Colo backup or host it at home?

[The Spyder]

My work currently has a terrible offsite backup plan. It involves 2 external hard drives, one being swapped out once a week... If they remember. This is better then nothing, but still unacceptable... Sooo due to some spare hardware I have decided to look at putting a small server either at home and bumping up my internet connection or putting one of our spare servers in a colo. This has to be over a secure VPN, which is no problem as I have the hardware for that too.

Question is, has anyone here done this? Home or colo? What as the expense at the colo for a 50mg line? We have about 700gb of backups now and it is looking to double as we move to a paperless office this fall.

I am thinking of adding a second 50mg comcast line and having the company pay for a 50mg line at the owners or owners sons house and sticking the old 2tb backup server there just to test it out. I can duplicate the backup ZFS box to this offsite box, keeping any load off the primary ZFS box. This would be under $300 a month and give me offsite nightly backups which do not rely on someone remembering to swap a HDD.

 

[Vito_Corleone]

I wouldn't backup to an employee's home.

 

[Rison]

Home is a terrible idea for an employer. Everything from physical theft from your home (major insurance issues, their data at your location - home insurance doesn't cover) to employee prying. Even if you're the local systems admin.
Add in your home network getting hacked / viruses / trojans / worms.. it's a recipe for disaster. I wouldn't want to be held accountable for companies information at my home.

 

[C7J0yc3]

That is a crapload of data dude. Are you looking to replicate every day offsite, or just at the end of the week? How much new data do you have for each backup? Just remember that the upload at the office has to match the download at the endpoint, so if your getting 50mb down at someone's house then your office needs 50mb up to match, and that gets expensive. For instance around here from our various fiber providers a 50up and say 10 down would cost about $2200 a month at the very least. Now lets say you are moving 10GB off site every day in changes. That will take about 3.4 minutes per GB (5*60 /1024) so 34 minutes in total.

We backup from our CoLo to our office every night and it works well. We Rsync two FreeNAS boxes and that has worked very well so far. As far as doing backup to home there are definitely risks involved, but it is all about risk acceptance. Buying space in a colo will cost you about $1400 a month for what you would need but you can guarantee that it is in a physically secure SAS 70 Type II PCI compliant datacenter. If you run backups to someone's home network you can put all kinds of measures in place (encrypted backups, separate VLAN and DMZ etc etc etc), you spend maybe $100 a month comping the employee for network and power, so you have a much lower opex but a higher possibility that something could go wrong. We have plenty of small business clients that backup to the owner's house and have no issues so far, but they understand the risks involved and generally feel that they will take their chances with their data instead of shelling out for colo backup.

 

[Red Squirrel]

If the bandwidth is not an issue, then I would get a colo somewhere and go that route. Go Linux, so you can use rsync over ssh. Secure, and fast, because it only copies changes, and it wont cost you an arm and a leg like windows based solutions.

I would still backup locally as well, as that is the first point of restore and is the fastest (ex: if someone deletes a file by error or something) but the offsite will be there should something happen to the building.

Colo is the key, not rent, but colo. Build a big ass storage server, and colo it. Will be cheaper in the long run.

If the house has FIOS then it could be hosted at home too, but it will need to be very high security as far as physical access.

 

[The Spyder]

Home is a terrible idea for an employer. Everything from physical theft from your home (major insurance issues, their data at your location - home insurance doesn't cover) to employee prying. Even if you're the local systems admin.
Add in your home network getting hacked / viruses / trojans / worms.. it's a recipe for disaster. I wouldn't want to be held accountable for companies information at my home.

This would be at the owners house or the owners sons house, depending on the available services.

 

[The Spyder]

That is a crapload of data dude. Are you looking to replicate every day offsite, or just at the end of the week? How much new data do you have for each backup? Just remember that the upload at the office has to match the download at the endpoint, so if your getting 50mb down at someone's house then your office needs 50mb up to match, and that gets expensive. For instance around here from our various fiber providers a 50up and say 10 down would cost about $2200 a month at the very least. Now lets say you are moving 10GB off site every day in changes. That will take about 3.4 minutes per GB (5*60 /1024) so 34 minutes in total.

We backup from our CoLo to our office every night and it works well. We Rsync two FreeNAS boxes and that has worked very well so far. As far as doing backup to home there are definitely risks involved, but it is all about risk acceptance. Buying space in a colo will cost you about $1400 a month for what you would need but you can guarantee that it is in a physically secure SAS 70 Type II PCI compliant datacenter. If you run backups to someone's home network you can put all kinds of measures in place (encrypted backups, separate VLAN and DMZ etc etc etc), you spend maybe $100 a month comping the employee for network and power, so you have a much lower opex but a higher possibility that something could go wrong. We have plenty of small business clients that backup to the owner's house and have no issues so far, but they understand the risks involved and generally feel that they will take their chances with their data instead of shelling out for colo backup.

Looking to do essentially the same thing and moving to a colo after I do a proof of concept. Having 2 dedicated 50/50 lines just for the backup is not out of the question. It is either this, or I find a tape drive and contract Iron Mountain. I will look in to pricing for everything before I jump in to this.

 

[C7J0yc3]

Just so you guys all know Iron Mountain will store whatever fits in the box. We have a couple clients sending USB drives to Iron Mountain without issue.

