Configuring EMC DD Boost with Veeam Availability Suite

This article provides a tour of the configuration steps required to integrate EMC Data Domain System with Veeam Availability Suite 9 as well as provides benefits of using EMC DD Boost for backup application.

Data Domain Boost (DD Boost) software provides advanced integration with backup and enterprise applications for increased performance and ease of use. DD Boost distributes parts of the deduplication process to the backup server or application clients, enabling client-side deduplication for faster, more efficient backup and recovery. All Data Domain systems can be configured as storage destinations for leading backup and archiving applications using NFS, CIFS, Boost, or VTL protocols.

The following applications work with a Data Domain system using the DD Boost interface: EMC Avamar, EMC NetWorker, Oracle RMAN, Quest vRanger, Symantec Veritas NetBackup (NBU), Veeam and Backup Exec. In this example, we will be using Veeam Availability Suite version 9.

Data Domain Systems for Service Provider

Data Domain Secure Multitenancy (SMT) is the simultaneous hosting by a service provider for more than one consumer (Tenant) or workload (Applications, Exchange, Standard VMs, Structured Data, Unstructured Data, Citrix VMs).

SMT provides the ability to securely isolate many users and workloads in a shared infrastructure, so that the activities of one Tenant are not apparent or visible to the other Tenants. A Tenant is a consumer (business unit, department, or customer) who maintains a persistent presence in a hosted environment.

Basic Configuration requirements are:

  • Enable SMT in the DD System
  • Role Based Access Control in DD Systems
  • Tenant Self-Service in the DD Systems
  • A Tenant is created on the DD Management Center and/or DD system.
  • A Tenant Unit is created on a DD system for the Tenant.
  • One or more MTrees are created to meet the storage requirements for the Tenant’s various types of backups.
  • The newly created MTrees are added to the Tenant Unit.
  • Backup applications are configured to send each backup to its configured Tenant Unit MTree.

Prerequisites:

  1. Backup Server

Physical Server- Fibre Channel or iSCSI

OR

Virtual Server- Fibre Channel with N-Port Virtualization or NPIV or Pass-through Storage or iSCSI

  1. Backup Software

Backup Application, DD Boost Library, DD Boost-over-FC Transport

  1. Storage Area Network

Fibre Channel or iSCSI

  1. Data Domain System

DD Boost Service

DD Boost-over-FC Server

SCSI Commands over FC

SCSI Processor Devices

  1. Virtual Infrastructure

Hyper-v Server cluster & System Center Virtual Machine Manager OR

VMware vCenter with vSphere Hosts

Designing DD Boost for resiliency & availability

The Data Domain System broadcast itself to the backup server using one or more path physically or virtually connected. The design of entire systems depend on the Data Domain sizing on how you connect Data Domain with backup server(s), how many backup jobs will be running, size of backup, de-duplication, data retention and frequency of data restore. A typical backup solution should include the following environment.

  • Backup server with 2 initiator HBA ports (A and B)
  • Data Domain System has 2 FC target endpoints (C and D)
  • Fibre Channel Fabric zoning is configured such that both initiator HBA ports can access both FC target endpoints
  • Data Domain system is configured with a SCSI target access group containing:
  • Both FC target endpoints on the Data Domain System
  • Dual Fabric for fail over and availability
  • Multiple physical and logical Ethernet for availability and fail over

Examples of Sizing

To calculate the maximum simultaneous connection to Data Domain Fibre Channel System (DFC) from all Backup servers. DFC device (D) is the number of devices to be advertised to the initiator of the backup server(s). Lets say we have 1 backup server, single data domain systems, the backup server is running 100 backup jobs.

DFC Device Count D= (minimum 2 X S)/128

J=1 Backup Server x 100 Backup Jobs=100

C= 1 (Single DD System)

S=JXC (100X1)=100

D=2*100/128 = 1.56 rounded up 2

Therefore, all DFC groups on the Data Domain system must be configured with 2 devices.

Step1: Preparing DD System

Step2: Managing system licenses

  1. Select Administration > Licenses> Click Add Licenses.
  2. On the License Window, type or paste the license keys. Type each key on its own line or separate each key by a space or comma (DD System Manager automatically places each key on a new line)
  3. Click Add. The added licenses display in the Added license list.

