Disaster and Disaster Recovery Plan.

A disaster recovery plan can protect your Microsoft Exchange server from loss of data due to external attacks or internal failures like crashes. Data in an organization is growing at an unpresented rate and any downtime caused due to unwanted data loss alone can adversely affect operations and business. In addition, the loss due to a permanent data breach can irreparably impair an organization. A disaster recovery plan is a critical part of any organizational workflow and exchange administrators should have a robust plan in place to counter any compromise or data loss.

Microsoft Exchange Data Protection

A disaster recovery or a data protection plan for Microsoft Exchange server starts with an understanding of Exchange Data Protection- a Microsoft's preferred architecture for Exchange Server 2016 and Exchange server 2019. It is designed to provide native data protection, minimize downtime and protect your data against any disaster. This way you can reduce the ownership of messaging system and eliminate the need to make backups of your data using traditional methods.

Nevertheless, many organizations prefer to have their own backup systems instead of solely leveraging Microsoft's Exchange data protection. If you want to go with full replacement, then you should consider the few scenarios as mentioned in the Microsoft guideline document here (scroll down the page to find the list of scenarios)

Why is backup important?

Even with Microsoft's recommended Exchange Data protection, it is advisable to have backup, especially for critical applications. Data backup products prepares you for all scenarios related to failure or recovery. It is recommended to back up the following items on Exchange servers

• • Mailbox Databases

• • Certificates

• • IIS/Web.Config file customizations

• • Voicemail directory

• • Any third-party tools

Disaster Scenarios

There are many incidents/instances which can cause the Microsoft Exchange server to crash. The administrators must create separate resolutions for each incident/instance. Such instances include:

• • Hardware failures

• • Ransomware, viruses, malwares

• • Backup malfunction

• • Human error

• • Lack of antivirus

• • Power issues

• • Change without change control.

Resolutions

As a system administrator, you need to tackle each scenario differently by going through the best practices. Some of the common data disaster scenarios and their recommended resolutions are listed below:

1) Server failures

Server failures include damage to the servers where critical applications and services run. Without an effective strategy or backups in place, a server failure can put a halt to the entire chain of operations in an organization.

The following measures can be taken in such failures

• a. Have multiple or at least two servers. In case of a disaster, one can keep running while the other undergoes repair and recovery. In addition, you should keep at least one offline copy of Exchange server database

• b. Active directories (which manage permissions and access to resources and networks) also must be backed up to restore other objects like contacts, distribution lists etc.

2) Ransomware/Viruses/Malwares

Exposing new Exchange servers to internet without setting up proper protection can make your server vulnerable to ransomware attack. If the server does get infected then the entire information becomes encrypted and company is forced to pay for a decryption key. The WannaCry ransomware attack in 2017 is the prime example of such a scenario. The WannaCry virus exploited the Windows Server Message Block (SMB) which is responsible for network communication.

The following measures are required to setup Exchange server in case of Ransomware attack

• a) Set up a new virtual machine.

• b) Rerun the setup and use recovery switch in order to pull all the information and settings.

• c) Backup doesn't work

During restoration, you might encounter corrupted dataset or you will find that the restoration is not working and data is not getting validated. To prevent this, you should ensure that your Exchange Server 2019 is working with your backup software. In order to ensure this, please run proper tests in lab and confirm that you can mount Exchange databases.

4) Changes without a change control

Most disaster recovery plans include change controls which ensure that there is no downtime if a change goes wrong. However, in some companies this change control is not implemented and in case of incidents, this can lead to outages.

In order to meet this challenge, you should have multiple database copies spread across datacenters. This allows you to meet your SLA percentage uptime and ensures that your exchange remains online without any issues.

Exchange 2019 Server Recovery

Exchange server 2019 has a setup parameter which helps in recovering lost servers. This parameter uses the Active Directory's settings and configurations to rebuild and recreate lost servers.

Nevertheless, there are certain settings which are not restored. For e.g. custom registry entries and changes to configuration files like local web.config.

For step by step process on how to recover a lost Exchange server, you can explore the Microsoft page here.

Exchange 2019 Server Recovery- Features and Guidelines

As you know, unwanted disruptions in the exchange servers can cause lot of issues and disrupt business continuity. Exchange recovery therefore becomes very important in ensuring that such scenarios are avoided.

Some of the key features and guidelines in Exchange Sever Recovery 2019 are listed below.

• a) You cannot use a snapshot to recover an Exchange server which is hosted on a Virtual machine.

• b) You should not just abandon the disaster hit Exchange server and opt to install a new one. The damaged server will still remain available in the active directory and this can cause the new exchange server to malfunction. This is the reason, recovering the damaged/failed server is the best option.

• c) In Microsoft Exchange Server 2019, you can restore your Exchange server to its earlier configuration if the Active Directory is working fine. It should also be noted that the exchange server will unable to function if the active directory is offline.

• d) Unless you have taken a backup of Exchange server, it is very difficult to repair the Exchange database. Also, the time required for restoration depends on the size of the database.

• e) A special feature in the Exchange Server 2019 is the Recovery database which allows you to perform the recovery operation by mounting the restored mailbox database and then extract data from it.

• f) Exchange Recovery's Database portability feature improves the recovery reliability by removing several manual steps in the overall recovery processes.

• g) While the affected mailbox is getting restored, the Dial tone portability feature in Exchange 2019 enables a user to use a temporary mailbox. This way business remains as usual.

ISSQUARED provides Disaster Recovery as a Service (DRAAS), which is built around a secure process backed up by top tier storage, replication and virtualization technologies to combat disasters and maintain resiliency of IT service delivery. Contact us today to get uninterrupted business continuity and keep your systems online during disaster.