• No results found

Contivity Configuration Manager Tool Set

N/A
N/A
Protected

Academic year: 2021

Share "Contivity Configuration Manager Tool Set"

Copied!
30
0
0

Loading.... (view fulltext now)

Full text

(1)

Part No. 318759-A Rev 00 December 2004

600 Technology Park Drive Billerica, MA 01821-4130

*318759-A_Rev_00*

Contivity Configuration

Manager Tool Set

(2)

Copyright © 2004 Nortel Networks

All rights reserved. December 2004.

The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks Inc.

The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of that license. The software license agreement is included in this document.

Trademarks

Nortel Networks, the Nortel Networks logo, the Globemark, Unified Networks, Contivity, and Contivity Configuration Manager are trademarks of Nortel Networks.

Adobe and Acrobat Reader are trademarks of Adobe Systems Incorporated. Cloudscape is a trademark of International Business Machines Corporation. Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation. Solaris is a trademark of Sun Microsystems, Inc.

Norton Antivirus is a trademark of Symantec Corporation. The asterisk after a name denotes a trademarked item.

Restricted rights legend

Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013.

Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer software, the rights of the United States Government regarding its use, reproduction, and disclosure are as set forth in the Commercial Computer Software-Restricted Rights clause at FAR 52.227-19.

Statement of conditions

In the interest of improving internal design, operational function, and/or reliability, Nortel Networks Inc. reserves the right to make changes to the products described in this document without notice.

Nortel Networks Inc. does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.

Portions of the code in this software product may be Copyright © 1988, Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms of such portions are permitted, provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distribution and use acknowledge that such portions of the software were developed by the University of California, Berkeley. The name of the University may not be used to endorse or promote products derived from such portions of the software without specific prior written permission.

SUCH PORTIONS OF THE SOFTWARE ARE PROVIDED “AS IS” AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

(3)

Contivity Configuration Manager Tool Set In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices imposed by third parties).

Nortel Networks Inc. software license agreement

This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel Networks Corporation and its subsidiaries and affiliates (“Nortel Networks”). PLEASE READ THE FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE

AGREEMENT. If you do not accept these terms and conditions, return the Software, unused and in the original shipping container, within 30 days of purchase to obtain a credit for the full purchase price.

“Software” is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is copyrighted and licensed, not sold. Software consists of machine-readable instructions, its components, data, audio-visual content (such as images, text, recordings or pictures) and related licensed materials including all whole or partial copies. Nortel Networks grants you a license to use the Software only in the country where you acquired the Software. You obtain no rights other than those granted to you under this License Agreement. You are responsible for the selection of the Software and for the installation of, use of, and results obtained from the Software.

1. Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of the Software on only one machine at any one time or to the extent of the activation or authorized usage level, whichever is applicable. To the extent Software is furnished for use with designated hardware or Customer furnished equipment (“CFE”), Customer is granted a nonexclusive license to use Software only on such hardware or CFE, as applicable. Software contains trade secrets and Customer agrees to treat Software as confidential information using the same care and discretion Customer uses with its own similar information that it does not wish to disclose, publish or disseminate. Customer will ensure that anyone who uses the Software does so only in compliance with the terms of this Agreement. Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or

modifications unless expressly authorized; or d) sublicense, rent or lease the Software. Licensors of intellectual property to Nortel Networks are beneficiaries of this provision. Upon termination or breach of the license by Customer or in the event designated hardware or CFE is no longer in use, Customer will promptly return the Software to Nortel Networks or certify its destruction. Nortel Networks may audit by remote polling or other reasonable means to determine Customer’s Software activation or usage levels. If suppliers of third party software included in Software require Nortel Networks to include additional or different terms, Customer agrees to abide by such terms provided by Nortel Networks with respect to such third party software.

2. Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer, Software is provided “AS IS” without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel Networks is not obligated to provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties, and, in such event, the above exclusions may not apply.

(4)

3. Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF, OR DAMAGE TO, CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL,

INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY. The forgoing limitations of remedies also apply to any developer and/or supplier of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not allow these limitations or exclusions and, in such event, they may not apply.