OR

  1. In System Manager, select Protocols > DD Boost > Settings. If the Status indicates that DD Boost is not licensed, click Add
  2. License and enter a valid license in the Add License Key dialog box.

Step3: Setting up CIFS Protocol

  1. On the DD System Manager Navigation>click Protocols > CIFS.
  2. In the CIFS Status area, click Enable.

Step4: Remove Anonymous Log on

  1. Select Protocols > CIFS > Configuration.
  2. In the Options area, click Configure Options.
  3. To restrict anonymous connections, click the checkbox of the Enable option in the

Step4: Restrict Anonymous Connections area.

  1. In the Log Level area, click the drop-down list to select the level number 1.
  2. In the Server Signing area, select Enabled to enable server signing

Step5: Specifying DD Boost user names

The following user will be used to connect to DD boost from backup software.

  1. Select Protocols > DD Boost.
  2. Select Add, above the Users with DD Boost Access list.
  3. On the Add User dialog appears. To select an existing user, select the user name in the drop-down list. EMC recommends that you select a user name with management role privileges set to none.
  4. To create and select a new user, select Create a new Local User and Enter the password twice in the appropriate fields. Click Add.

Step6: Enabling DD Boost

  1. Select Protocols > DD Boost > Settings.
  2. Click Enable in the DD Boost Status area.
  3. Select an existing user name from the menu then complete the wizard.

Step7: Creating a storage unit

  1. Select Protocols > DD Boost > Storage Units.
  2. Click Create. The Create Storage Unit dialog box is displayed.
  3. Enter the storage unit name in the Name box e.g. DailyRepository1
  4. Select an existing username that will have access to this storage unit. EMC recommends that you select a username with management role privileges set to none. The user must be configured in the backup application to connect to the Data Domain system.
  5. To set storage space restrictions to prevent a storage unit from consuming excess space: enter either a soft or hard limit quota setting, or both a hard and soft limit.
  6. Click Create.
  7. Repeat the above steps for MonthlyRepository1 each Data Domain Boost-enabled system.

Step8: Encrypting Communication between Backup Server and Data Domain (Optional)

Generate an advanced certificate from Active Directory Certificate services and install into the Data Domain DD Boost. You must install the same certificate into the backup servers so that both data domain and data domain client which is backup server can talk to each via encrypted certificate.

  1. Start DD System Manager on the system to which you want to add a host certificate.
  2. Select Protocols > DD Boost > More Tasks > Manage Certificates….
  3. In the Host Certificate area, click Add.
  4. To add a host certificate enclosed in a .p12 file, Select I want to upload the certificate as a .p12 file. Type the password in the Password box.
  5. Click Browse and select the host certificate file to upload to the system.
  6. Click Add.
  7. To add a host certificate enclosed in a .pem file, Select I want to upload the public key as .pem file and use a generated private key. And Click Browse and select the host certificate file to upload to the system.
  8. Click Add.

DD Boost client access and encryption

  1. Select Protocols > DD Boost > Settings.
  2. In the Allowed Clients section, click Create. The Add Allowed Client dialog appears.
  3. Enter the hostname of the client. This can be a fully-qualified domain name (e.g. Backupserver1.domain.com) or a hostname with a wildcard (e.g. *.domain.com).
  4. Select the Encryption Strength. The options are None (no encryption), Medium (AES128-SHA1), or High (AES256-SHA1).
  5. Select the Authentication Mode. The options are One Way, Two Way.
  6. Click OK.

Step9:Configuring DD Boost over Fibre Channel

  1. Select Protocols > DD Boost > Fibre Channel.
  2. Click Enable to enable Fibre Channel transport.
  3. To change the DD Boost Fibre Channel server name from the default (hostname), click Edit, enter a new server name, and click OK.
  1. Select Protocols > DD Boost > Storage Units to create a storage unit (if not already

created by the application).

  1. Install the DD Boost API/plug-in (if necessary, based on the application).

Step10: Configuring storage for DD Extended Retention (Optional)

Before you proceed with Extended Retention you must add required license on the DD System.

