Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 4097 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Backup and restore SEC Settings

macoy

Hi Guys,

Just would want to know if someone already did a backup and restore of the whole SEC settings including the computers, computer groups, and policies? I'm planning to do a backup of my whole setup. Appreciate if anyone can pass me some procedure on how to do it.

Thanks!

:2307


This thread was automatically locked due to age.
  • 0

    Hello macoy,

    BackupDB.bat in %ProgramFiles%\Sophos\Enterprise Console\DB backs up the whole database contents (including events and alerts). RestoreDB.bat restores them. I have used it to "move" servers and during tests to "clone" a server and to "reset" it.

    What's your intention?

    Christian

    :2312
  • 0

    I just want to backup everything like the computers that were already discovered by Sophos, all the policies that was created and are now applied, even the updates and binaries that were downloaded.


    Does the backupdb thing that you mentioned earlier can backup everything that is present on my existing Sophos settings including the all the binaries and updates that were already downloaded?

    I just would want to backup my existing sophos setup so that if there's something happen to my server I can restore my whole existing setup and settings using the backup that was done using the procedure that you mentioned.

    :2336
  • 0

    I just would want to backup my existing sophos setup so that if there's something happen to my server

    Glad you ask - discussing these things is what a forum is (also) for.

    BackupDB simply backs up the (SOPHOS4 in this case) database. It contains (the breakdown is arbitrary and the description is neither meant to be accurate to the last details nor complete):

    • your groups, computers and their mappings
    • syncpoint data
    • your policies, their contents (=settings) and the group/policy and computer/policy mappings
    • events and alerts (including history)
    • roles and sub-estates
    • report configuration
    • SUM "metadata"
    • various SEC settings

    It does not contain 

    1. the database connection information
    2. certification manager registry keys
    3. RMS configuration
    4. software and downloaded data

    For the items in the not group it simply doesn't make much sense to have them in the database. 1 is obvious, 2 is perhaps arguable but right now the keys must exist or are created at an early stage during install, 3 is also obvious and 4 is not really necessary (as it is expected that downloaded data is regularly updated and as for the rest - well, you need something to start with).

    If I'm right you want some kind of "self-installing snapshot package" if there's something happen to [your] server.  What could that something be? If your server has "disappeared" (theft, major hardware failure, OS disaster) you'd first have to recover or reincarnate your server. As the Sophos software is readily available (unless you've also lost your license credentials - but they are only a call away) and a fresh install doesn't take long AND you'd also need the database (which might not be on the same server or share it's instance with another database) it'd be not of much help (if at all).

    Apart from the registry keys mentioned you should keep the details of the modifications you made (if any, but do not forget that if you were using WebCIDs you'd also have to configure the webserver) and perhaps the details for the accounts you used for updating (SophosUpdateMgr and whatever you use for your CIDs) and Roles and Sub-Estates - but this is not an absolute requirement. At least for me that is all I needed.

    If I misunderstood your question, please excuse.    

    Christian

    :2343
  • 0

    my main goal for this kind of scenario is that I would want to restore my existing setup (including all the setup, computers, policies, etc.) to the point wherein there's nothing happen to my sophos server.

    If you're saying that the BackupDB procedure will do that job for me then I think my problem is solved for now. If all of the computers, policies, even the alerts will be restore completely then I'm fine with that.

    I am going to add this procedure for my disaster-recovery procedure for our server in which sophos is installed inside.

    :2354
  • 0

    If you can spare a workstation you can install SEC on it and do the restore and check if everything is there (but better take it off the net especially if you are in an AD environment and have syncpoints set up).

    (Oh - and of course if you ever need to restore to a server with a different name or a different locations for All Users or ProgramData you have to do some editing).

    Christian

    :2362
Unfiltered HTML