====== SLA #001: Backup and Restore (SBR) ======
^ Version ^ Status ^ Date ^ Author ^ URL ^
| 0.1| First draft| 24.04.2021| Egil Rüefli| |

===== Service description =====
==== Service description ====
The Backup and Restore (SBR) service is used for the automatic backup and restore of data. To use the service, the backup user "rafisa-backup" must be created on the client side and assigned the appropriate rights. The decentralised IT infrastructures are automatically and regularly backed up centrally by the backup server via the Rafisa network. The status of the backups is reported to the helpdesk daily by e-mail.

Various backup types are available depending on the respective client:
  * Backup of SMB shares
  * File backup of server systems
  * Image backup of Proxmox VMs
  * Backup of database systems
  * Backup of configuration files of switches and firewalls (under construction)

==== Service description ====
The data defined by the system manager of an IT infrastructure is backed up by the backup server and restored if necessary.  The range of services includes
  * Daily, automatic data backup of file systems and VM images
  * A maximum of 90 backups are stored. Accordingly, the retention period for a daily backup is a maximum of 90 days
  * Restoration of individual files, entire file systems, databases or VM images
  * Daily backup reports are created and made available

The Rafisa helpdesk is informed daily by e-mail about the status of the data backup. Individual files can be restored after a corresponding ticket has been opened by those responsible at the helpdesk. Restores of entire servers or file systems are carried out by the SBR team.
==== Requirements ====
  * A system owner is defined for each system to be backed up
  * The system owner defines the data to be backed up
  * The system owner or the SBR team (as agreed) defines the backup user ''rafisa-backup'' with the required rights
  * The systems to be backed up are available at all times via the Rafisa network
===== Operating and service times =====
Operating hours productive system: 7 x 24 hours\\
Production system maintenance window: at any time without prior notice\\
Helpdesk service times: Mon - Fri 09:00 - 17:00 (except public holidays)\\

===== Performance =====
==== Availability ====
Target availability after failure: Next working day\\
Response time during office hours (09:00 - 17:00): Processing of problems starts within 1h\\
Night response time: Next working day (09:00)\\
Response time weekend: Next working day (09:00)\\
Response times for feedback: see chapter Escalation
==== Performance ====
Backup: The backup infrastructure is considered to have sufficient performance if daily backups are available for restore after a maximum of 24 hours. Depending on the amount of data to be backed up, the backup duration may deviate from the target time.

Restore: The target times for a restore are  
  * Max. 30 minutes for data volumes smaller than 100MB
  * Max. 1h for data volumes smaller than 10GB
  * Max. 24h for data volumes larger than 10GB

Team SBR assumes that significantly better speeds will be achieved under normal circumstances.

==== Capacities ====
The central data backup system offers the option of backing up large volumes of data. The SBR team ensures that the necessary resources are available to customers as part of capacity management.

==== Backup policy ====
Backup frequency: daily\\
Backup time: at night (19:30 - 07:00)\\
Retention time: 90 days\\
Number of copies: 1
===== Escalation =====
==== Severity level Criteria description ====
  - The service is no longer usable (nightly backups are not made)
  - The service is partially unusable (some backups could not be created)
  - Non-critical fault without impact on the backups

==== Severity level: Response times (first feedback - periodic feedback) ====
  - Immediately (30 min) - periodically 2h
  - 60 min - periodically 2h
  - 1 working day - after the fault has ended

==== Criticality ====
  - After 4h helpdesk and team leader, after 1 day management
  - After 1 day helpdesk and team leader, after 2 days management
  - After 2 days helpdesk and team leader
===== Security requirements & disaster preparedness =====
==== Security ====
Physical access to the server room is secured. The backup server is located in the management VLAN, the administration interface and SSH access are only available in this VLAN. The backup data is stored on an encrypted partition.
==== Disaster recovery ====
The data is saved to an external hard drive once a month and given to the management for storage at an external location.
===== Performance report =====
Compliance with performance targets is reported in the monthly report.
===== Costs =====