  1. Select Hardware > Storage tab.
  2. In the Overview tab, select Configure Storage. In the Configure Storage tab, select the storage to be added from the Available Storage list.
  3. Select the appropriate Tier Configuration (or Active or Retention) from the menu.
  4. Select the checkbox for the Shelf to be added.
  5. Click the Add to Tier button. Click OK to add the storage.

Step11: Configure a Veeam backup repository

  1. To create an EMC Data Domain Boost-enabled backup repository, navigate to the Backup Infrastructure section of the user interface, then select Backup Repositories and right-click to select Add Backup Repository.

DDBoost

  1. The next step is to select the repository type, De-duplicating storage appliance. Type the Name of the DD Systems, Choose Fibre Channel or Ethernet Option, add credentials to connect to DD System and Gateway to connect to DD System. To be able to connect Veeam Backup server to the DD System using Fibre Channel you must add DD System & Veeam Backup server in the same SAN zone. You also need to enable FC on the DD System. To be able to connect Veeam Backup Server using Ethernet Veeam backup Server and DD System must be in same VLAN or for multi-VLAN you must enable unrestricted communication between VLANs.
  2. On the next screen, select the Storage Unit of the DD System to be used by the Veeam Server as repository, leave concurrent connection as default
  3. On the Next screen, enable vPower NFS, complete the wizard

Step12: Configure Veeam Backup Job & Backup Copy Job

The critical decision on backup jobs will be whether to do an active full backup or leverage synthetic full backups. Veeam Backup Job Creation GuideVeeam Backup Copy Job Creation Guide

Here is short business case of backup type.

Veeam Backup Options:

  1. Active Full- Financial or health sector prefer to keep a monthly full backup of data and retain certain period of time for corporate compliance and satisfying external auditor’s  requirement to keep data off-site for a period of time.
  2. Synthetic Full- A standard practice to keep synthetic full at all time to reduce storage cost and recovery time objective for any organization.

Sythetic

  • For most environments, Veeam recommends to do synthetic full backups when leveraging EMC Data Domain Boost. This will save stress on primary storage for the vSphere and Hyper-V VMs and the Boost-enabled synthesizing is very fast.
  • For a Backup Copy job using GFS retention (Monthly, Weekly, Quarterly and/or Annual restore points), the gateway server must be closest to the Data Domain server, since the Backup Copy job frequently involves an offsite transfer. When the Data Domain server is designated in the repository setup, ensure that consideration is given to the gateway server if it is being used off site.
  • Backup job timed out value must be higher than 30 minutes to be able to retry the job if it is to fail for any reason

DD System Option:

  • A virtual synthetic full backup is the combination of the last full (synthetic or full) backup and all subsequent incremental backups. Virtual synthetics are enabled by default.
  • The synthetic full backups are faster when Data Domain Boost is enabled for a repository
  • DD Boost reduces backup transformation time by less than 80% of total time if DD Boost was not used.
  • The first job has the bulk of the blocks of the vSphere or Hyper-V VM on the DD Boost Storage Unit, it will only need to transfer metadata and any possible changed blocks. This can be a significant improvement on the active full backup process when there is a fast source storage resource in place.
  • With DD Boost, multi-link provides fail over & resiliency. DD Boost also provides parallel processing of concurrent jobs to DD Boost Storage unit.
  1. To display the DD Boost option settings, select Protocols > DD Boost > Settings >Advanced Options.
  2. To change the settings, select More Tasks > Set Options. Select or deselect any option to be enabled.
  3. Click OK.

Understand “X as a Service” or get stuck in “Pizza box as a Service”

“X or Anything as a Service” is an acronym used by many cloud provider and offering almost end to end services to a business. The most traditional use of “X” are Software as a Service (XaaS), Infrastructure as a Service (IaaS), Desktop as a Service (DaaS) and Platform as a Service (PaaS). The other use of “X” are Storage as a Service (SaaS), Communications as a Service (CaaS), Backup as a Service (BaaS), Disaster Recovery as a Service (DRaaS), Network as a Service (NaaS) and Monitoring as a Service (MaaS).

