The Backing Up tab actions enable you to back up your McAfee® Network Security Platform data on-demand or by a set schedule. Regularly backing up your data (alerts, saved reports, logs) and configuration settings is strongly recommended to maintain the integrity of your system.
McAfee® Network Security Platform 6.0 Managing your Network Security Manager database
Figure 43: Backing Up Tab
Note: Restoration of stored data must be performed using the standalone Database Admin tool. This tool is explained in this section.
The Backing Up tab and the standalone tool provide the following functions:
• Backing up your Manager data: (on page 46) Save your data to your Manager server, a network server, or a device such as a zip drive.
• Automating a backup for your Manager (on page 48): Set a frequency for backing up McAfee® Network Security Manager (Manager) data.
• Using the Database Admin Tool (on page 52): Backup and restore via the standalone Database Admin tool.
Backing Up Using the Database Admin Tool (on page 53) Restoring Data Using the Database Admin Tool (on page 54)
Note 1: Before an All Tables or Audit Tables backup, it is recommended that you shut down the McAfee® Network Security Manager (Manager). Therefore, McAfee recommends using the standalone Database Admin tool rather than your Manager for such backups.
Note 2: Data restore can only be performed using the standalone tool. For more information on database backup, see Managing your Network Security Manager Database (on page 38).
Backup and restore best practices
Note the following suggestions for successful backup and restore of Network Security Platform data:
• Protect your backups from tampering by creating a digital fingerprint of the file using a hash function such as MD5 or SHA-1.
• Back up your configuration data after major changes, such as created admin domains, McAfee® Network Security Sensor (Sensor) addition, port configuration, and policy additions/modifications.
• The All Tables and Audit Tables options can be rather large in size, depending upon the amount of alert data in your database. McAfee recommends saving these types of backups to an alternate location, preferably an alternate system.
• When scheduling backups, set a unique time when no other scheduled functions (archivals, database tuning) are running. The time should be a minimum of an hour after/before other scheduled actions.
• When restoring your data, note that all related table information in the database is overwritten. For example, restoring a Config Tables backup overwrites all current information in the configuration table of the database. Thus, any changes not backed up are erased in favor of the restored backup.
McAfee® Network Security Platform 6.0 Managing your Network Security Manager database
• While a MySQL backup is performed, the tables being backed up are placed in a READ LOCAL LOCK state. New records can be inserted in these tables while the backup is in progress, although these new records will not show up in the backup.
However updates/modifications of existing records are not allowed during the backup.
While a backup is in progress, you will not be able to perform the following activities:
Modify the configuration Acknowledge and delete alerts Acknowledge and delete faults Add audit log entries
Purge the alert and packet logs Perform database tuning.
• New alerts and packet logs will continue to be added to the database during the backup.
• In case of problems during database backup or restore, try after you complete the following tasks:
Exclude the following MySQL directories from anti-virus scanning:
• data
• innodbdata
Create a new directory like c:\mysqltmp, which will act as temporary directory for MySQL database. If the system has multiple physical disks, then McAfee
recommends that you create this directory on a drive different than where Network Security Platform and MySQL are installed to spread the load effectively.
Include the following entry in the \\<Network Security Platform install directory>
\mysql\my.ini file under [mysqld] section: tmpdir=c:/mysqltmp Restart both Network Security Platform and MySQL services.
Back up of your Manager (or Central Manager) data
You can back up your Manager data to your Manager server, or another media connected to your Manager, such as a tape drive. The backup file is saved by default within Manager program installation folder at <Network Security Manager install
directory>\App\Backups.
The above is applicable to Network Security Central Manager (Central Manager) as well.
To back up your Manager data using Manager server:
McAfee® Network Security Platform 6.0 Managing your Network Security Manager database
1 Select Manager > Backing Up > Now.
Figure 44: Backing Up Now Page
Note: To backup your Central Manager data, select Central Manager> Backing Up >
Now. The fields displayed are similar to that in Manager described below.
2 Select one of the following Type choices. These choices will backup information as described below:
Figure 45: Backup Type Choices
All Tables: provides backup for the entire database, that is, all configurations, user activity, and alert information.
Audit Tables: provides backup information related to user activity and Manager Health Status.
Config Tables: provides backup for the Manager configuration.
Event Tables: will backup alert, packetlog, host and Sensor performance events.
Trend Tables: will backup the trend patterns (daily/weekly/monthly) of alerts and Sensor performance events. The backup also includes the first-seen attack statistics.
Caution: Do not make modifications to existing database records while doing an All Tables or Audit Tables backup, since such modifications are not allowed while a backup is occurring.
McAfee® Network Security Platform 6.0 Managing your Network Security Manager database
3 Type a Target File Name. You can use alphanumeric characters including hyphens and underscores (for example, backup_01-10-03).
4 (Optional) Type a location different from the default to be your Alternate Target Backup Directory.
5 (Optional) Type a description of your backup in Description.
6 Click Backup. After a few moments, the following message appears: “Successfully backed-up data.” The backup information appears in the List of Previous Backups. At the backup location, an XML file with the backup file name contains the description entered in the Description field.
Note: Previous backups can be exported to a desired location by selecting the radio button against the backup in the Previous Backups list and clicking the Export button.
The selected Backup in the Previous Backup list be deleted using the Delete button.
Automating a backup for your Manager (or Central Manager)
The Schedule action enables you to schedule the backup of your system configuration.
Setting a schedule also allows you to work on other configurations without having to worry constantly about manually saving your work. Scheduled backups are saved by default to your installation folder: <Network Security Manager install
directory>\App\Backups\ScheduledBackups.
Note: By default, your Config Tables are scheduled for back up every Sunday at 0 Hrs 5 Min. Each scheduled backups is saved to the default scheduled back up folder.
To schedule a backup, do the following:
1 Select Manager > Backing Up > Automation.
Note: To run the database backup automation for your Central Manager data, select Central Manager> Backing Up > Automation. The fields displayed are similar to that in Manager described below.
Default Target Backup Directory: displays the location of the backup directory.
2 Note Yes is selected by default at Schedule a Backup?. Select No at any time to turn off the scheduled backup.
3 Select a backup Frequency:
Daily: select the daily time to backup.
Weekly: select the day and time to backup.
Note 1: If you want an immediate backup of Manager data, perform the Now action. For more information, see Backing up your Manager (or Central Manager) data (on page 46).
Note 2: You can click View Scheduler Detail to see the when processes are scheduled. These processes can include data backups, database maintenance, and file maintenance actions. Based on this information, you can choose an appropriate time for the backup you are currently scheduling.
4 Select the backup Type from the following:
Note: You can only set a schedule for one backup Type at any given time.
All Tables: all configuration, audit and alert information.
Audit Tables: backup information related to user activity and Manager Health Status.
McAfee® Network Security Platform 6.0 Managing your Network Security Manager database
Config Tables: only tabled information for the Manager configuration.
Event Tables: information on alert, packetlog, host and Sensor performance events.
Trend Tables: trend patterns (daily/weekly/monthly) of alerts and Sensor performance events. The backup also includes the first-seen attack statistics.
Caution: Do not make modifications to existing database records while doing an All Tables or Audit Tables backup since such modifications are not allowed.
5 (Optional) Type the location of the Backup Directory if different from the default directory.
6 Click Save.
Figure 46: Back Up Scheduler