Sofar I have only used Fd_ISR with a few snapshots and a number of archives. I am now trying to get familiar with imaging software and I wonder how to best manage this.

Here is what I am thinking but please correct me if I am wrong.

1) Snapshots are convenient for immediate rebooting into another set-up, however they do take up some space. This is not so much an issue on the harddrive (enough space nowadays), but will increase scanning times for AV or imaging times for creating images. So I guess I will reduce my snapshots to Work, Secondary (to reboot quickly) and possibly one special function snapshot.

2) Archives - useful for quick recovery of earlier setups - stored on a separate internal and external drive for security

3) Images - as additional backup in case of hardware failure, again stored on separate harddrive and external drive
My intention is to only image the OS as my data is on a separate internal harddrive with backup to an external drive. Does anyone use images for "data drives"?

Now I realise that some users here have their own finetuned strategy,probably developed and improved over time. If someone would like to share their back up plan, I would be very interested - primarily how to combine the three, how many snapshots/archives/images to keep, how or when to prefer one over the other ...

I am sure there are many aspects I have not yet thought about.

Hi Beethoven

I use a simple plan.

Only one partition for everything. I only keep a second snapshot, and it is totally stripped down. It's only purpose is a place to boot. I use the archives, and have one for my main snapshot, and one for my secondary. I almost never update either my secondary snapshot or archive. I update the primary archive frequently.

As to imaging, I use shadowprotect, and I take complete images everyother week, and let the continous incremental function run every thirty minutes during the day.

Doing this I have all kinds of options. If I need I can pull something from one of the incrementals, and one end of the extreme, and the other is complete recovery by doing a windows install, installing FDISR, and restoring the archives.

Pete

{QUOTE-> a simple plan <-QUOTE}

that's what I like and sounds like an excellent movie title ;)

{QUOTE-> I almost never update either my secondary snapshot or archive. I update the primary archive frequently <-QUOTE}

So the secondary snapshot & archive are pure recovery for booting and restoring (from other sources, ie the frequently backed up primary archive) but not to backup anything valuable.

{QUOTE-> I update the primary archive frequently <-QUOTE}

This then is your first "rescue" solution - using this archive to update the secondary if you needed to roll back?

{QUOTE-> As to imaging, I use shadowprotect, and I take complete images everyother week, and let the continous incremental function run every thirty minutes during the day.

Doing this I have all kinds of options. If I need I can pull something from one of the incrementals, and one end of the extreme, and the other is complete recovery by doing a windows install, installing FDISR, and restoring the archives. <-QUOTE}

So I take it you don't see much point in having additional archives as points in time, relying much more on SP? I guess one of the reasons is that you don't separate OS and data?

how long have you been using fdisr?

I explained mine already so many times and
1. Who wants to separate system from data ? Nobody, except a few users.
2. Who wants to use a frozen system partition ? Nobody, except a few users.
3. Who wants to change his backup habits ? Nobody, except a few users.
Users only want to change the names of their softwares, mostly security and recovery softwares, not the rest.

{QUOTE-> how long have you been using fdisr? <-QUOTE}

about 6 months :D

{QUOTE-> I explained mine already so many times and
1. Who wants to separate system from data ? Nobody, except a few users.
2. Who wants to use a frozen system partition ? Nobody, except a few users.
3. Who wants to change his backup habits ? Nobody, except a few users.
Users only want to change the names of their softwares, mostly security and recovery softwares, not the rest. <-QUOTE}

To be honest I like your approach but as it is the most "radical" way to operate, at this stage I prefer to learn a bit more about both Fd_ISR and imaging and become more comfortable with everything. Still, I already took step 1 (for almost everything though there are some programs that I still find difficult to manipulate with respect to data) and step 3. Give me a few months and I might start testing your strategy ;D

{QUOTE-> 1. Who wants to separate system from data ? Nobody, except a few users. <-QUOTE}

one must always seperate their data from the operating system- not doing so is suicide

beethoven - i'll be honest, all of us know how to answer your questions and then some- we are waiting for you to ask kindly- prove yourself worthy, then you'll have the understanding of the fdisr..

