About the disaster recovery process
The disaster recovery process requires you to sequentially complete the following procedures:
Restore the Symantec Endpoint Protection Manager.
Restore the server certificate.
Restore client communications.
Note: How you restore client communications depends on whether or not you have access to a database backup.
Restoring the Symantec Endpoint Protection Manager
If you have a disaster, recover the files that were secured after initial installation. Then open the Backup.txt file that contains the passwords, domain IDs, and so
forth.
About identifying the new or the rebuilt computer
If you had a catastrophic hardware failure, you may need to rebuild the computer. If you rebuild the computer, you must assign it the original IP address and host
name. This information should be in the Backup.txt file.
Reinstalling the Symantec Endpoint Protection Manager
The key task to perform when you reinstall the Symantec Endpoint Protection Manager is to type the same encryption password you specified during installation
of Symantec Endpoint Protection Manager on the server that failed. You should also use the same settings that you used for other options during the previous
installation, such as Web site creation, database type, and password used for the admin user account.
Restoring the server certificate
The server certificate is a Java keystore that contains the public certificate and the private-public key pairs. You must enter the password that is contained in the
Backup.txt file. This password is also in the original server_timestamp.xml file.
To restore the server certificate
Log on to the Console, and then click
Admin.
In the Admin pane, under Tasks, click
Servers.
Under View Servers, expand Local Site, and then click the computer name that identifies the local site.
Under Tasks, click
Manage Server Certificate.
In the "Welcome" panel, click
Next.
In the Manage Server Certificate panel, check
Update the Server Certificate and click
Next.
Under "Select the type of certificate to import", check
JKS keystore and click
Next.
Note: If you have implemented one of the other certificate types, select that type.
In the "JKS Keystore" panel, click
Browse, locate and select your backed up as "keystore_<timestamp>.jks" keystore file, and then click
OK.
Open your disaster recovery text file and then select and copy the keystore password.
Activate the "JKS Keystore" dialog box and then paste the keystore password into the "Keystore" and "Key" boxes.
Note: The only supported paste mechanism is Ctrl + V.
Click
Next.
Note: If you get an error message that says you have an invalid keystore file, it is likely you entered invalid passwords. Retry the password copy and paste process as described above.
In the "Complete" panel, click
Finish.
Log off of the Console.
Click
Start>
Settings>
Control Panel>
Administrative Tools>
Services.
In the "Services" window, right-click
Symantec Endpoint Protection Manager and click
Stop.
Note: Do not close the Services window until you are finished with disaster recovery and establish client communications.
Right-click
Symantec Endpoint Protection Manager and click
Start.
Note: By stopping and starting Symantec Endpoint Protection Manager, you fully restore the certificate.
Restoring client communications
If you have access to a database backup, you can restore this database and then resume client communications. The advantage to restoring with a database backup
is that your clients reappear in their groups and they are subject to the original policies. If you do not have access to a database backup, you can still recover
communications with your clients, but they appear in the "Temporary group." Then you can recreate your group and your policy structure.
Restoring client communications with a database backup
You cannot restore a database on a computer that runs an active Symantec Endpoint Protection Manager service. You must stop and start it a few times.
To restore client communications with a database backup
If you closed the Services window, click
Start>
Settings>
Control Panel>
Administrative Tools>
Services.
In the Services window, right-click
Symantec Endpoint Protection Manager, and then click
Stop.
Note: Do not close the Services window until you are finished with this procedure.
Create the following directory:
\\Program Files\Symantec\Symantec Endpoint Protection Manager\data\backup
Copy your database backup file to the directory.
Note: By default, the database backup file is named date_timestamp.zip.
Click
Start>
Programs>
Symantec Endpoint Protection Manager>
Database Back Up and Restore.
In the Database Back Up and Restore dialog box, click
Restore.
In the Restore Site dialog box, select the backup file that you copied to the backup directory, and then click
OK.
Note: The database restoration time varies and depends on the size of your database.
When the Message prompt appears, click
OK.
Click
Exit.
Click
Start>
Programs>
Symantec Endpoint Protection Manager>
Management Server Configuration Wizard.
In the Welcome panel, check
Reconfigure the Management Server, and then click
Next.
In the Server Information panel, modify input values if necessary to match previous inputs, and then click
Next.
In the Database Server Choice panel, check the database type to match the previous type, and then click
Next.
In the Database Information panel, modify and insert input values to match previous inputs, and then click
Next.
Note: The configuration takes a few minutes.
In the Configuration Completed dialog box, click
Finish.
Log on to the Symantec Endpoint Protection Manager Console.
Right-click your groups, and then click
Run Command on Group>
Update Content.
Note: If the clients do not respond after about one half hour, restart the clients.
Restoring client communications without a database backup
For each domain that you use, you must create a new domain and insert the same domain ID into the database. These domain IDs are in the disaster recovery
text file if they were typed in to this file. The default domain is the "Default domain."
A best practice is to create a domain name that is identical to the previous domain name. To recreate the "Default (default) domain", append some value such as "_2"
( Example: Default_2). After you restore domains, you can delete the old default domain. Then rename the new domain back to "Default."
To restore client communications without a database backup
Log on to the Symantec Endpoint Protection Manager Console.
Click
Admin.
In the "System Administrator" pane, click
Domains.
Under "Tasks", click
Add Domain.
Click
Advanced.
Open the disaster recovery text file, select and copy the domain ID and then paste the domain ID into the "Domain ID" box.
Click
OK.
Repeat this procedure for each domain to recover.
Under "Tasks", click
Administer Domain.
Click
Yes on the "Administer Domain" dialog box.
Click
OK.
Restart all of the client computers.
Note: The computers appear in the Temporary group.
If you use one domain only, delete the unused Default domain, and rename the newly created domain to Default.