Endpoint Protection Small Business Edition

 View Only

  • 1.  What Exactly is the Recovery Key?

    Posted May 01, 2013 11:01 AM

    We have SEP 12.1.2 MP1 installed on the server with the SEP manager. I was looking in the SEP Manager folder in program files on the server SEPM is installed on and noticed a folder "Server Private Key Backup," what exactly is this? We do a back up of the database weekly but I don't believe we back this up. What exactly is it and would it be needed if we had to restore from a database back up for some reason?



  • 2.  RE: What Exactly is the Recovery Key?

    Posted May 01, 2013 11:09 AM

    It contains the files needed in the event of a disaster recovery procedure. If you don't have these, you would need to re-install SEPM and manually connect all the clients.

    https://www-secure.symantec.com/connect/forums/three-xml-files-server-private-key-backup

     

    Preparing for disaster recovery

    Article:HOWTO80825  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO80825

     

    Symantec Endpoint Protection 12.1: Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager

    Article:TECH160736  |  Created: 2011-05-24  |  Updated: 2013-04-04  |  Article URL http://www.symantec.com/docs/TECH160736

     



  • 3.  RE: What Exactly is the Recovery Key?

    Trusted Advisor
    Posted May 01, 2013 12:58 PM

    Hello,

    Check this Article:

    Contents of the Symantec Endpoint Protection 12.1 recovery file

    http://www.symantec.com/docs/TECH162311

    Certificates are the industry standard for authenticating and encrypting sensitive data. To prevent the reading of information as it passes through routers in the network, data should be encrypted.

    To communicate with the clients, the management server uses a server certificate. For the management server to identify and authenticate itself with a server certificate, Symantec Endpoint Protection Manager encrypts the data by default. However, there are situations where you must disable encryption between the server and the client.

    The management server supports the following types of certificates:

    • JKS Keystore file (.jks) (default)

      A Java tool that is called keytool.exe generates the keystore file. The Java Cryptography Extension (.jceks) format requires a specific version of the Java Runtime Environment (JRE). The management server supports only a .jceks keystore file that is generated with the same version as the Java Development Kit on the management server.

      The keystore file must contain both a certificate and a private key. The keystore password must be the same as the key password. You can locate the password in the following file:

      Drive:\\Program Files\Symantec\ Symantec Endpoint Protection Manager\Server Private Key Backup\recovery_timestamp.zip. The password appears in the keystore.password= line.

    • PKCS12 keystore file (.pfx and .p12)

    • Certificate and private key file (.der and .pem format)

      Symantec supports unencrypted certificates and private keys in the .der or the .pem format. .Pkcs8-encrypted private keys are not supported.

    Secondly, Check this Article:

    About server certificates

    http://www.symantec.com/docs/HOWTO81145

    Hope that helps!!



  • 4.  RE: What Exactly is the Recovery Key?

    Broadcom Employee
    Posted May 16, 2013 06:59 AM

    Hi,

    When you install the Symantec Endpoint Protection Manager, a file named recovery <timestamp>.zip is created. This file contains the information that is required to restore communication between a Symantec Endpoint Protection Manager and the Symantec Endpoint Protection clients. You use this file if the manager needs to be reinstalled for any reason. During the re-installation process, you are prompted to select the recovery file.

    Key components of the recovery file

    • The server private key (the tomcat keystore)
    • The server private key password (to unlock the tomcat keystore)
    • The encryption password (also known as the “KCS Key”)
    • The DomainID
    • The Apache SSL keys
    • Configured TCP port numbers

    Symantec strongly recommends that you back-up your recovery file and store it in a safe place whenever you install, re-install, or reconfigure the manager. See the Symantec Endpoint Protection and Symantec Network Access Control Implementation Guide for more information about using and backing up the recovery file.

    NOTES:

    • The recovery file does not restore policies or groups, which are stored in the Symantec Endpoint Protection Manager database. If the database requires recovery, you must restore it from a backup. See the Symantec Endpoint Protection and Symantec Network Access Control Implementation Guide for more information about recovering the Symantec Endpoint Protection Manager database .
       
    • Additional recovery files will be generated when upgrading to a newer version or after some configuration changes. The filename format is: Recovery_yyyy_mm_dd_hh_mm_ss.zip

    Reference:

    Contents of the Symantec Endpoint Protection 12.1 recovery file

    http://www.symantec.com/docs/TECH162311