Additional precautions must be considered when planning for disaster recovery and/or high availability with Dell Security Management Server (formerly Dell Data Protection | Enterprise Edition or Virtual Edition Server).
Dell Security Management Server
Dell Data Protection | Enterprise Edition
Dell Security Management Server Virtual
Dell Data Protection | Virtual Edition
Many environments are looking to mitigate risk by having viable recovery plan.
For the purposes of disaster recovery, ensure the following locations are backed up weekly, with nightly differentials.
The files in "<Drive>:\Program Files\Dell" should be backed up on a regular basis. Weekly backups of this data are acceptable since it should rarely change and can be manually reconfigured if needed. The most critical files are listed below.
These two files store information necessary to connect to the database.
<Drive>:\Program Files\Dell\Enterprise Edition\Compatibility Server\conf\server_config.xml
<Drive>:\Program Files\Dell\Enterprise Edition\Compatibility Server\conf\secretKeyStore
Perform nightly full backups with transactional logging enabled.
Audit events are stored in the PostgreSQL server, which should be routinely backed up. For backup instructions, refer to https://www.postgresql.org/docs/9.5/static/backup.html .
Dell recommends that database best practices are used for the PostgreSQL database and that Dell software is included in your organization's disaster recovery plan.
Dell Security Management Server Virtual automatically performs backups of configuration files and database files. Nightly backups are stored locally on the server at /opt/dell/vsftpd/files/backups.
These backups should be regularly pulled from the server and stored in a secure location.
Dell Security Management Server Entperprise and Virtual do not support an Active/Active method of redundancy. It is highly recommended to only have a single back-end server and adhere to the recommended Disaster Recovery planning. Due to the nature of how keys are stored on local endpoints, always-up availability is not required.
For organizations who do wish to explore further redundancy, we can have Hot/Cold servers in place.
Note: Due to caching in Dell Data Protection Server services, Hot/Cold servers may not be active at the same time. If this happens, there is a likelihood of causing IRREPARABLE DAMAGE AND POTENTIAL DATA LOSS to the server.
An organization can choose to utilize a SQL cluster database server with Dell Security Management Server Enterprise. In this configuration, the Dell Security Management Server Enterprise should be configured to use the SQL cluster IP or hostname.
Note: Database replication is not supported.
Endpoint traffic can be distributed between front-end servers and the back-end server. Optionally, multiple front-end servers can also be placed in the DMZ for activating endpoints and/or publishing policies to endpoints over the Internet.
Here is an example of an extremely large environment that may be leveraging all technologies mentioned above.
(Caption 1: English Only – Dell Data Security network diagram)
For support, US-based customers may contact Dell Data Security ProSupport at 877.459.7304, Option 1, Ext. 4310039, or via the Chat Portal. To contact support outside the US, reference ProSupport’s International Contact Numbers. For additional insights and resources, visit the Dell Security Community Forum.