Differences between the Back Up feature and the Export feature
- In ISA Server 2004, the Export feature is a subset of the Back Up feature. For example, if you right-click your ISA Server name in the ISA Server Management console, and then you click Export, you have the option to click to select the Export user permission settings or the Export confidential information (encryption will be used) check boxes. If you right-click your ISA Server name in the ISA Server Management console, and then you click Back Up, you do not receive these options. By default, when you click Back Up, the backup automatically saves the user permission settings and the confidential information.
- Alternatively, you can use the Export feature at the root node level with both the Export user permission settings and the Export confidential information (encryption will be used) check boxes selected. However, if you use the Back Up feature, there is less margin for error if you have to restore your ISA Server configuration.
- We recommend that you use the Back Up feature to prepare for disaster recovery. The Back Up feature is only available on the root node. This makes sense for disaster recovery purposes. We recommend that you back up your ISA Server 2004 configuration every time that you make major modifications to it. This includes:
- Modifications to the cache size or the cache location.
- Modifications to the firewall policy and to the firewall rules base.
- Modifications to system rules.
- Modifications to the network definition or of the network rules.
- Modifications to the delegation of administrative rights or to the removal of those delegations.
When you back up your ISA Server configuration, the server's configuration information is backed up to an .xml file and includes the following information:
- Firewall policy rules.
- Rule elements.
- Alert configurations.
- Cache configuration.
- Virtual private network (VPN)
configuration.
- We recommend that you use the Export feature to clone your ISA Server configuration, to send your configuration to Microsoft Product Support Services (PSS) for troubleshooting, to export policies and rules, and to transfer elements to other ISA Server computers. The Export feature is available on the root node, on child nodes, and on individual rules and elements.
You can export the entire ISA Server configuration, or specific configuration elements, depending on your requirements. You can export the following objects:
- Entire ISA Server configuration
- ISA Server Firewall Policy or specific Rules
- Networks
- Network Sets
- Network Rules
- Web Chaining Rules
- Cache configuration
- Content Download jobs
- System Policy Rules
Note: The system policy rules are not exported when you export the firewall policy. To export the system policy, select the Export System Policy task.
Differences between the Restore feature and the Import feature
- In ISA Server 2004, the Import feature is a subset of the Restore feature. For example, if you right-click your ISA Server name in the ISA Server Management console, and then you click Import, you have the option to click to select the Import user permission settings or the Import cache drive settings and SSL certificates check boxes. If you right-click your ISA Server name in the ISA Server Management console, and then you click Restore, you do not receive these options. By default, a restore operation automatically restores the user permission settings, the cache drive settings, and the Secure Sockets Layer (SSL) certificates information from the backup file.
- We recommend that you use the Restore feature for disaster recovery because it overrides any previous configuration. The Restore feature uses the CleanCollections mode and clears any pre-existing configuration before it performs the equivalent of an import. All ISA Server objects that you have configured are overwritten, such as rules, networks, URL Sets. This makes sure that the resulting configuration is an exact image of the original. The Restore feature is only available on the root node. This makes sense for disaster recovery purposes.
- We recommend that you use the Import feature to import a configuration for cloning purposes, or to import individual policies, rules, and elements to your ISA Server. The Import feature uses Merge mode and does not clear the existing configuration. Imported settings, such as rules, are added to existing ones unless the settings are the same.
This is true for all nodes except for the array root node, where the Import feature works in "clean" mode, and no settings are merged. The Import feature is available on the root node, on child nodes, and on individual rules and elements. You can use the Import feature for the transfer of smaller elements.
Note In the Component Object Model (COM), the import call has a CleanCollections argument that is available to programmatically import or to restore your configuration. Set the CleanCollections argument to True to use the CleanCollections mode. Set the CleanCollections argument to False to use the Merge mode.
For additional information about the Back Up and the Restore features in the ISA Server Management console, click
Help on the
Action menu, type
back up and restore in the
Type in the word(s) to search for box, and then click
List Topics to view the list of topics.
For additional information about the Export and the Import features in the ISA Server Management console, click
Help on the
Action menu, type
export and import in the
Type in the word(s) to search for box, and then click
List Topics to view the list of topics.