4. General

a. If Customer is the United States Government, the following paragraph shall apply: All Nortel Networks Software available under this License Agreement is commercial computer software and commercial computer software documentation and, in the event Software is licensed for or on behalf of the United States

Government, the respective rights to the software and software documentation are governed by Nortel Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections 12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).

b. Customer may terminate the license at any time. Nortel Networks may terminate the license if Customer fails to comply with the terms and conditions of this license. In either event, upon termination, Customer must either return the Software to Nortel Networks or certify its destruction.

c. Customer is responsible for payment of any taxes, including personal property taxes, resulting from Customer’s use of the Software. Customer agrees to comply with all applicable laws including all applicable export and import laws and regulations.

d. Neither party may bring an action, regardless of form, more than two years after the cause of the action arose. e. The terms and conditions of this License Agreement form the complete and exclusive agreement between

Customer and Nortel Networks.

f. This License Agreement is governed by the laws of the country in which Customer acquires the Software. If the Software is acquired in the United States, then this License Agreement is governed by the laws of the state of New York.

Open Source License Notices

— The BNR, FPM and SSL-VPN Manager applications include the Kunststoff library (v2.0.2) which is distributed under the terms of the Lesser GNU Public License.

— The BNR, FPM and SSL-VPN Manager applications include the Metouia library (v1.0 alpha) which is distributed under the terms of the Lesser GNU Public License.

— The BNR, FPM and SSL-VPN Manager applications include the Jgoodies library (v1.2.1) which is distributed under the terms of the BSD Open Source License.

— The BNR, FPM and SSL-VPN Manager applications include the JSCH library (v0.1.14) which is distributed under the terms of the BSD Style License.

— The BNR, FPM and SSL-VPN Manager applications include the XML/RPC library (v1.2-b1) which is distributed under the terms of the Apache License 2.0.

— The BNR, FPM and SSL-VPN Manager applications include the Jakarta Commons Net library (v1.2.2, 1.0 for fileupload) which is distributed under the terms of the Apache License 2.0.

— The BNR & FPM applications include the Xstream library (v1.0.1) which is distributed under the terms of the BSD Style License.

— The BNR application includes the Jakarta ORO library (v2.0.8) which is distributed under the terms of the Apache License 2.0.

(5)

Contivity Configuration Manager Tool Set — The BNR application includes the Jcalendar library (v1.2.1) which is distributed under the terms of the

(6)
(7)

Contivity Configuration Manager Tool Set

Contents

Introduction . . . . 9

Firewall Policy Manager tool . . . 10

Concepts: . . . 10

Process: . . . 10

Adding or editing a global device . . . 11

Configuring scope objects . . . 11

Service objects . . . 11 Network objects . . . 12 Policies . . . 12 Rules . . . 13 Apply Policy . . . 14 Importing policies . . . 15 Saving Data . . . 15

Tips & Techniques . . . 16

Exporting . . . 16

File order . . . 16

SSL VPN . . . 17

Read-only SSL VPN support . . . 17

Launching the SSL VPN Manager . . . 17

SSL VPN Initialization Wizard . . . 18

Backup and Restore . . . 20

Full Backup . . . 20

Full Restore . . . 21

Configuration Backup . . . 21

Configuration Restore . . . 21

Adding devices . . . 21

Adding multiple devices from a file . . . 21

Adding a single device . . . 22

Backup operations . . . 23

Restore operations . . . 25

(8)

Advanced topics . . . 27

Enabling FTP . . . 27

Deleting backup plans and devices . . . 27

Saving . . . 28

Hard-copy technical manuals . . . 28

(9)

Contivity Toolset 2.2

Introduction

This guide provides information about the Contivity Configuration Manager 2.2 Tool Set.These tools are bundled with CCM 2.2 to help simplify the management options available to you.

The following tools are included in the tool set: • “Firewall Policy Manager tool” on page 10 • “SSL VPN” on page 17

(10)

Firewall Policy Manager tool

The Firewall Policy Manager is a tool to help you deal with the problem of managing many devices running the Contivity Stateful Firewall Application. This tool allows you to create and edit firewall policies that can be applied to multiple Contivity devices.You can apply these policies to multiple devices in a very short time. You can also save and send policies and rules to other network

administrators using the Firewall Policy Manager.

Firewall Policy Manager only supports Contivity devices running version 4.80 and higher. It only supports device models 1050 and higher.

You can use Firewall Policy Manager to configure override rules and default rules. Interface-specific rules are not supported.