As a CIO or CTO of an organization have you had a business case of your organisation how your organization is benefited from “Anything as a Service”? How does it translate your business in terms of consumption of information technology if it was on premises comparing off the premises or so called cloud. The most service provider compete with each other getting a piece of pie from these cloud computing era. However to cut cost these provider going below the bench mark and taking the cloud into “Craig list” where everything offered cheap scarifying quality making it “Pizza box as a Service”.

Here are some guidelines for you to measure your workload, services and application before signing up with a cloud provider.

  1. What type of services or application you would like to migrate to cloud?
  2. Are you migrating tier 1 application to cloud?
  3. What is your peak demand of IO or IOPS for all virtual infrastructure, VDI, services and application?
  4. What is peak period latency requirement for an application and a service of your organisation?
  5. What is your peak bandwidth requirements?
  6. What is the up time requirements?
  7. What is SLA and SLR of your business with the service provider?
  8. Do you have penalty clause with the service provider?
  9. What is your RPO and RTO to business when choosing DRaaS?
  10. What is corporate compliance and data retention policy when choosing BaaS?
  11. Do you have good/great user experience matrix in your organisation?

Once you have answered these question, gather data from existing infrastructure and analyse your requirement than it’s time for you to;

  1. Prepare a business case for Anything as a Service
  2. Identify option1, option2, option 3 for cloud services
  3. Knowing cloud provider
  • Learn more about cloud provider hosting platform
  • Learn more about cloud provider engineering and support capabilities
  • Learn more about cloud provider outbound bandwidth and redundancy of network infrastructure
  • Learn more about redundancy of storage infrastructure of cloud provider
  • Who are the hardware and software partners of cloud provider
  • How user friendly is the management portal of cloud provider

4. Compare and select potential cloud provider

If you haven’t identified above criteria and you are aware that you signed up with a cloud provider who simply patch together a 1Gbe network, 1U rack server and Dell Compellent storage with few SATA disk than you signed for a “Pizza box as a service”. You know that your 2WD car is heading towards off road and you are about to get stuck in mud.

When comes decision making time, count every factor into account and make a decision that provide an outcome you want instead of cheap pizza box as a service which neither fulfil your requirement nor fulfil SLA of your business. Remember it’s about your business not the business of cloud provider.

Veeam integrate with EMC and NetApp Storage Snapshots!

Taking a VMware snapshots and Hyper-v checkpoint can produce a serious workload on VM performance, and it can take considerable effort by sys admin to overcome this technical challenge and meet the required service level agreement. Most Veeam user will run their backup and replication after hours considering impact to the production environment, but this can’t be your only backup solution. What if storage itself goes down, or gets corrupted? Even with storage-based replication, you need to take your data out of the single fault domain. This is why many customers prefer to additionally make true backups stored on different storage. Never to store production and backup on to a same storage.

Veeam1

Source: Veeam

Now you can take advantage of storage snapshot. Veeam decided to work with storage vendor such as EMC and NetApp to integrate production storage, leveraging storage snapshot functionality to reduce the impact on the environment from snapshot/checkpoint removal during backup and replication.

Supported Storage

  • EMC VNX/VNXe
  • NetApp FAS
  • NetApp FlexArray (V-Series)
  • NetApp Data ONTAP Edge VSA
  • HP 3PAR StoreServ
  • HP StoreVirtual
  • HP StoreVirtual VSA
  • IBM N series

Unsupported Storage

  • Dell Compellent

NOTE: My own experience with HP StoreVirtual and HP 3PAR are awful. I had to remove HP StoreVirtual from production store and introduce other fibre channel to cope with workload. Even though Veeam tested snapshot mechanism with HP, I would recommend avoid HP StoreVirtual if you have high IO workload.

Benefits

Veeam suggest that you can get lower RPOs and lower RTOs with Backup from Storage Snapshots and Veeam Explorer for Storage Snapshots.

