To prepare for recovery after a hardware failure or database corruption, you should back up the information that is collected after you install Symantec Endpoint Protection Manager.

Preparing for disaster recovery

Performing disaster recovery

Preparing for disaster recovery

Table: High-level steps to prepare for disaster recovery

Step

Description

Step 1: Back up the database

Back up the database regularly, preferably weekly.

By default, the database backup folder is saved to the following default location:

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup

The backup file is called date_timestamp.zip.

See Backing up the database and logs.

Step 2: Back up the disaster recovery file

The recovery file includes the encryption password, keystore files domain ID, certificate files, license files, and port numbers. By default, the file is located in the following directory:

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup\recovery_timestamp.zip

The recovery file only stores the default domain ID. If you have multiple domains, the recovery file does not store that information. If you need to perform disaster recovery, you must re-add the domains.

See Adding a domain.

Step 3: Update or back up the server certificate (optional)

If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest one.

See Updating or restoring a server certificate.

See Backing up a server certificate.

Step 4: Save the IP address and host name of the management server to a text file (optional)

If you have a catastrophic hardware failure, you must reinstall the management server using the IP address and host name of the original management server.

Add the IP address and host name to a text file, such as: Backup.txt.

Step 5: Store the backup data in a secure location off-site

Copy the files you backed up in the previous steps to another computer

Performing disaster recovery

Table: Process for performing disaster recovery lists the steps to recover your Symantec Endpoint Protection environment in the event of hardware failure or database corruption.

Before you follow these steps, make sure that you made backups and recovery files.

Table: Process for performing disaster recovery

Step

Action

Step 1: Reinstall Symantec Endpoint Protection Manager using a disaster recovery file.

By reinstalling the management server, you can recover the files that were saved after initial installation.

See Reinstalling or reconfiguring Symantec Endpoint Protection Manager.

If you reinstall Symantec Endpoint Protection Manager on a different computer and without using the disaster recovery file, you must generate a new server certificate.

See Generating a new server certificate.

Step 2: Restore the database.

You can restore the database with or without a database backup.

See Restoring the database.

Step 3: Re-enable Federal Information Processing Standards (FIPS) 140-2 compliance. (optional)

If you use a FIPS-compliant version of Symantec Endpoint Protection and have FIPS compliance enabled, after you recover Symantec Endpoint Protection Manager, you must reenable FIPS compliance.

This setting is not stored in the disaster recovery file.

See Backing up your license files.

See Exporting and importing server settings.

See: Disaster recovery best practices for Endpoint Protection.

Legacy ID: v18588940_v81626096
  • Endpoint Protection

    14.2 RU1, 14.2 MP1, 14.2, 14.0.1 MP2, 14.0.1 MP1, 14.0.1, 14.0.0 MP2, 14 MP1, 14, 12.1 RU6 MP8, 12.1 RU6 MP7, 12.1 RU6 MP6, 12.1 RU6 MP5, 12.1 RU6 MP4, 12.1 RU6 MP3, 12.1 RU6 MP2, 12.1 RU6 MP1, 12.1 RU6, 12.1 RU5, 12.1 RU4, 12.1 RU3, 12.1 RU2

Thanks for your feedback. Let us know if you have additional comments below. (requires login)

    © 1995-2019 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.