the most common case in the field, which is the accidental deletion of important emails by a user.

The backups of the last three days are kept on the system itself in the default configuration. For differential backups, the associated full backup is always kept as well, even if it is older than the set period.

Once the first backup sets have been created on a system, you will find statistics about the time and space required in the System > Backup > Settings menu. Use this data to adjust the frequency and storage duration to your requirements and available storage space.

17.3.3. Remote Storage

Of course it is not enough to store the backup only on the Intra2net system, because e.g. the hard disk could break.

Therefore the backup sets can be downloaded via HTTPS or SMB/CIFS (Windows share) from the Intra2net system to another computer. This can be done e.g. by an automatically started batch file or by including the directory on the Intra2net system in an existing backup program.

Another option is automatic remote storage. If this function is active, the Intra2net system automatically uploads the backup files to a target server as soon as they are created. This can be done via FTP or SMB protocol. The Intra2net system can also automatically delete old backup records via SMB.

17.3.4. Restore

To restore backups, the backup sets are uploaded to the Intra2net system via SMB/CIFS to the restore share.

The same access protection settings as for downloading the backups apply to this share, see Section 17.3.1, „Backup protection“. If you want to restore a differential backup, both the files of the differential backup and those of the corresponding full backup must be copied.

The restore can be started under System > Backup > Restore.

There are multiple ways to restore backups: Full (configuration and emails), only the configuration (all emails are deleted!) or only the emails of one user.

The emails of a user can also be restored to an IMAP subfolder of a user. For example, if certain important emails were deleted by mistake, they can be retrieved without overwriting newer emails.

The Intra2net system can restore backups of old versions. The configuration of the backup runs internally through the update process. However, it is not possible to restore backups from newer versions.

17.3.5. Procedure for Hard Drive Damage or Hardware Replacement

After a hard drive failure or when the Intra2net system hardware is replaced, we recommend following the procedure below. We strongly advise against transferring data from the Intra2net system using hard drive imaging programs or similar solutions. In the case of a hard drive defect, the defects would simply be copied as well, and in the case of new hardware, even minimal differences in hard drive size often cause problems with the system.

For Hardware Replacement

  1. Deactivate the email and groupware system under Services > Email > Settings so that no new incoming emails are lost

  2. Start Backup

  3. When using email archiving: Check whether the archiving interface has been completely collected and emptied

  4. Copy the completed backup to another computer

For Defects and Hardware Replacement

  1. Download current installation image for the Intra2net System from www.intra2net.com and install it on a USB storage device.

  2. Boot from USB storage device and install Intra2net System

  3. Enter the IP range of your local network in the installation dialogue

  4. If the new hardware has 2 hard drives, activate disk mirroring on the web interface now, under System > Hardware > RAID. Be sure to enable RAID at this point, it will take much longer after restoring the backup.

  5. On the Intra2net system web interface, open and set a new password for the backup share (menu System > Backup > Settings)

  6. Copy the backup from the other computer to the restore share of the Intra2net system

  7. Restore the backup with configuration and emails to the Intra2net system

  8. Activate the email and groupware system again, if it had previously been deactivated

  9. Configuration, emails and statistics are restored and working as normal

When restoring email and groupware data from a backup, the internal identifiers (UIDVALIDITY) of all email folders must be changed to maintain data integrity. Most IMAP-based email clients recognize this and resynchronize all data from the server. If many clients do this at the same time, this can lead to increased system load. Email clients can also only be used to a limited extent for a certain period of time. Hints how this is handled by the Intra2net Groupware Client can be found in Section 23.11.1, „Backup Data after Restore“.

17.3.6. Standby systems

To reduce the recovery time in the event of an error, a standby system can be used. Two variants are possible here:

17.3.6.1. Cold standby

A cold standby system is a system in the local network that can promptly take over the function, configuration and data of a failed primary system. For this purpose, a suitable device is kept ready in the local network. The Intra2net system is installed there in the suitable version and everything is prepared for fast takeover of the data.

Unlike the hot standby system, however, user data is not synchronized to the cold standby system every few minutes.

17.3.6.1.1. Set up and switch over

Configure the system as follows:

  • When selecting the hardware, make sure that the standby system

    • has the same or a higher number of network cards

    • has the same or a larger hard disk capacity

  • Install the current version of the Intra2net system

  • You need a separate license for the standby system. This is always an Intra2net Network Security (I2N-INS-100) regardless of the license of the primary system.

  • If two hard disks are available, set up the RAID array before

  • Assign the system an IP in the local network of the primary Intra2net System

  • Set up a provider profile of type Router in local network and use the IP of the primary Intra2net System as router IP

  • The version level on the standby system must always be the same or higher than that of the primary system. It is therefore best to always install an update on the standby system first and only start the update of the primary system when it has been successfully completed on the standby system.

  • On the primary system, configure remote backups to be automatically copied directly to the restore share of the standby system

If the primary system fails, proceed as follows:

  1. Switch off the primary system

  2. If the primary system is switched on and connected again at this moment, network disruptions and loss of email and groupware data can occur.

    Therefore, secure the primary system against inadvertent restarting, e.g. by removing the mains cable and sealing the power supply socket with an appropriately labelled adhesive tape.

  3. Restore the last backup set uploaded by the primary system completely on the standby system (menu System > Backup > Restore, Restore type Configuration, statistics, emails and groupware data)

  4. If the system asks you to select the license to be restored, select the license of the primary system.

  5. Plug additional network cables (e.g. Internet connection) from the primary system to the standby system.

  6. Wait until the standby system has fully restored the backup and restarted itself automatically.

  7. Should network connection problems occur, it is possible that the assignment of the network cards of the standby system is different from that of the primary system.

    In this case, connect a monitor and keyboard, log in to the console with a user from the administrator group and check the assignment of the network cards in the menu Network card settings. Disconnect a network cable. The connection will then be shown as disconnected at the corresponding network card number in the menu. You can then exchange the assignment between 2 network cards using the corresponding option.

17.3.6.2. Hot standby

The disadvantage of cold standby, especially with an Intra2net Business Server with a larger stored email volume, is that it must be restored to disk and this step extends the recovery time.

Hot standby circumvents this problem by continuously synchronizing email and groupware data to the standby system. In addition, continuous synchronization drastically reduces the maximum time between last backup and failure.

A hot standby system can be set up remotely by Intra2net technicians. If you are interested, please contact your distributor or the Intra2net sales department.