Here’s an interesting idea. The “Cloud Backup” business seems to be expanding rapidly, I stumble upon new ones all the time always toting the same message – “Keep your data backed up here for $X per month”. Sounds great, but the problem is that $X per month usually turns into $10X or even $100X per month once you realize how much data you actually own and would cry over if you lost.

So why not create automatic, offsite backups for yourself? FOR FREE

I’m a Microsoft DirectAccess enthusiast, and as such I am always trying to keep my eyes open for new ways in which it can be used to make life easier on IT. This is absolutely one of those areas. If you have DirectAccess, you already have the infrastructure needed to establish a remote backup site – at any physical location of your choosing. All you have to do is:

1. Build out your backup machine – This can be a desktop, laptop or server and it can be running Windows 7 or Server 2008 R2 (yes, Server 2008 R2 can also be a DirectAccess client).

2. Enable DirectAccess on this machine – Add this new machine to your Security Group or OU for DirectAccess so that it receives the DA connectivity settings and the necessary certificate from your CA server.

3. Move the machine to a remote location of your choosing.

That’s it! As long as the machine gets internet connectivity at the remote location it will establish itself some DirectAccess IPsec tunnels, and you will have a 24×7x365 connection to your new offsite backup server. You can now use whatever backup methods you choose, and push the results at this offsite machine just as if it were another machine sitting inside your corporate network.

Keep in mind that as with any DirectAccess client, you will need to create Firewall rules that allow the necessary ports for whatever backup method you are using. I recommend doing this with a GPO. Create a new one, add the inbound firewall rule or rules to it, and assign it to this client machine. For example, if you are using a backup utility that simply needs access to be able to push files at a file share that is running on the offsite backup server, open up TCP 445 inbound and you should be all set.

This method for offsite backups could prove especially helpful for businesses that do not have a second location or if they do it may not have an expensive WAN link keeping the two connected. This offsite backup server could be placed anywhere, at an employee’s home for example. You will have complete management access of this backup server at all times because it is connected via DirectAccess. You can push patches and GPO settings at it, remotely control it, whatever you might need to do to ensure safety and security of your data.

Jordan Krause
IVO Networks
jordan.krause@ivonetworks.com