Veeam and EMC together allow you to:

  • Minimize impact on production VMs
  • Rapidly create backups from EMC VNX or VNXe storage snapshots up to 20 times faster than the competition
  • Easily recover individual items in two minutes or less, without staging or intermediate steps

As a result of integrating Veeam with EMC, you can backup 20 times faster and restore faster using Veeam Explorer. Hence users can achieve much lower RPOs (recovery point objectives) and lower RTOs (recovery time objectives) with minimal impact on production VMs.

How it works

Veeam Backup & Replication works with EMC and NetApp storage, along with VMware to create backups and replicas from storage snapshots in the following way.

Veeam2

Source: Veeam

The backup and replication job:

  1. Analyzes which VMs in the job have disks on supported storage.
  2. Triggers a vSphere snapshot for all VMs located on the same storage volume. (As a part of a vSphere snapshot, Veeam’s application-aware processing of each VM is performed normally.)
  3. Triggers a snapshot of said storage volume once all VM snapshots have been created.
  4. Retrieves the CBT information for VM snapshots created on step 2.
  5. Immediately triggers the removal of the vSphere snapshots on the production VMs.
  6. Mounts the storage snapshot to one of the backup proxies connected into the storage fabric.
  7. Reads new and changed virtual disk data blocks directly from the storage snapshot and transports them to the backup repository or replica VM.
  8. Triggers the removal storage snapshot once all VMs have been backed up.

VMs run off snapshots for the shortest possible time (Subject to storage array- EMC works better), while jobs obtain data from VM snapshot files preserved in the storage snapshot. As the result, VM snapshots do not get a chance to grow large and can be committed very quickly without overloading production storage with extended merge procedure, as is the case with classic techniques for backing up from VM snapshots.

Integration with EMC storage will bring great benefit to customers who wants to take advantage of their storage array. Veeam Availability Suite v9 will provide the chance to reduce IO on to your storage array and bring your SLA under control.

References:

Backup from storage snapshots

Integration with emc storage snapshot

Veeam integrates with emc snapshots

New Veeam availability suite version 9

 

 

 

Bulk Migration of Printer from Windows Server 2008/R2 to Windows Server 2012/R2

Bulk Migration of Printer from Windows Server 2008/R2 to Windows Server 2012/R2

The following steps are from those who would like to migrate print server from legacy Server 2008/R2 to Windows Server 2012/R2. This steps will bring new drivers and avoid bringing old corrupt drivers and configuration into new systems. If you utilize print migration wizard then you may bring legacy corrupt driver into new systems. This steps also helpful if you are using Citrix Universal Print Driver.

Step1: Download correct and latest Generic/Universal/Global print driver. HP called Universal. Other manufacturer may call global or generic driver. Help yourself from Bing.

Step2: Install Generic Driver.

Open Server manager>Print Management>print Servers>Server name>Drivers.

Right Click and add x64 & x86 drivers.

Step3: Extract Legacy print Configuration.

Open PowerShell as an administrator. Run the following command.

$printserver = “printservername.domain.com”

Get-WMIObject -class Win32_Printer -computer $printserver | Select Name,DriverName,PortName,sharename,location,comment | Export-CSV -path ‘C:\printers.csv’

Step4: Create a CSV file shown below from the CSV File extracted in step3.

Create a CSV fileand store the file into c:\printers.csv in new Windows Server 2012 R2.

First row of CSV shown below. Add relevant rows to your CSV file.

PrintServer|Driver|PortName|IPAddress|Sharename|Location|Comment|Printername

Step5: Create a Powershell script as below (Extracted the script from http://poshcode.org/1462)

Open a notepad. Copy from below and paste into the notepad. Rename to CreatePrinter.PS1

function CreatePrinter {

$server = $args[0]

$print = ([WMICLASS]”\\$server\ROOT\cimv2:Win32_Printer”).createInstance()

$print.drivername = $args[1]

$print.PortName = $args[2]

$print.Shared = $true

$print.Sharename = $args[3]

$print.Location = $args[4]

$print.Comment = $args[5]

$print.DeviceID = $args[6]

$print.Put()

}

function CreatePrinterPort {

$server = $args[0]

$port = ([WMICLASS]”\\$server\ROOT\cimv2:Win32_TCPIPPrinterPort”).createInstance()

$port.Name= $args[1]

