Critical System Protection

 View Only

  • 1.  CSP management server 5.2.9

    Posted Nov 13, 2014 03:42 AM

    Hi Symantec.

    I would ask some question, how to prevention backup the Symantec CSP management server and configuration, So if someday I have some error or crash I can restore as soon as possible.

    Many Thanks.

     

     



  • 2.  RE: CSP management server 5.2.9

    Posted Nov 13, 2014 11:30 AM

    You need to be sure to save the following files.  With these files you can recover even if the database is lost.

    /Server/tomcat/conf/server.xml
    /Server/agent-cert.ssl
    /Server/server-cert.ssl

    Then, be sure to regularly export all of your policies and configs and store them in a safe place so you can import them back into a new database in case the database is completly lost.  There is nothing worse in a CSP recovery than having to recreate all your policies.

    Be sure to do regular full database backups, with incremental (tranaction log) backups in between the full backups and store them on a different drive or backup server.

    Here are a couple of links to CSP disaster recovery articles.  Not that these also apply to the newer 6.x Data Center Security (the new name for CSP)

    http://www.symantec.com/business/support/index?page=content&id=TECH182047

    http://www.symantec.com/business/support/index?page=con.tent&id=HOWTO42154



  • 3.  RE: CSP management server 5.2.9

    Posted Nov 13, 2014 09:03 PM

    Dear Mr Chuck.

    Many thanks for your guide and assist. it is very detail and helpfull for me to learn as symadm CSP.

    Warm Regard....



  • 4.  RE: CSP management server 5.2.9

    Posted Nov 13, 2014 10:41 PM

    Dear Symantec.

    One more question related this post.

    I have 30 agents with IPS & IDS protected, if someday my CSP management server crash or error and recover need long time, how to unlock the 30 agent from all CSP policies protected, sure in that condition all windows parameter and captcha tool have protected by administrator.

    Have some tools or maybe guidance, 

    Many thanks..



  • 5.  RE: CSP management server 5.2.9

    Posted Nov 14, 2014 03:34 PM

    You can either give a user or OU (group) permission to use the Poicy Override Tool, OR you can boot into safe mode in Windows and reset the policy to NULL by running the "sisipsconfig -r" command. 

    On -IX, you would have to boot into single user mode and remark out the line that loads the IPS driver in init.d, or run the ./sisipsconfig.sh -r command and reboot.

     

    [Edit:  Fixed Unix command]