Disaster recovery best practices for Endpoint Protection

Step 1: Back up the database

Back up the database regularly, preferably weekly.

By default, the database backup folder is saved to the following default location:

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup

The backup file is called date_timestamp.zip.

See Backing up the database and logs.

Step 2: Back up the disaster recovery file

The recovery file includes the encryption password, keystore files domain ID, certificate files, license files, and port numbers. By default, the file is located in the following directory:

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup\recovery_timestamp.zip

The recovery file only stores the default domain ID. If you have multiple domains, the recovery file does not store that information. If you need to perform disaster recovery, you must re-add the domains.

See Adding a domain.

Step 3: Update or back up the server certificate (optional)

If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest one.

See Updating or restoring a server certificate.

See Backing up a server certificate.

Step 4: Save the IP address and host name of the management server to a text file (optional)

If you have a catastrophic hardware failure, you must reinstall the management server using the IP address and host name of the original management server.

Add the IP address and host name to a text file, such as: Backup.txt.

Step 5: Store the backup data in a secure location off-site

Copy the files you backed up in the previous steps to another computer