$port.SNMPEnabled=$false

$port.Protocol=1

$port.HostAddress= $args[2]

$port.Put()

}

$printers = Import-Csv c:\printers.csv

foreach ($printer in $printers) {

CreatePrinterPort $printer.Printserver $printer.Portname $printer.IPAddress

CreatePrinter $printer.Printserver $printer.Driver $printer.Portname $printer.Sharename $printer.Location $printer.Comment $printer.Printername

}

Step6: run the scrip

Log on to new Server 2012/R2 print server. Open PowerShell as an administrator. Run the above script. You have to tweak little bit such as additional drivers. Amendment of print properties. But this is little effort than creating entire print server manually.

Further reading:

install unsigned drivers

FF TMG 2010—Can future be altered?

I read the following articles about Microsoft Forefront TMG 2010. I was shocked by the news. TMG 2010 is one of the beautiful product Wintel Engineers and Security Administer can be proud off. I believe I am one of the biggest admirer of Forefront Product lines.

                                                                    Death of TMG? by Deb Shinder 

What will happen with TMG?

The demise of Threat Management Gateway: Is Microsoft backing away from the edge?

I would like to voice my own opinion on this matter. I am sure I will find lots of similar minded techie out there who would love to share same opinion as me. I would like to send an open request to Microsoft Corp and MVPs to pursue for an advanced version of TMG that incorporate cloud security and address modern day security challenges.

I decided to write on a different perspective of TMG 2010 what I would like to see next service pack of Forefront Threat Management Gateway or in a future version if there is one. This is not an official account of Microsoft Corp. This is just my wish list. I hope and cross my finger that Microsoft will listen to those who are on the field working for a better and even bigger Microsoft community.   

FF TMG 2010: Here is details of evolution of today’s TMG 

image

TMG 2010 can be more advanced in terms Firewall Policy, Publishing Rules and Cloud Security. TMG 2010 may be available in Downloadable virtual Appliance build on Windows Server “Code name 8” and physical appliance through the Microsoft partners program. Microsoft declared TMG 2010 is in sustainable mode and will not invest on TMG for further development so my dream to administer TMG administration console via internet explorer and Silverlight will be just a dream. I would like to see TMG service pack as separate installed and TMG 2010+SP3 integrated together in a installer for those who wants to refresh TMG and adopt as a new customer.

Topology and Installation Changes: I would like to see a Hyper-V network incorporated into TMG. As you all know when installing TMG, TMG installer prompt you for subnets of Local area network. The new version will prompt you to add your cloud networks in an installation window. The installer will secure the local area network and private cloud network using default configuration which you will be able to modify and align later on with your desired topology and network layout.  

image

Incorporating Cloud Security:

clients and partners have serious concern over the years about Service provides who sells cloud solutions. For example, service provider selling Exchange cloud, SharePoint cloud, Anti-Spam  and Security Cloud Solution. There are questions to be asked when you buying public cloud solutions. This is not just having a hypervisor and virtual center. what about application security, identity and governance. How would to address your client’s concern of internal threat and external threat. How client will trust a provider when they place their data in somewhere service provider’s cloud.

Microsoft can/should/must address these issues by providing Security as a service. Forefront TMG can play a key role if Microsoft is willing take a step ahead to the bottom line.

  • Application security
  • Privacy
  • Legal issues
  • Availability
  • Identity management
  • Compliance
  • Business Continuity and data recovery
  • Data Security

Firewall Rules: New Publishing Tools in Tasks pan should include

  • Publish FTP Servers
  • Publish Lync Server
  • Publish Streaming Media Server
  • Secure Cloud Network

image

Configure IM and Social media policy: Web Access Policy Tasks Pan should include

  • Configure IM Access (Allow/Deny Skype/Lync/MSN/Yahoo Messenger)
  • Configure Social Media Access (Allow/Deny Social Media such as Twitter/FaceBook/Google+/Youtube)

image

Networks: Network rules incorporate a build-in cloud network and network rules establishing communication from LAN to Cloud network and External to Cloud network. During installation of TMG; allow rules to be configured automatically when selecting Hyper-V Server in DMZ.

image

Multicast NLB Configuration: NLB Properties should be added another check box to create firewall rule for Multicast NLB in a virtualized environment. That means Multicast NLB mac address can communicate within array members in a virtualized environment if there is strict security policy deployed through out the infrastructure.

image

List of New Protocol available: New Protocols includes following protocols and many more:

  • Cloud Protocols
  • Lync Protocol
  • Hyper-v Protocols

image

Generate offline Certificate request: There should be an option to generate offline certificate request in Systems>Tasks pan.

image

Integrating Bing Search with TMG 2014 Cache: Search result cached in TMG from Bing Search Engine and presented to client.