Concepts:

• Policy — an ordered list of rules

• Rule — made up of conditions, actions, and additional information

• Condition — consists of a qualification of interfaces and policy objects (scope objects)

— Interfaces: source and destination

— Policy objects: network objects and service objects

• Global devices — elements that are available in the network to which defined policies can applied.

Process:

1 Discover devices.

2 Create a policy.

3 Define rules.

a Define policy objects (interfaces, network objects, and so on).

b Define actions.

If user authenticate is selected, specify a user group.

(11)

Contivity Toolset 2.2

5 Select a policy.

6 Add devices to the device list of the selected policy.

7 Apply the policy.

Adding or editing a global device

Global devices are elements that are available in the network to which defined policies can be applied. The Firewall Policy Manager allows you to add or edit global devices quickly and easily.

1 From the Firewall Policy Manager window, select the Global Devices tab.

2 To add a device, click the Add button at the bottom of the window. To edit, click the Edit button.

3 In the Add Device dialog box, enter the IP Address, User Name, and Password for the device in the appropriate fields.

If you choose to edit an existing device, a similar dialog box appears with the current information for the device already in place. You can make any changes in this dialog box.

4 Click OK.

Once the device is entered, the Firewall Policy Manager will attempt to contact the device and, if successful, will display the device model and software version.

Configuring scope objects

Service objects

1 From the Firewall Policy Manager window, select the Policy Objects tab.

2 From the Service Objects panel, select the service object from the list and click the Add button at the bottom of the window.

3 In the Add Service Object dialog box, assign the object to a specific type in the drop-down list. The choices are TCP, UDP, IP Protocol, ICMP, and Group.

4 In the Add Service Object dialog box, enter name, any service data, and optionally add a remark for the object in the fields provided.

(12)

The object is available for use in the Policy rules. Once created, Service Objects can edited or deleted. However, you cannot change the type of service object when editing it.

Network objects

1 From the Firewall Policy Manager window, select the Policy Objects tab.

2 From the Network Objects panel, select a network object from the list and click the Add button at the bottom of the window.

3 In the Add Network Object dialog box, assign the network object to a specific type in the drop-down list. The choices are network, ip_range, host, and group.

4 In the Add Network Object dialog box, enter the name, any network data, and optionally add a remark for the object in the fields provided.

5 Click OK.

The object is available for use in the Policy rules. Once created, Network Objects can be edited and deleted. However, you cannot change the type of the network object when editing it.

Policies

A policy is an ordered list of rules. A policy consists of two sets of rules, default and override, and a list of devices to which a policy is applied.

To add a policy:

1 From the Firewall Policy Manager window, select the Policies tab.

2 Click the Add Policy button.

3 In the Add Policy dialog box, enter the name of the new policy.

4 Click OK.

Note: When you delete a scope object that is used in a rule or contained in a group, you get an error message detailing where that scope object is used and why it cannot be deleted.

You can modify a scope object; however, you get a warning message showing where the object is used.

(13)

Contivity Toolset 2.2 Policies can be deleted by clicking the Delete Policy button. Policy names can be edited by double-clicking the selected policy.

Rules

Rules are made up of conditions, actions, and additional information. You can create override rules, default rules, or both for any given policy. Once a policy is selected, the current lists of rules can be modified by selecting either the Override Rules tab or the Default Rules tab.

To add a rule:

1 From the Firewall Policy Manager window, select the Policies tab.

2 Select a Policy from the Policies panel.

3 Select a Rule type: Default or Override.

4 Click the Add Rule Before or Add Rule After button.

5 From the Add Rule dialog box, select the Source Interface from the drop-down list. You can choose any, system, trusted, untrusted, tunnel:any, user tunnel:any, branch tunnel:any, and ssl-vpn. The default is any.

6 Select the Destination Interface from the drop-down list. You can choose any, system, trusted, untrusted, tunnel:any, user tunnel:any, branch tunnel:any, and ssl-vpn. The default is any.

7 Select the Source from the options listed. The list is derived from the Scope Network Objects.

8 Select the Destination from the options listed. The list is derived from the Scope Network Objects.

Note: The renaming of a policy in FPM does not cause a renaming on the Contivity device. You will not be able to rename a Contivity device policy using FPM. Instead, you can store a second, possibly identical, policy on the device using the new name.

Note: Order is very important to the firewall policy and you can insert a rule either before or after the selected row.

