|
Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience.
The truth is you don’t need to buy anything to create this capability on most corporate networks. You already have it built into your Microsoft Operating System (OS). “Shadow Copy (also known as Volume Snapshot Service, Volume Shadow Copy Service or VSS) is a technology included in Microsoft Windows that can create backup copies or snapshots of computer files or volumes, even when they are in use. It is implemented as a Windows service called the Volume Shadow Copy service. A software VSS provider service is also included as part of Windows to be used by Windows applications. Shadow Copy technology requires either the Windows NTFS or ReFS filesystems in order to create and store shadow copies. Shadow Copies can be created on local and external (removable or network) volumes by any Windows component that uses this technology, such as when creating a scheduled Windows Backup or automatic System Restore point.”1
In fact, VSS is what is actually being used by almost all of these hyped products. It can be easily enabled and pushed with an RMM tool or traditional Group Policy / GPO to all endpoints. VSS doesn’t cause as much resource drain on a computer as you might think. VSS is highly efficient by moving files to temporary locations in an incremental fashion. So, it only moves files that have changed since the last snapshot. This obviously saves significant amounts of time compared to taking a full system snapshot each time. VSS was introduced in Microsoft Windows XP®/Server 2003 and has been available in every version of Windows since.
With all this hype, why aren’t most network administrators using it?
What do we recommend for our customers?
How do you setup VSS?
Sponsored byRadix
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byCSC
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byVerisign