Everybody knows how backups are important. Data is one of the main assets of organizations and system administrators are going to great lengths to ensure that it is preserved against any kind of mishap. Unfortunately, we don’t always have the same concern when it comes to backing up system configurations. But in reality, it is just as important. And if you’ve ever gone through a device malfunction that required its replacement and subsequent manual reconfiguration, you know first hand how having backups of devices configurations matters. This is why we’ve decided to review some of the best network backup software tools. We’ve compiled a list of software and tools that will handle the backup of various networking equipment while often providing additional capabilities.
In this article, we’ll first discuss the need for network backups. Many administrators fail to see it but it is important for several reasons. Then, we’ll talk about how device backups are traditionally done and examine ways that these methods can be automated. Next, we’ll discuss the advantages of using automated backup tools. Some of these tools have other features can turn out to be rather useful. And finally, we’ll review the best network backup software and tools we could find. Some of them are simple backup solutions that handle a limited range of devices while others will cover almost every device one can think of. Others yet provide additional functionalities and can be used as a complete configuration management tool.
The Need For Network Backup
When talking to system administrators, it seems like baking up data is an obvious thing and I don’t know of anyone who would do without it. Alas, there is no such automatic reflex with networking device configurations. After all, network devices don’t store corporate data so what’s the use in backing them up?
I can think of a million reasons why backups are just as necessary with networking equipment. First and foremost, these equipment do fail and when they do, they often need to be replaced and their replacement unit reconfigured. And while it may seem like a trivial task to configure a 24-port switch in a flat network with no VLANs or any kind of advanced functionality, things can be different for other devices. Some switches have configurations taking up hundreds of lines of commands. Furthermore, the original configuration might have been done years ago and by someone else. How then can you make sure that nothing will be missing when you manually reconfigure the device?
And even if you managed to manually reconfigure everything the way it was, if we’re talking about a big data center core switch, for example, reconfiguring it manually from scratch could take hours. And during that time, your whole data center might be down. This is definitely not something anyone wants to experience.
The Traditional Way Of Backing Up Networking Devices
So, while it may now (hopefully) be clear that network backups are a necessity, let’s see how it can be done. The easy answer to that is simple: it depends. Some devices have some form of backup facility built right into them. Firewalls are a good example of such devices and most mainstream devices have some provision to back up their configuration and rule set. Network equipment from some vendors also include provisions to back up their configuration. This is particularly true with equipment that comes with a GUI management interface.
But for many devices, the only way configuration can be saved is by copying it somewhere. And this is something many network administrators learn to do as soon as they’re done configuring a device. The process is relatively complex, though. There are several ways it can usually be done. Let’s take a typical Cisco network switch, for example.
There are primarily two ways to manually backup a Cisco switch configuration. The first is to use your terminal software–such as Putty or any other SSH client–capabilities. Most of these tools will let you capture the session. So, if you start the capture and then issue a show run command, the complete configuration will be saved. Just remember to stop the capture after the command terminates. The second way if copying the configuration to a TFTP server. The command to do that is a bit more complicated and it can vary but, generally speaking, it’s just a matter of using the copy run tftp command. Non-Cisco devices with a command-line interface will often have similar commands that can be used as a crude backup tool.
Can it be Automated?
So, if the configuration can be backed up directly from the device, it’s just a matter of remembering to do every time it is changed. Simple enough, no? Well, it’s actually not THAT simple. We often have to modify device configurations in a rush trying to fix something that doesn’t work as expected. And when that happen, chances are that backing up the configuration will be forgotten. Wouldn’t it be nice if the backup could run by itself?
Some devices have a built-in scheduler—similar to cron on Linux—that can be used to run commands at specific times. It would be relatively simple to “schedule” a backup job to run automatically on these devices.
The Advantages Of Automated Backup Tools
You might be asking yourself “if there are already ways to backup device configuration built into the devices, why would I need a backup tool?” There are actually several reasons. The primary one is that not all devices offer a scheduler and for those devices, the only way to ensure configuration backups do exist it to use a backup tool.