(14)

9 Select the Service from the options listed. The is list is derived from the Scope Service Objects.

10 In the Action drop-down list, select accept, drop, reject, or user authentication. The default is accept.

11 Enter the name of a User Group in the User Group field.

12 In the Log drop-down list, select none, brief, detail, and trap. The default is none.

13 In the Status drop-down list, select enable or disable. The default is enable.

14 In the Remark field, enter a comment about the rule. This is an optional field.

15 Click OK.

Apply Policy

To apply a policy to a group of devices:

1 From the Firewall Policy Manager window, select the Policies tab.

2 Select a policy from the policy list and click the Apply Policy button. After the policy is applied, the scope objects that exist in FPM are the only ones available on the device.

3 The Device Status pop-up window appears, displaying the devices in the policy’s device list. The status of the apply process is updated for each device.

Note: If you selected user authentication from the Action drop-down list, you must make sure the user group exists on the device. The FPM does not verify that the group exists.

(15)

Contivity Toolset 2.2

Importing policies

To import policies:

1 From the Firewall Policy Manager window, select the Policies tab.

2 Click on the Global Policies tab and select a device.

3 Click the Import Policies button.

4 From the Import Policies dialog box, select the policies to import from the list provided. Those policies are then imported into the Policy Manager.

Saving Data

The data representing the devices, the policies, and the scope objects can be stored to a file. This allows you to keep backups, and gives you the ability to distribute the data to other users.

1 From the Firewall Policy Manager window, select File > Save.

2 If the policy data has never been saved, select a file name at the prompt. If the name of the files has been previously selected, Save will not ask for a file name.

The last saved files will be the file that is read during the restart of the tool.

Note: When you apply a policy to a device, that policy becomes the active policy.

Note: When you import a policy from a device and there are scope objects with the same name as those already present on FPM, the FPM scope objects are not overwritten. The scope objects from the device are ignored.

(16)

Tips & Techniques

Exporting

When you export a policy to a device and the device already contains a policy with the same name, the export operation overwrites the device’s existing policy. However, interface specific rules defined for a specific policy will not be

overwritten during an export operation.

File order

In the Firewall Policy Manager menu bar, selecting File > Open presents a list of directory files in ascending order by name. You cannot change this sort order.

(17)

Contivity Toolset 2.2

SSL VPN

The SSL VPN support in CCM is divided into three parts:

• Read-only SSL VPN Configuration information in the SSL VPN tab under the Configuration Data > Contivity device > Services > Properties tab.

• Application Link to launch SSL VPN Manager • SSL VPN Initialization Wizard

Read-only SSL VPN support

The new tab features the following read-only fields: • Enabled

• Allow SSL-VPN traffic through Stateful FW • Allow one time password for aportal full access • Status

• SSL VPN Management IP • SSL VPN IP

To view the read-only parameters:

1 From the CCM navigation pane, select Configuration Data and expand a Contivity device.

2 Expand the Contivity device and select Services.

3 From the context-sensitive pane, select the Properties > SSL VPN tab.

Launching the SSL VPN Manager

If the Contivity device has an SSL VPN card installed and SSL VPN is initialized and enabled, an application link called Launch SSL VPN Manager is

automatically added to the CCM Applications tab. By clicking the Go button, you can launch SSL VPN Manager as if launching it through the Contivity Web GUI.

(18)

To launch SSL VPN Manager via the Applications tab:

1 From the navigation pane, select Configuration Data > Contivity device > Services.

2 From the context-sensitive pane, select the Applications tab.

If the Applications tab is not visible, select View > Context Pane from the CCM menu bar and click Applications from the drop-down menu.

3 Select the Launch SSL VPN Manager application link and click the GO! button.

SSL VPN Initialization Wizard

The SSL VPN Initialization wizard allows you to: • Enable/Disable SSL VPN

• Enable/Disable Allow SSL-VPN traffic through Stateful FW • Enable/Disable Allow one-time password for portal full access • Check the current status of SSL VPN

• Initialize SSL VPN to configure Management IP Address, Interface IP Address, and Admin Password

To configure the SSL VPN Initialization Wizard:

1 From the navigation pane, select the Contivity device.

2 In the context-sensitive pane, select the Wizards tab.

3 Select the SSL VPN Initialization wizard and click the Run button.

4 The first wizard dialog box appears. If the wizard has not been run before and SSL VPN has not been initialized, you can configure the SSL VPN

parameters by selecting the checkboxes available.

