Knowledge Base

Plan for Disaster Recovery and High Availability with Dell Security Management Server\Dell Data Protection Server


Additional precautions must be considered when planning for disaster recovery and/or high availability with Dell Security Management Server (formerly Dell Data Protection | Enterprise Edition or Virtual Edition Server).


Affected Products:

Dell Data Protection | Enterprise Edition
Dell Security Management Server
Dell Data Protection | Virtual Edition
Dell Security Management Server Virtual




Many environments are looking to mitigate risk by having viable recovery plan.

For the purposes of disaster recovery, ensure the following locations are backed up weekly, with nightly differentials.


The files in "<Drive>:\Program Files\Dell" should be backed up on a regular basis. Weekly backups of this data are acceptable since it should rarely change and can be manually reconfigured if needed. The most critical files are listed below.

These two files store information necessary to connect to the database.

<Drive>:\Program Files\Dell\Enterprise Edition\Compatibility Server\conf\server_config.xml
<Drive>:\Program Files\Dell\Enterprise Edition\Compatibility Server\conf\secretKeyStore

Perform nightly full backups with transactional logging enabled.


Dell Security Management Server Virtual automatically performs backups of configuration files and database files. Nightly backups are stored locally on the server at /opt/dell/vsftpd/files/backups.

These backups should be regularly pulled from the server and stored in a secure location.


Dell Security Management Server Entperprise and Virtual do not support an Active/Active method of redundancy. It is highly recommended to only have a single back-end server and adhere to the recommended Disaster Recovery planning. Due to the nature of how keys are stored on local endpoints, always-up availability is not required.

For organizations who do wish to explore further redundancy, we can have Hot/Cold servers in place.

Note: Due to caching in Dell Data Protection Server services, Hot/Cold servers may not be active at the same time. If this happens, there is a likelihood of causing IRREPARABLE DAMAGE AND POTENTIAL DATA LOSS to the server.

An organization can choose to utilize a SQL cluster database server with Dell Security Management Server Enterprise. In this configuration, the Dell Security Management Server Enterprise should be configured to use the SQL cluster IP or hostname.

Note: Database replication is not supported.

Endpoint traffic can be distributed between front-end servers and the back-end server. Optionally, multiple front-end servers can also be placed in the DMZ for activating endpoints and/or publishing policies to endpoints over the Internet.

Here is an example of an extremely large environment that may be leveraging all technologies mentioned above.


(Caption 1: English Only – Dell Data Security network diagram)


For additional support, US based customer can call Dell Data Security ProSupport at: 877.459.7304 Ext. 4310039 or you may also contact us via the Chat Portal. For support outside the US, reference ProSupport’s International Contact Numbers list. Visit the Dell Security Community Forum to get insights from other community members and additional resources to help you manage your environment.


Article ID: SLN292355

Last Date Modified: 11/17/2017 11:30 AM


Rate this article

Accurate
Useful
Easy to understand
Was this article helpful?
Yes No
Send us feedback
Comments cannot contain these special characters: <>()\
Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.