{QUOTE-> we are waiting for you to ask kindly- prove yourself worthy, then you'll have the understanding of the fdisr.. <-QUOTE}

??? I am afraid I do not understand this at all? How do I prove myself worthy :-\

albert will begin it ;D

{QUOTE-> Still, I already took step 1 (for almost everything though there are some programs that I still find difficult to manipulate with respect to data) ;D <-QUOTE}
The 3 steps I described are independent from eachother, you can do #1 first without doing #2 and #3. Separating system and data, doesn't mean you have to change your security or backup also, you can do this much later.

Separating system and data has to be COMPLETE, not partial, otherwise you have no freedom in your system partition and your data will always be an obstacle.
The bottom line is that even when you wipe out your system partition completely, you may not lose any data file.
If you didn't succeed in this, the separation wasn't successfull and this will cause problems later.

In my case I had only 2 problems : Firefox and Thunderbird.
All the rest was a matter of changing the default folder settings in the software.

My problem with Firefox was how to keep the bookmarks and you can do this in several ways. After trying several ways, I finally found an easy solution : extension "Delicious Bookmarks", which allows you to store your bookmarks on the internet, instead of on your harddisk.
So I didn't move Firefox partially to my data partition, I installed Firefox completely on my system partition and my bookmarks are now stored and organized on internet.

My problem with Thunderbird was how to keep my emails and email-address-book. To solve this problem, I cut/pasted the profiles folder to my data partition and changed the file "profiles.ini" to tell Thunderbird where to store my emails and address-book and that worked also.

Each time I'm looking for a new software (non-security), I always verify, if I can store the output-files, created by this software, automatically on my data partition. If not, I look for another similar software.
Until now this was never a problem, because most recent developped softwares allow you to store their output-files on another partition.

P.S.: software settings are not to be considered as data, because that is a one-time job.
Once your system partition (Windows + Applications) is configured, you don't have to change settings anymore, unless you made a mistake, but in the end all your settings will be OK.

{QUOTE-> beethoven - i'll be honest, all of us know how to answer your questions and then some- we are waiting for you to ask kindly- prove yourself worthy, then you'll have the understanding of the fdisr.. <-QUOTE}

He has asked a legitimate question as a new user. The one's who have to prove themselves worthy are the responders.

{QUOTE-> one must always seperate their data from the operating system- not doing so is suicide <-QUOTE}

Why. I've been operating with data and system on one partition for over 5 years, without a single problem.

Pete

PS. With a bit of planning and forethought there is no issue with just one partition. Never lost data period.
PPS Let me clarify one thing. To me data is stuff like from office,Quickbooks etc. If I had large collections of big stuff like movies, and huge photo collections, yes I would keep those elsewhere, just because of their size. But business data, personal data, I keep all on the system partition, no problem.

{QUOTE->
So the secondary snapshot & archive are pure recovery for booting and restoring (from other sources, ie the frequently backed up primary archive) but not to backup anything valuable. <-QUOTE}

Absolutely for backing up valuable stuff. The primary
{QUOTE-> snapshot and archive are my main c: working drive. System, data, everything.


{QUOTE->
This then is your first "rescue" solution - using this archive to update the secondary if you needed to roll back? <-QUOTE}

No. If I need to roll back I boot to secondary, and then update Primary from it's archive. The secondary is simply a place to boot to fix/update the primary snapshot.


{QUOTE->
So I take it you don't see much point in having additional archives as points in time, relying much more on SP? I guess one of the reasons is that you don't separate OS and data? <-QUOTE}

Points in time aren't of much value to me beyond a chance problem during the day. My systems change constantly with updates etc, that what it was like two weeks ago may not be useful today. Keeping an archive current is extremely fast, so it means I don't have to image as frequently. I can restore an image from two weeks ago, and use FDISR to get current.

The continous incrementals protect against something happening during the day, but once FDISR is refreshed, their significance dimishes until the next day.

Pete

Thank you Peter - as always very helpful :)

I see your use of the secondary snapshot/archive is quite different from my current use. Certainly your way is simpler and more straightforward than my juggling with a number of snapshots and/or archives in time.