5 Click Next.

6 In the following window, enter the SSL VPN Management Address, the SSL VPN Interface Address, and the SSL VPN Admin Password in the fields provided. All three fields must be filled in.

The initialization may take several minutes.

(19)

Contivity Toolset 2.2

8 If you would like to report the result, select a reporting option from the list available. The report will be saved to a file or displayed in a pop-up Web browser.

9 Click Finish.

If SSL VPN has been initialized, the only options to configure are the three parameters listed in the first wizard window: Enable SSL VPN, Allow SSL-VPN Traffic through Stateful FW, and Allow One Time Password for Portal Full Access.

(20)

Backup and Restore

The backup and restore application dramatically lessens the time needed to perform backup, restore, or backup and restore operations on multiple devices. You no longer have to go to each device and schedule your backup operations. All managed devices are covered by one consistent, centrally managed backup plan. Launch the Backup and Restore Tool by selecting the following in the Contivity device:

Configuration Data>Contivity Switch>Applications>Launch Backup and Restore Manager

The Backup and Restore Tool provides a user-friendly graphical user interface geared toward making multi-device operations simple. It also provides a command line interface to incorporate backup and restore in automated maintenance scripts.

In a backup operation, the tool saves copies of files from a Contivity device. Depending on the type of backup running, these files can include configuration files, image files, SSL VPN configurations, LDAP databases, and log files. In a restore operation, the tool copies the files back to the device.

Contivity devices support two types of backup operations. The first type is the full backup for crash recovery purposes. The second type is the configuration backup that only backs up the device configuration information.

Full Backup

Full backup operations are used primarily to recover from device crashes and to configure replacements. The backup data contains configuration, image, logs, and audits, as well as the whole system directory. Full backups can take up to ten minutes or more and can be prohibitively large.

Note: The Backup and Restore tool currently supports Contivity Secure IP Services Gateway devices running software versions 4.8x and later.

(21)

Contivity Toolset 2.2

Full Restore

Full restore operations use a recovery process that requires booting from a diskette and requires a reboot. Alternately, data can be restored by downgrading the device to a previous image version, then upgrading it using the CES Admin > Upgrade feature by pointing to the FTP server where the backup is stored.

Configuration Backup

In a configuration backup, the backup data contains only partial information from the device. It contains full configuration data, LDAP database, SSL VPN

configurations, but does not contain logs or images. Configuration backup is very fast when compared to a full backup operation and uses disk space more

efficiently.

Configuration Restore

In a configuration restore operation, you can restore a configuration snapshot at any time. Restore operations can be done very quickly. Once the restore is complete, the system reboots.

Adding devices

Adding multiple devices from a file

1 Launch the Contivity Backup and Restore Manager.

2 To add devices to the Devices tab, select File > Import Devices.

3 From the Open dialog box (shown in Figure 1 on page 22), select the file or file folder to add.

Note: If the Backup and Restore tool performs a restore operation from a full backup, only the configuration and LDAP data is restored. A full restore requires a recovery diskette.

(22)

Figure 1 Open dialog box

4 In the Add Device dialog box, enter the IP Address, User Name, and Password for the device you want to add.

The Devices tab lists the imported devices and gives you a status of each device.

5 Click OK.

6 You can choose to back up all of the added devices immediately by clicking the Start Backup button at the top of the window.

Adding a single device

1 Select the Devices tab.

2 Click the Add button.

3 Enter the IP Address, User Name and Password for the device you want to add.

4 Click OK.

Note: A User Name or Password cannot exceed 30 characters.

(23)

Contivity Toolset 2.2

Backup operations

To back up devices:

1 From the Contivity Backup and Restore Manager, select the Backup tab.

2 Click the Add button at the top of the window to add your backup plan. A backup plan contains the devices to be backed up and the scheduling information for the backup. You can have multiple backup plans and the same device can appear in more than one plan.

3 In the Add New Backup Operation dialog box (shown in Figure 2), enter the name of your backup plan.

Figure 2 Add New Backup Operation dialog box

4 Click OK.

5 To add devices to a backup plan, highlight the backup plan located on the left side of your window.

6 On the right window panel, select the Devices tab, and click the Add button at the bottom of the window.

7 From the Add Device dialog box, select a device or multiple devices from the device list. When you have finished selecting the devices, click OK.

