Disaster Recovery Advice for Symantec Mobile Security 7.2 and Symantec Mobile Management 7.2
Last Updated September 10, 2013
What recommendations can be made to ensure that Symantec Mobile Security 7.2 (SMS 7.2) and/or and Symantec Mobile Management 7.2 (SMM 7.2) will continue to function despite the loss of the server to which the mobile devices report?
Important note: These instructions are provided "as is" and as general guidelines for backup and recovery of a Mobile Management or Mobile Security server. Symantec is not responsible for loss or damage in any part due to these guidelines. Each customer environment can potentially be configured differently, thus altering the validity of these instructions. It assumes you have implemented regular backup processes on other vital parts of your organizations infrastructure. This includes, but is not limited to, backup of Active Directory, DNS, Certificate Authority, reverse proxy hosts, Exchange, and SQL servers. It also assumes you run regular backup and recovery drills, validating your organization's business continuity and disaster recovery procedures.
The management components of SMS 7.2 and SMM 7.2 are installed on the Symantec Management Platform (SMP), formerly known as the Altiris Notification Server. The Disaster Recovery documentation for this platform will cover all products which are installed on that platform, including SMS and SMM.
Important points to note:
If your backup / recovery solution is capable of backing up full server disk volume contents, you should backup all disk volumes of your Symantec Management Platform (SMP). Restoring the entire server in case of catestrophic failure can be more quickly accomplished than rebuilding a new server and manually restoring each of the necessary components.
When initially installing the SMP, it is possible to use a local MS SQL database or a MS SQL database that is on a remote server. In many cases, disaster recovery is easier if the MS SQL database is on a remote server or server cluster. The failed SMP will be rebuilt, but all data will still be intact on the remote server.
Whether local or remote, Symantec recommends backing up the SMP's MS SQL database frequently. The backups should not be kept on the same server as the MS SQL database, in case the MS SQL server fails.
It is important that a rebuilt SMP is brought online with the same name and IP address as the original SMP. Mobile clients communicate to this IP. Any reconfiguration to a different IP address would have to be done manually, and may not be practical in very large environments.
Should a server which is acting as a Mobile Security Gateway (MSG) be lost, a new Symantec Management Agent (Altiris client) and MSG can be deployed to a recovered server with that same IP address. Mobile devices configured to use that MSG should then resume communicating with the management server.