Comparisons to other backup systems
Within this document, encrypted and on-line are used in very specific ways to describe backup systems.
- encrypted
- The data to be backed up is transmitted and stored on the server so that the data can only be recovered if secret encryption keys are available.
- on-line
- The backup server does not use tape or any other removable archive media. All data is stored within the server file system on conventional hard discs, and every (current) file is always available.
Only backup systems which are both encrypted and on-line are compared in depth. Other systems have brief notes at the end of this document.
Please email me with any systems I have missed, or corrections to my analysis. This is not intended to promote Box Backup, but as an objective comparison to allow you to decide which system to adopt.
Encrypted, on-line systems
| Box Backup | duplicity | hdup | Bacula | |
| Development status | stable, under development, not feature complete | "not stable yet" (details) | stable, maintainance only | stable, under development, adding high end features |
| Changes only when uploading new versions of existing files (like rsync) | yes | yes | no | no |
| Connects to server using | TLS (SSL) | ssh/scp, local file access, rsync, ftp | ssh, local files | TLS (SSL) if configured |
| Authentication | SSL certificates (client and server) | Traditional file storage accounts on server (eg unix username, virtual FTP etc) | Traditional file storage accounts on server (eg unix username, virtual FTP etc) | CRAM-MD5 (default) plus SSL certificates (all components) if configured |
| Dependencies | OpenSSL | Python installation, librsync, GnuPG, remote shell | ssh, mcrypt/GPG, GNU tar | None after building |
| Signed data storage | Implicit | Explicit with GnuPG | Implicit/Explicit with GnuPG | With OpenSSL PKI if configured |
| Scheduling | Self-contained with randomised element to avoid cyclic server loading, or cron job | cron job | cron job | Built-in scheduler |
| Continuous backup | Yes -- backs up files a configured time after being changed, or... No -- in snapshot mode |
No -- takes a snapshot of the filesystem when it is run | No -- takes a snapshot of the filesystem when it is run | No -- takes a snapshot of your defined FileSet when it is run |
| Handling of old versions and deleted files | Old and deleted files remain on server until store reaches a set limit, after which they are removed. No particular limits on availiability apart from this size limit. | Full and incremental backups, deletion by user scripts | Monthly full backups, weekly and daily incremental, deletion of archives by user scripts | Automatic pruning of catalog, Volumes recycled when needed |
| Resources used on client | Few Mb of memory, very small amount of disc space | Status and checksums for all files backed up, plus potentially large temporary files. (however, disc space is cheap, so this is not an issue unless the clients are older machines with small hard drives) | Minimal (latest versions can stream archives directly to server) | Minimal -- runs as a daemon |
| Resources used on server | Disc space | Disc space, remote shell server, UNIX accounts | Disc space, ssh, UNIX accounts | Minimal -- unless local disks used as Volumes |
| Redundant storage on server | Optional built in userland RAID storage | Relies on OS to provide RAID | Relies on OS to provide RAID | Relies on OS to provide RAID, uses tape |
| Restore | FTP-like client, or simple command to restore entire directories | Simple command to restore entire directories, fetch files or directories by name. | Simple command to restore entire directories, fetch files or directories by name, will fetch entire archives for single files. | Simple command to restore entire directories, fetch files or directories by name, will fetch entire archives for single files. |
Other systems
| Encrypted? | On-line? | Network | Notes | |
| Amanda | no | no | LAN | The classic network backup system |
| Bacula | yes | yes | LAN | Comprehensive job control. Stores lists of backed up files in a database for faster retrieval. Can backup to disk, DVD, and tape. Supports encrypted transfer and encrypted storage. |
| rdiff-backup | no | yes | Remote | "The idea is to combine the best features of a mirror and an incremental backup." |
| rsnapshot | no | yes | Remote | Perl script. Pulls files over ssh from the source server to the backup server. Creates efficient snapshots of the source filesystem. |
| rsync | no | yes | Remote | Requires extra scripts for automatic scheduling and old version archival. May be less efficient than Box Backup, as it needs to check for existence of every file on the remote side, whereas Box Backup keeps an efficient record. |
| Mondo Rescue | no | no | n/a | Backup to local media, aimed at full system recovery. |
"Network" is marked as LAN if the system uses so much bandwidth it can only be used on a LAN, Remote if it uses bandwidth conservation techniques which make it suitable for use over an internet connection.
© Ben Summers and contributors, 2003-2008