More importantly I now start understanding the relationship between FDISR and Image. I considered Images as a further backup in case FDISR is not able to help. I assumed my image would have to be current but in fact an older image will do provided I can still access an updated archive from another drive.

{QUOTE-> Thank you Peter - as always very helpful :)

I see your use of the secondary snapshot/archive is quite different from my current use. Certainly your way is simpler and more straightforward than my juggling with a number of snapshots and/or archives in time.

More importantly I now start understanding the relationship between FDISR and Image. I considered Images as a further backup in case FDISR is not able to help. I assumed my image would have to be current but in fact an older image will do provided I can still access an updated archive from another drive. <-QUOTE}

Yep. In fact you can start with a clean windows install, install FDISR, and then get current with the archives. Way too cool.

Beethoven,

I have two 'regular' snapshots on my systems and one 'giveawayoftheday' snapshot.
I also have two archives, one 'regular' and one 'giveawayoftheway'.

The giveawayoftheday is a growing collection of commercial software that is offered on the giveawayoftheday (http://www.giveawayoftheday.com/) website for free during one day. The restriction is that you have to activate it the same day of the offer. I don't know if I will use the free software, so I won't clutter my regular installation with it.

The 'regular' snapshots are pretty much identical. When I get Windows updates or security updates I update the regular archive.
I test or evaluate software to my liking and when I don't like the software I restore the snapshot from the up-to-date archive as opposed to uninstalling the software.

For distaster recovery you should export your archive to an external disk.

There are many ways to use your computer, and with the ideas here, I'm sure that you develop a way that you feel comfortable with.

{QUOTE->

The giveawayoftheday is a growing collection of commercial software that is offered on the giveawayoftheday (http://www.giveawayoftheday.com/) website for free during one day. The restriction is that you have to activate it the same day of the offer. I don't know if I will use the free software, so I won't clutter my regular installation with it.
<-QUOTE}

Thanks Wilbert, interesting comment about the giveawayoftheday snapshot. I am familiar with this site and check it out frequently. Most of the programs are not for me but once in a while I would like to test but maybe not immediately. This is an interesting work-around. However, once "installed" in the giveaway snapshot, can you "migrate" it to your main in case you want to continue using it? I would have thought that this is like a second installation and being on a different date it would fail?

{QUOTE-> However, once "installed" in the giveaway snapshot, can you "migrate" it to your main in case you want to continue using it? <-QUOTE}
Well, my idea is that I do have the software activated in a separate snapshot.
For migrating to different snapshots (or even different computers) my first thought is to use Altiris SVS (http://www.svsdownloads.com/).

Very interesting link - I feel I must have been blinkered not to have noticed any thread about this SVS option before :what:

Seems like a great way to minimise threat exposure. What are the drawbacks? I guess there must be some:-\

Try a search for Altiris in the Software & Services section (http://www.wilderssecurity.com/forumdisplay.php?f=48).

{QUOTE-> Very interesting link - I feel I must have been blinkered not to have noticed any thread about this SVS option before :what:

Seems like a great way to minimise threat exposure. What are the drawbacks? I guess there must be some:-\ <-QUOTE}

beethoven- asvs isn't designed for testing of potentially harmful programs or executables - it's made for testing software in a sterile environment, hence has no security implications.

for testing software that may bring on harm, fdisr, vmware, sandboxie, or a virtualization program such as shadowdefender would be what's called for.

hark, else suffer...

regards,

chrome

Well, Beethoven, you've a proper understanding now of the secretive powers of the fdisr, or nay?

To preserve your Give Away apps try backing up with a backup program Norton for instance uses VSS so does Paragon or Acronis. You can also preserve the Serial number if it gives you one & download a trial version of the software from the authors site. An additional way would be to make up a portable app using Thinstall or Altiris or use pluglab from REATOGO & make a PE portable app. Preserving the sn ought to allow you to uninstall the app & use the portable one.

Unlike the excellent prevention measure used by wilbertnl, i instead choose to make my duplicate Secondary or fallback snapshot an archive which due to the Raw Force of First-Defense! serves as my 2nd snapshot. Whereas my real Secondary is totally DIFFERENT! then the first.