Also those looking to CoLo depending on where you are looking to host depends on what you can get. For instance the CoLo that I host in you get three options, Full rack (42U), Half Rack (24U), 1/3rd Rack (14U). Rack fees (just space and power) start at about $700 and fall from there, and bandwidth starts at about $200/mo and goes up from there. There are also some setup costs involved. I have dealt with CoLos that allow buying 1U at a time, however that is only beneficial if you only need a few, because it gets expensive. You could also look at renting a server from RackSpace or The Planet with enough storage to hold your backups. This could end up being cheaper then putting your own server in a rack somewhere, but at the same time if you move providers, you loose your machine, and have to copy the data all over again.

 

[Red Squirrel]

That seems pricy for colo, check out Carat Networks or Liquidweb, their pricing seems pretty decent. I have a leased server with Carat but think my next will be a colo as leased servers tend to be older boxes that have been recycled (ex: not latest technology) and once you start asking for a quad core and anything over 4GB of ram and 100GB of space, you're paying through the ass, that's with any leasing company. For a low end server, leasing is cheaper, but for a high end server, colo is cheaper.

 

[C7J0yc3]

That seems pricy for colo, check out Carat Networks or Liquidweb, their pricing seems pretty decent. I have a leased server with Carat but think my next will be a colo as leased servers tend to be older boxes that have been recycled (ex: not latest technology) and once you start asking for a quad core and anything over 4GB of ram and 100GB of space, you're paying through the ass, that's with any leasing company. For a low end server, leasing is cheaper, but for a high end server, colo is cheaper.

What you are discussing is server leasing, not Co-Location, and there is a difference (though CoLo is usually the term used for server not in your building).

Co-Location is purchasing actual floor space in a datacenter. They provide you power and internet, and you bring the rest.

Server Leasing is when you lease a physical or virtual server from a company like The Planet, Liquidweb, Rackspace, etc. You have full control over your own server, but that's it.

If you just need to stick a storage box somewhere depending on how much space you need, and how much data you are transferring a server lease may be the better option. For instance a barebones server from liquidweb with 2x2TB in RAID 1 will cost you about $290 a month including 6000GB of transfer. If you bump to a dual processor server you can get 4x1TB in RAID 5 with a 8000GB transfer port for $460 a month, and if you decide to get a DAS box, you can get that same dual processor server with 6x3TB in RAID 6 for $890 a month.

The advantage of buying actual rack space in a CoLo is you can make your CoLo a DMZ, or even a cold site. We have many customers with web servers in our rack to get them out of their internal environment. We also have a customer with a R710 and a SAN in our rack that replicates to their internal Hyper V HA environment so that if their site goes offline (say SAN failure) they can be up and running in the CoLo in just a couple hours.

 

[The Spyder]

Just so you guys all know Iron Mountain will store whatever fits in the box. We have a couple clients sending USB drives to Iron Mountain without issue.

Also those looking to CoLo depending on where you are looking to host depends on what you can get. For instance the CoLo that I host in you get three options, Full rack (42U), Half Rack (24U), 1/3rd Rack (14U). Rack fees (just space and power) start at about $700 and fall from there, and bandwidth starts at about $200/mo and goes up from there. There are also some setup costs involved. I have dealt with CoLos that allow buying 1U at a time, however that is only beneficial if you only need a few, because it gets expensive. You could also look at renting a server from RackSpace or The Planet with enough storage to hold your backups. This could end up being cheaper then putting your own server in a rack somewhere, but at the same time if you move providers, you loose your machine, and have to copy the data all over again.

Renting is out of the question, the data must stay on our (owned) servers for some unknown ISO requirement. For 30 years...

 

[calvinj]

http://aws.amazon.com/s3/

 

[Rison]

This would be at the owners house or the owners sons house, depending on the available services.

Ah, slightly better. Separate ISP connection, separate networks (VLAN or physical). I'd be throwing in the cost of a UTM appliance or SMB router with subscriptions in the mix. Add in a good online UPS + maintenance, you're almost to the point of a rackspace server, or something similar.

 

[The Spyder]

Ah, slightly better. Separate ISP connection, separate networks (VLAN or physical). I'd be throwing in the cost of a UTM appliance or SMB router with subscriptions in the mix. Add in a good online UPS + maintenance, you're almost to the point of a rackspace server, or something similar.

You pretty much nailed down my plan.

I did get asked by the ISO/QA guy today what if the door was kicked in and they stole the server... I asked him back what if some visitor walked by our server rack (in engineering) and just grabbed one of the externals with no encryption on it...

 

[C7J0yc3]

You pretty much nailed down my plan.

I did get asked by the ISO/QA guy today what if the door was kicked in and they stole the server... I asked him back what if some visitor walked by our server rack (in engineering) and just grabbed one of the externals with no encryption on it...

Just use FreeNAS, OpenE or Openfiler and use an encrypted ZFS volume on your backup target. That satisfies our PCI, HIPAA, and SEC requirements, so I would assume that it satisfies ISO too (though have never had to prep for one). For the three listed above when they ask are your backups encrypted, so long as you can answer "Yes, AES128 or AES256" that is all they care about, doesn't matter if the backup container itself is encrypted, or the storage volume it is on is encrypted, just has to be secure.