Data Loss Prevention

 View Only
Back to Library

Symantec Enforce Recovery || Reinstall 

Jul 02, 2018 04:42 PM

Please follow the steps listed below:

Recently I have done the enforce recovery by uininstalling and recovering back to original one.

1. Backup your config folder  located at Symantec DLP\protect.

2. Backup your plugins folder  located at Symantec DLP\protect

3. Backup the .keystore file located at Symantec DLP\protect\tomcat\conf

4. Backup the keystore folder located at Symantec DLP\protect

5. Create EnforceReinstallationResources.zip containg config and keystore folder. (Note this is manual process of creating EnforceReinstallationResources.zip, if you want to get it automatically then at the time you uninstall the enforce it will ask you to save the previous configuration the same file will be created  in SymantecDLP Folder, you can use that file to resinstall the enforce server.

6. Resinstall the Enforce Server using ProtectInstaller64_15.0.exe and make sure you uncheck the Initialize Enforce Data check box if you want to perform a recovery operation.

7. It will ask EnforceReinstallationResources.zip browse the location where you stored it and click next.

8. If you get an error like this : Failed to encrypt the password file. Installation will abort,  then click OK to abort.

9. Even if installation is aborted, it will create the Symantec DLP Folder at the installed location.

10. Maunally copy the CryptoMasterKey.properties and Encryption key(not sure abou the exact name but the file type will be key file) located under config folder which you already had the backup to SymantecDLP\protect\config

11. Again reinstall the eforce server and this time you will not get any error.

12. After reinstalltion, stop the vontu services, replace plugin folder and .keystore file which you have taken the backup earlier.

13. Start the Vontu services, Now go to Keystore folder. check if certificate_authority_v1.jks is same as the file located in the backup of keystore folder.

14. if not replace the file with original file and update it on oracle by going to DB and connecting it to sql plus using protect folder and executing this command: 

update certificate set CERTIFICATEFILENAME=’certificate_authority_v1.jks’ where CERTIFICATEID=1;

15. check if Agents are reporting or not.

Regards

Satyajeet Anand.

Statistics
0 Favorited
29 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Stephen Heider
Jul 15, 2022 01:56 PM

As "Symantec DLP\protect" refer to legacy file paths (DLP v15.0 and prior), be sure to take note of current System Maintenance guides for expected paths to keystore and other folders.

Also, for SMTP Prevent Detection Servers, and for Enforce Servers using the the Cloud Services, there is a second keystore directory - located in "ProgramData" root - and that's the one you need to backup!

Related Entries and Links

No Related Resource entered.