Therein lies exceptional versatility and no limits to your own creativity. As i see it FD-ISR's archives are the Main Core for me since they can be safely set aside on another isolated (unplugged) internal disk untill wanted or needed.

This very unique technology of Leapfrog's expands well beyond the basic trappings of limited dependency.

EASTER

Easter, care to expound upon that? While I see the obvious benefit of keeping one's main snapshot archived, why don't you also keep a duplicate snapshot of that main useage snapshot? Seems you'd want to do any sort of testing on the duplicate, and if the changes were beneficial, youd want to update that duplicate to your main.

Thanks,

Chrome

{QUOTE-> Easter, care to expound upon that? While I see the obvious benefit of keeping one's main snapshot archived, why don't you also keep a duplicate snapshot of that main useage snapshot? Seems you'd want to do any sort of testing on the duplicate, and if the changes were beneficial, youd want to update that duplicate to your main.

Thanks,

Chrome <-QUOTE}

Say Chrome

From my experience theres no need to.

That archive remains an archive even after it's been loaded over a snapshot.

So irregardless of useage or purpose, the snapshot in which that particular archive was made in the first place, is preserved. Be that First, Second, Third, so on and so forth.

It's just too easy. In fact, i can even treat that archive as an image backup and have many times before.

That's the beauty of FD-ISR!!! So many possibilities, so many uses, and just like in the same manner that ErikAlbert LOVES to brag so stately & repeatedly on his failess Boot-To-Restore courtesy FD's FreezeStorage which removes ALL/ANY changes to his disk, i take the same pride that NOTHING! and NO APP, not even a total drive failure or file infector virus can defeat FD-ISR so long as your installer is still in great shape and your archives are safely deposited and resting OFF-LINE and isolated in storage.

The perfection of it's programming is not so much a secret in some respects when you look at it from all sides.
FD-ISR can be likened to an image app and in fact it drastically reduces my dependency on them. (Dare i say replace?)

you can say replace, if you dont mind that extra step of first installing an operating system, then installing fdisr, then importing your snapshots. too bad fdisr doesnt include boot disc functionality, then it truly would be a replacement far more powerful than any traditional imaging app:thumb:

FDISR OWNZ THEM ALL ;D

Its a pity that FD-ISR Rescue does not have the archive function as it would make the program much more appealing for those of us unlucky not to have the the original FD-ISR.

{QUOTE-> Easter, care to expound upon that? While I see the obvious benefit of keeping one's main snapshot archived, why don't you also keep a duplicate snapshot of that main useage snapshot? Seems you'd want to do any sort of testing on the duplicate, and if the changes were beneficial, youd want to update that duplicate to your main.

Thanks,

Chrome <-QUOTE}

I do the same thing as Easter. I have totally stripped down my secondary, and it only serves as a place to boot so I can update my primary from the archive. I also have an archive of the secondary as it's easier than recreating.

Reason I do it is simple. Imaging time and space. My primary is about 20g, and my secondary is about 5gb. So I am imaging 25gb instead of 40gb.

Using the archive this way has never failed me.

Pete

I concur with Easter (http://www.wilderssecurity.com/member.php?u=70801), that the power of FD-ISR is beyond our imagination.

The archiving feature takes away any limit. You can fill up a datacenter with archives of any kind of installations or setups, even different operating systems if they are installed in a NT file system (NTFS).
You can create a new archive every day, so you can restore your system to any time. (I'm not making a functional suggestion, but merely demonstrating the unlimited power)

And I still think that creating and booting into a empty snapshot is almost magical. Offering the posibility to reinstall any NTFS supporting operating system without losing data!
Think of it: running Windows 2000, Windows XP-sp2, Windows XP-sp3 and more all in the same partition...

{QUOTE->
And I still think that creating and booting into a empty snapshot is almost magical. Offering the posibility to reinstall any NTFS supporting operating system without losing data!
Think of it: running Windows 2000, Windows XP-sp2, Windows XP-sp3 and more all in the same partition... <-QUOTE}
I don't need an empty snapshot, I create an image first, then an archive, then a snapshot. I'm doing this since September 2007 and it WORKS. This way I can also re-create an archive + snapshot over and over again, even when they are corrupted. Images are #1, then archives and snapshots.
I also don't backup my actual system partition anymore, too long online and possibly infected. Restoring an infected image is not a solution. Instead of that : I restore a clean image, upgrade it, do a backup and use it as my new actual system partition.