Another important reason is ease of use. It’s not uncommon for network administrators to manage hundreds of different pieces of equipment from dozens of manufacturers. And of course, each manufacturer and each type of device will have a different way of backing up its configuration. As you can imagine, it can quickly get complicated, time-consuming, and error-prone.
Additionally, some network backup software and tools give you much more than just backups. Many packages are complete device configuration management systems that you can use to quickly push a standard configuration to each equipment or to easily make changes to the configuration of several devices at once.
And last but not least, there can also be a security advantage to doing this. Many backup tools have the option to compare the current backup with the previous one and list all changes. Some will even trigger some type of alert when changes are detected. This can be handy as it would alert you if some hacker had gained access to your equipment a modified its configuration to gain deeper access to your network. This feature is also great if your organization has strict change management procedures for regulatory compliance and each change must be matched to a duly approved change request.
The Best Network Backup Software And Tools
Finding network backup software and tools can be hard. It’s not that there aren’t many good products out there, though. The problem is that any search with the word “backup” is likely to turn up hundreds of computer and server backup packages. We’ve done some of this work for you and we’re glad to review some of the best network backup software and tools we could find. Some of the tools we’re proposing are complete configuration management platforms while others are more basic backup systems.
SolarWinds is a well-known name in the world of network administration. The company makes some of the best tools to help administrators with their multiple tasks. SolarWinds is also famous for its free tools such as the TFTP server –which can be used for manual backups–and the Subnet Calculator.
But for now, let’s concentrate on the SolarWinds Network Configuration Manager. The product’s name says it all. This is a complete configuration management system. It goes way beyond just backing up configurations. But first, we’ll have a look at its backup capabilities.
This tool will let you build and manage a completely automated backup schedule. It will work with most routers and switches from vendors like Cisco, Juniper, Adtran, Brocade, Dell, Extreme Networks, HP, Palo Alto, Synoptics, F5 Networks, and more. It can also back up firewall configurations from Fortinet, SonicWALL, Juniper, and Palo Alto equipment. Backups are centrally stored on the server and are nicely organized by device and version.
Scheduling backups is just the first step. What good are backups that don’t work properly? To help with that, the product will show you the status of each backup job so you can reschedule any missed backup.
As for the other features of the product, they are numerous. Let’s have a quick look at some of the most interesting ones. The SolarWinds Network Configuration Manager can simplify regulatory compliance by deploying standardized configurations, detecting out-of-process changes, auditing configurations and even correcting violations.
The tool also features some vulnerability assessment features. It integrates with the National Vulnerability Database and has access to the most current CVE’s to easily identify vulnerabilities in Cisco devices. And talking about Cisco devices, this product also incorporates Network Insights for Cisco ASA and Network Insights for Nexus, a couple of tools dedicated to managing these specific Cisco devices.
Pricing for the SolarWinds Network Configuration Manager starts at $2,895 for 50 nodes and goes up according to the number of nodes. You can also download a 30-day fully functional trial if you want to give the product a test run.
Our next product is called Kiwi CatTools. Kiwi used to be an independent company until SolarWinds acquired it a few years ago. Kiwi is also famous for its syslog software. As you could likely guess from it name, this product is a set of tools rather than just a network backup utility. The main features of the product include scheduling configuration backups but also configuration updates. It will let you manage configurations of routers, switches, and firewalls. The tool will also compare the current running configuration with the previous or with the startup configuration and alert you of any changes. Furthermore, it will generate network device configuration reports, such as port, MAC, ARP and version details.
The Kiwi CatTools propose activities. This is how the methods by which functions are performed are called. For example, you’d create an activity of type Device.Backup.Running Config to back up the configuration of a Cisco device. Once activities are created, they can be scheduled. And after a backup activity completes, it is compared to any dated instance and a difference report is generated. The report can then be emailed to you.
