To prepare for recovery after a hardware failure or database corruption, you should back up the information that is collected after you install Symantec Endpoint Protection Manager.
Preparing for disaster recovery
Performing disaster recovery
Preparing for disaster recovery
Table: High-level steps to prepare for disaster recovery
Step |
Description |
Step 1: Back up the database |
Back up the database regularly, preferably weekly. By default, the database backup folder is saved to the following default location: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup The backup file is called date_timestamp.zip. See Backing up the database and logs. |
Step 2: Back up the disaster recovery file |
The recovery file includes the encryption password, keystore files domain ID, certificate files, license files, and port numbers. By default, the file is located in the following directory: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup\recovery_timestamp.zip The recovery file only stores the default domain ID. If you have multiple domains, the recovery file does not store that information. If you need to perform disaster recovery, you must re-add the domains. See Adding a domain. |
Step 3: Update or back up the server certificate (optional) |
If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest one. See Updating or restoring a server certificate. See Backing up a server certificate. |
Step 4: Save the IP address and host name of the management server to a text file (optional) |
If you have a catastrophic hardware failure, you must reinstall the management server using the IP address and host name of the original management server. Add the IP address and host name to a text file, such as: Backup.txt . |
Step 5: Store the backup data in a secure location off-site |
Copy the files you backed up in the previous steps to another computer |
Performing disaster recovery
Table: Process for performing disaster recovery lists the steps to recover your Symantec Endpoint Protection environment in the event of hardware failure or database corruption.
Before you follow these steps, make sure that you made backups and recovery files.
Table: Process for performing disaster recovery
Step |
Action |
Step 1: Reinstall Symantec Endpoint Protection Manager using a disaster recovery file. |
By reinstalling the management server, you can recover the files that were saved after initial installation. See Reinstalling or reconfiguring Symantec Endpoint Protection Manager. If you reinstall Symantec Endpoint Protection Manager on a different computer and without using the disaster recovery file, you must generate a new server certificate. See Generating a new server certificate. |
Step 2: Restore the database. |
You can restore the database with or without a database backup. See Restoring the database. |
Step 3: Re-enable Federal Information Processing Standards (FIPS) 140-2 compliance. (optional) |
If you use a FIPS-compliant version of Symantec Endpoint Protection and have FIPS compliance enabled, after you recover Symantec Endpoint Protection Manager, you must reenable FIPS compliance. This setting is not stored in the disaster recovery file. |
See Backing up your license files.
See Exporting and importing server settings.
See: Disaster recovery best practices for Endpoint Protection.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)