The reason why I don't like an empty snapshot, is that it is often created in a system partition, that has been online too long and might be infected.
If you have a malware on board, that infects all snapshots, it might infect the contents of an empty snapshot as well.

This has nothing to do with paranoia, pure logical reasoning and doing things in the right sequence.

{QUOTE-> The reason why I don't like an empty snapshot, is that it is often created in a system partition, that has been online too long and might be infected. <-QUOTE}
Which demonstrates that each FD-ISR user develops their own preferred way of using this software. :thumb:

You may be right about the empty snapshot, Erik-Albert, I thought that when you install Windows XP, it overwrites MBR and PBR (that is the reason why you need to reinstall FD-ISR in an empty snapshot) and the empty snapshot is reinstalled from a CD. The chance that an infection survives this rigid action is probably zero.

{QUOTE-> Which demonstrates that each FD-ISR user develops their own preferred way of using this software. :thumb: <-QUOTE}
That is absolutely correct. Everything I did with FDISR is IMPOSSIBLE with any other ISR-software. You can understand why I'm so angry that FDISR is terminated and what do I get in return ? The Unreliable RollbackRx ::)
{QUOTE-> You may be right about the empty snapshot, Erik-Albert, I thought that when you install Windows XP, it overwrites MBR and PBR (that is the reason why you need to reinstall FD-ISR in an empty snapshot) and the empty snapshot is reinstalled from a CD. The chance that an infection survives this rigid action is probably zero. <-QUOTE}
This can be correct, but I prefer to do it my way, like you already mentioned in your first paragraph. :)

I think it's a matter of not only preference, but also neccessity. There comes a point when a person has to come to some kind of a compromise between going to possibly overzealous lengths to "ensure" total 100% security and the time and extra effort it takes to maintain such a setup/ and having more time to get other necessary things done in other aspects of life, yet having a slighty less "airtight' security setup.

The way this balance falls, would depend ultimately on the needs and then the wants of the user.

For instance, i'm studying for my security+ exam. For this studying I need to be able to work with different operating systems such as windows server 2000, windows server 2003, xp, and to an extent vista. The empty snapshot function allows me the ability to do this - it's only a matter of a couple minutes to boot between snapshots. This gives me a great advantage with my studying, as I can follow along with my texts concerning the different operating systems firsthand.

While this may somehow or other not be as secure as other system configs, It's a trade-off i'm willing to accept, as the benefits of having the various operating systems to work with ultimately far outweigh the negatives.

In my case it's like so: slightly tighter security & less risk of infection, no empty snapshot os installs. advantages=less chance of having to do a format in event of infection (which i'd never have to do anyway because I keep an acronis image offline) vs. slightly lesser security, with ability to work/study with different operating systems. advantages= security+ certification, better understanding of differing operating systems, and ultimately, a better paying job. So as is obvious, the choice in my case is clear.

Fdisr keeps me learning and contributes to my understanding of the microsoft operating systems, and with linux and bsd, I am using good old fashioned partitioning to have those at my disposal to work with as well.

I must admit, I am contented with my setup and booting around working with different systems keeps things interesting.:thumb:

But point being, it all depends on the users needs, then preferences, as well as a consideration of effort and time needed, regarded with risk level in relation to other productivity endeavors.

Thanks,
Chrome

In your situation i would go for VM solutions,switching between OS's is faster,also safer, security wise.

But admit FDISR is a real gem,always sparkling from whatever side you look at it. LOL ;D

Huupi, thanks for the advice, but I don't use virtual machines to work with different operating systems, I only use them to evaluate whether or not I want to keep and use the operating system on a more permanent level. Once I test an operating system in a virtual machine and I decide I want to keep it and continue working with it, the virtual machine gets deleted and the operating system gets it's own proper partition.

Thanks,
Chrome