Bandwidth Management: TMG should be able to manage bandwidth by single user, multiple users, AD Security groups, IP address, Computer Name, Department, Site, Branch.

Configure Branch or Site TMG Server: Option can be selected during installation of TMG 2010+SP3 (integrated installer) whether TMG is a primary site or branch site. Selecting Branch Site will auto configure site server with site to site VPN (if selected) and even replicate with primary sites firewall rules and policies (depending on topology). when installing a branch TMG branch TMG will automatically create branch cache depending on selection of topology .

Reporting: Following are the examples of the reports will be available in TMG 2010 SP3. there will be many more.

image

  • User based report
  • AD Security Group Based report
  • Web Site Visited
  • IP Address visited
  • Web/Content Uses report
  • Download reports by users/Group/Department
  • Bandwidth Uses report
  • Caching report
  • Search Engine Visitor by Search Engine report
  • Real Time/Custom Traffic report
  • Traffic Trending report
  • Top 20 Net users
  • Top 20 Site Visited
  • Default Monthly report
  • Default Yearly report
  • TMG Health report

Audit and Change Management: TMG will include complete change manage and recording of Tasks/Events generated by role based user and systems itself.

Role based TMG management: TMG Workgroup Deployment and Domain Member deployment should include RBAC management.

  • Administrator
  • Organization Administrator (member of this group manages cluster of Arrays )
  • Backup operator (Commvault/Symantec Client/SCDPM client integrated)
  • Auditor/User (view permission)
  • Firewall Rules and Web Access Policy Operator
  • Single or Multiple array administrator

Tool Box: Pre-installed BPA, Troubleshooting, Monitoring & Capturing  Real Time Traffic.

Learn more about TMG here .

Backup, restore or migrate Print server in easy steps

Have you added a print server to your DRP work sheet? It is absolutely necessary when you have hundreds of printers in your print server/servers. Here is a solution for backup/restore/migrate print server.

Print migration 3.1 has been replaced with printbrm.exe i.e. print management in Vista. It easy to migrate print server whether it is x64 or x86 bit print server. It is very handy tool for system admin to backup print server after adding new printers in print servers or modifying network config in printers. Vista print management will save lots of time if disaster knocks on the door. If you don’t have Windows Server 2003 R2 (inbuilt print management) and you are in catastrophe then you can restore printers in few steps and all in GUI mode if you backed up printer drivers and config.

Backup printer drivers and config

From windows vista machine, open the Administrative Tools , and then click Print Management

image

Right click on print management, Click Export printer queues and printer drivers to a file, and then click Next

  image

Type name of the print server on the network then click next

image

You will be presented with all the available printers in print server, click next

image

Type the location where backup will be saved, click next

image

Wait until export/backup complete, click finish. Now a complete backup has been performed and saved in preferred location. Make sure you got a backup file name.printerexport

image

Restore /Import printer drivers and config

to restore print server to different server, open print management from administrative tools in vista machine, right click print management, select import, click next

image

type source of backup file i.e. name.printerexport file, click next

image

You will see a list of printer, you backed up, click next

image

Write destination print server name (netbios name) on the network, click next

image

Command line help for Printbrm.exe

Open command prompt, go to c:\windows\system32\spool\tools

To backup type

Printbrm.exe –B –S \\SourceServerName –F \\UNCPath\name.printerexport

To restore

Printbrm.exe -R -S \\DestinationServerName –F \\UNCPatch\name.printerExport

Printbrm.exe /?

image

Note: Vista print migration tool compitable with windows 2003 print server and windows 2008 print server.