How Oxidized Network Backups Improve Resilience
Network outages are extraordinarily expensive and disruptive to business, with recent EMA research finding that outages cost an average of $14,056 per minute in 2024. While these outages have numerous possible causes, two of the largest and most preventable are human error and configuration issues. Enterprise networks keep growing bigger and more complicated, with factors like network decentralization, the use of network automation solutions, and the constant threat of cybersecurity breaches contributing to management complexity and the risk of costly mistakes.
For example, in February 2024, a network configuration error in an un-tested update caused an AT&T outage that blocked over 92 million phone calls (including 25,000+ failed 911 calls). After an FCC investigation, the company could be penalized with fines and remediating orders.
Oxidized is an open-source network configuration backup and change management tool that can help prevent human errors and malicious actors from disrupting network services. It also accelerates recovery from equipment failures and ransomware attacks without increasing network complexity. This guide explains how Oxidized network backups can improve resilience, or the ability to withstand adversity and continue business operations with minimal disruption.
What is Oxidized, and how does it work?
Oxidized is a lightweight tool that automatically backs up network device configurations and tracks changes. It supports more than 130 operating systems and easily integrates with third-party network management tools like LibreNMS.
Oxidized uses REST APIs to pull configurations from network devices and send them to a Git repository or network management platform. Administrators can configure it to make backups according to a specific schedule, and it automatically pulls a new version (called a diff version) whenever a device’s configuration is changed. Teams can view diff versions in the Oxidized web UI as well as whichever Git repository or management platform the backups are being sent to.
Viewing diff versions in the Oxidized web UI. Source
How Oxidized network backups improve resilience
Network resilience is the ability to minimize business disruptions when adverse events occur, such as ransomware attacks, botched updates, natural disasters, and equipment failures. Oxidized network backups improve resilience in numerous ways. For example:
- Administrators can easily roll-back device configurations to a previous version if a change causes problems, reducing the impact of any resulting service degradation or outages. This could have significantly shortened the impact of the AT&T outage mentioned earlier, for example.
- Teams can quickly deploy known-good configurations to replacement devices when equipment failures or ransomware breaches happen, significantly accelerating recovery times.
- Configurations can be monitored with version control to prevent unauthorized changes from proliferating unnoticed, helping teams stop ransomware and other malicious actors in their tracks.
Enhancing network resilience with out-of-band management
Network backups are crucial, but they’re only one piece of the resilience puzzle. Another best practice for minimizing business disruption is to isolate the network control plane with out-of-band (OOB) management. OOB moves all network management and infrastructure control functions to an entirely separate network that runs parallel with the production (or in-band) network but doesn’t rely on any of the same infrastructure or services. It allows teams to perform management, troubleshooting, backup, and recovery workflows remotely on a dedicated connection, such as secondary Fiber or cellular LTE, that remains available even if the in-band network goes down from an equipment failure, ISP outage, or ransomware attack.
By isolating management interfaces and workflows on a separate network, OOB management helps prevent malicious software or people from accessing them from a breached production system. For example, running Oxidized backups on the OOB network ensures that teams can safely deploy configs to new or rebuilt equipment without risking ransomware reinfection, speeding up recovery times and reducing financial impacts.
Minimize business disruption with Oxidized + Nodegrid
Nodegrid is a vendor-neutral out-of-band management platform that uses console servers and integrated branch services routers to isolate your control plane without the need for parallel infrastructure.
OOB management network isolation with the Nodegrid platform.
Nodegrid’s open architecture and extensible management software allow you to integrate, host, and run your choice of third-party services and solutions. You can use it to deploy network automation, run next-generation firewall software, host recovery tools, or even deliver services while the primary network or systems are down. With the combination of Oxidized network backups and Nodegrid OOB, you can minimize the impact of adverse events without driving up costs or complexity.
Deploying Oxidized network backups with Nodegrid OOB helps reduce the duration, expense, and hassle of downtime. Schedule a Nodegrid demo to learn more.