Backing up the embedded database: On-demand
Here we can see how we can back up the database on demand. From the Admin page we've got the Back Up Database Now option and from the Start Menu > SEPM Tools, we can back up the database from there too.
Backing up the embedded database: Scheduled
We can also set up a schedule to back up the database at a regular interval. So here we've set up the backup server using SEPM01. This is quite useful if you have multiple SEPMs accessing the same database. You can choose which SEPM is going to be responsible for taking the load of doing the backup. We can see the backup path. This isn't editable. This is the only location where the backup is stored, so you need to make sure that's the location that's being backed up and taken offsite. You can choose the number of backups to keep in this location. We can back up logs as well if you wish, that will obviously make the backup larger, and we have the Schedule Settings.
You can set up schedules for the automatic backup of both MS SQL and embedded databases in the SEPM.
Backups occur automatically at the scheduled time. Backup files are stored in a backup folder created in the path specified for the server data root.
To back up an embedded database from the SEPM console, in the SEPM console, click Admin. On the Admin page, click Servers and under View, click the icon that represents the embedded database.
Under Tasks, click Edit Backup Settings.
In the Backup Settings for Local Site dialog box, mark the Schedule Backups checkbox and specify the backup schedule.
The backup is placed in a zip file labeled with the date on which the backup occurs.
Restoring the embedded database
And of course if we've done backups, we can do a restore of the database. To do the restore, we need to ensure the console is logged off and the service is stopped. Then from the Start Menu we choose the Database Back Up and Restore and then select the Restore option. You then need to drill down and find the particular backup to restore from. It will be searching that one database backup location. So if you have taken your database backups offsite, you would need to make sure they're being copied back to that location before you run this process.
Configuring database maintenance
We need to ensure that our database is maintained. We can edit the database properties and set up General and Log Settings. That will enable us to prune the database size so we're only keeping a certain amount of data. We can choose to manage it by a number of entries or a number of days. Anything outside of that time will then be deleted. It's worth remembering and worth checking your compliance for this site because once the data has been deleted, it's not available for analysis or reporting.
Database maintenance options help you to manage the size of your database by specifying how long to keep data.
To configure database event options:
On the console, click Admin, select a site and click Edit Site Properties.
Click Database and on the Database tab, set the days to keep risk events. Set how frequently you want to compress identical risk found events into a single event and the number of days to keep the compressed events.
Preparing for disaster recovery
So to prepare for disaster recovery, we need to make sure of course we've got all the backups of not only the database but also all the relevant files that are needed to recover the SEPM environment. Here we can see the database default backup file location. And we need to back up the disaster recovery file, which is another important file holding a lot of settings relevant to the configuration. We need to save the IP address and the host name of the SEPM so we can recreate it, and copy the files to the secure location.
The disaster recovery file
The disaster recovery file holds a number of different information like the Apache details, the certificates and licensing, also the settings.propertiesfile holding a lot of very key information including your encryption password.
Best practice: Disaster recovery preparations
So some best practices for disaster recovery preparations. We have got a very good reference in the Implementation Guide for Preparing for a disaster recovery. But you need to make sure you have your relevant files including the sylink.xml, your disaster recovery files. Record all the names of the servers, the host names, the IPs. Make sure you know the information about the site details, the settings.propertiesfile, and make sure you test your disaster recovery procedure.
Performing disaster recovery
So to perform a disaster recovery we need to restore the SEPM Manager using that disaster recovery file, which will restore the database to the point in time.
Article: Symantec Endpoint Protection 12.1: Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager
Article : How to move Symantec Endpoint Protection Manager embedded database file to another folder?