But backups are not the only type of activities that are available. Kiwi CatTools also has activities that will let you send commands to your devices. Or you can use a template to update all configurations. Testing activities are also possible. For instance, there is a device connectivity test activity that can Ping devices and return their round-trip statistics. There’s also an inter-device ping test that can ping a series of IP addresses from each device. Device connectivity can also be tested by logging into devices rather than simply pinging them.
Reporting is another important feature of the Kiwi CatTools. Many different kinds of reports can be generated and emailed to you. For example, you have reports such as ARP Table, Compare Reports, Interface Stats and Errors, MAC Address Table, SNMP System Summary, and more.
Pricing for the Kiwi CatTools is $787 for a perpetual license, including one year of maintenance. Starting the second year, you have to purchase maintenance at a small fraction of that cost. One license is required per computer where the CatTools are installed. A 14-day trial version can be downloaded form SolarWinds, allowing you to see if this toolkit is right for you.
3 — ManageEngine Network Configuration Manager
ManageEngine is another well-known name in the field. Its Network Configuration Manager tool not only has a similar name to the SolarWinds product we previously reviewed, it also servers a similar purpose and has similar features. ManageEngine advertises the product as a “multi vendor network change, configuration and compliance management solution for switches, routers, firewalls and other network devices.” It claims that it “helps automate and take total control of the entire life cycle of device configuration management.”
Among the other useful features of the product, it can monitor configuration changes and instantly send notifications when changes occur as well as prevent unauthorized changes. The tool can also help with standards compliance. It will let you define standard practices and automatically check device configurations for compliance. The software also has some great automation features and can automate many time-consuming tasks, It can, for instance, apply configuration changes in bulk to many devices.
A free version is available but it is limited to managing two devices. For the full package, pricing starts at $1 995 for up to 5 000 devices. A free 30-day trial license is also available. Also, the product can be installed as a stand alone application or as an add-on to the ManageEngine OpManager or NetFlow Analyzer.
4 — Restorepoint
Despite a name which strongly suggests that this tool as about backing up and restoring devices, Restorepoint is also a complete configuration management system with several advanced features. As stated on the website, “Restorepoint provides script-free network automation for more than 100 network, security, and storage vendors.” The main selling point of the product is the reduction in risks associated with security, compliance and availability.
When it comes to backing up your equipment’s configuration, there is no shortage of features with this product. It supports hundreds of device types including switches, routers, firewalls, proxies, and load balancers. It will allow you to comply with standards requiring configuration backups such as PCI/DSS, GPDR, and NERC. All configuration data is safely stored using secure AES encryption. Furthermore, the tool has extensive backup verification functions, a great feature as nothing is more frustrating than a failed backup that goes unnoticed until you need it.
Pricing for Restorepoint is available but its structure is rather complex and it requires that you contact the vendor’s sales department for a formal quote. If you want to try the product, a free 30-day trial is available as a virtual appliance. It is not an unrestricted version, though, and it is limited to 20 devices.
5 — SwitchBackup
Last on our list is a great product from the Czech Republic called SwitchBackup. Given its name, you probably have guessed that this product’s main functionality is backing up and restoring switch—and router—configurations. It uses multithreading to execute several tasks in parallel, thereby reducing the total time required. Restore can be done over the network or through a serial connection to the target device. This is great as it means that you don’t even have to do a minimal configuration on a newly replaced switch. You just power it up and connect it to the computer running SwitchBackup and it will restore the original configuration.
Of course, backups are kept in a secure, centralized location and any version can be used at any time for restoration of for comparison with another backup. But there are several other useful tools included with this software. For instance, it has a built-in terminal software that can connect to your devices via the network or a serial port. It also has a configuration clone editor that will let you customize a standard configuration before pushing it to a device. It can also connect to devices and list their interfaces and neighboring devices. More advanced features also allow you to use the tool as an asset management tool for your networking equipment or as a change management tool.
Price-wise, SwitchBackup could hardly be simpler. The cost is 980 Euros for a perpetually unlimited license. It will allow for an unlimited number of devices, an unlimited number of users, and unlimited backup instances. Unfortunately, there doesn’t seem to be a trial version available.