(24)

Figure 3 Configuration tab

9 Select the type of backup configuration for the backup plan devices. • Configuration backup — contains full configuration data, LDAP

database, SSL VPN configurations, but does not contain logs or images. • Full backup — contains configuration, image, logs, and audits, as well as

the whole system directory.

10 Select the Schedule tab. Figure 4 on page 25 shows the Schedule tab.

(25)

Contivity Toolset 2.2 Figure 4 Schedule tab

11 To schedule backups, first check the Enabled checkbox.

12 In the Schedule fields, enter the Date, Time, and repetition for the backup.

13 To start backup immediately, select the Start Backup button at the top of the window.

Once the backup is performed, the devices are listed in the Archive tab, which is a list of all backed up devices.

Restore operations

To restore devices:

1 From the Contivity Backup and Restore Manager, select the Restore tab. Figure 5 on page 26 shows the Restore tab.

(26)

Figure 5 Restore tab

2 Select the Device tab and click the Add button.

3 From the Add Device dialog box, select a device or multiple devices from the device list. When you have finished selecting the devices, click OK.

4 Using the radio buttons at the top of the window, select the type of restore for the device.

• Latest — use the most recent backup configuration • Custom — choose the backup to use from the list • Dated — choose according to backup date

5 Click the Restore button at the top of the window OR

From the Schedule tab, check the Enabled checkbox and enter the Date and Time in the schedule fields for the restore operation to run.

6 After a restore operation, reboot the device.

(27)

Contivity Toolset 2.2

Exporting devices

1 Launch the Contivity Backup and Restore Manager.

2 From the Archive tab, select a device or devices from the list.

3 Select File > Export Devices.

4 From the Save dialog box, specify where you want the files saved.

5 Enter the File Name.

6 Click Save.

The folder is created in the directory specified and the selected files are saved.

Advanced topics

Enabling FTP

The Contivity Backup and Restore Tool automatically enables the FTP server on the private side of the Contivity Secure IP Services Gateway device before each operation and disables the FTP server upon completion of the operation. Once the Backup and Restore Tool is finished attempting to run an operation, the value of the Services > Available > FTP flag is returned to the state it was in before Backup and Restore Tool began its task.

If during the operation, the Backup and Restore Tool cannot start an FTP session, an error is displayed in the status column for the device, and you will have to troubleshoot each problem independently.

Deleting backup plans and devices

Be careful when deleting backup plans. If you delete a backup plan running on a schedule, a warning box appears notifying you of the scheduled backup and asking if you want to proceed with the deletion.

If you attempt to delete a device that is assigned to a backup plan, a warning dialog box appears, notifying you of the backup plan assignment and confirming the deletion process.

(28)

Saving

Each time you exit the Contivity Backup and Restore Manager, a warning dialog box appears, reminding you to save your work. You can save at this time, or save any time during your session by selecting File > Save and selecting the

appropriate directory.

Hard-copy technical manuals

You can print selected technical manuals and release notes from the Internet at no cost. Go to the www.nortelnetworks.com/documentation URL. Find the product for which you need documentation. Locate the specific category and model or version for your hardware or software product. Use Adobe* Acrobat Reader* to open the manuals and release notes, search for the sections you need, and print them. Most material can be printed on standard printers. Go to Adobe Systems at the www.adobe.com URL to download a free copy of the Adobe Acrobat Reader.

How to get help

If you purchased a service contract for your Nortel Networks product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance.

If you purchased a Nortel Networks service program, contact Nortel Networks Technical Support. To obtain contact information online, go to the

www.nortelnetworks.com/cgi-bin/comments/comments.cgi URL, then click on Technical Support.

From the Technical Support page, you can open a Customer Service Request online or find the telephone number for the nearest Technical Solutions Center. If you are not connected to the Internet, you can call 1-800-4NORTEL

(1-800-466-7835) to learn the telephone number for the nearest Technical Solutions Center.

(29)

Contivity Toolset 2.2 An Express Routing Code (ERC) is available for many Nortel Networks products and services. When you use an ERC, your call is routed to a technical support person who specializes in supporting that product or service. To locate an ERC for your product or service, go to the http://www.nortelnetworks.com/help/contact/ erc/index.html URL.

(30)

References

Related documents

spending, The Firm agreed to pay ‘voluntary’ income and capital gains tax on the Privy Purse and private investments, but only ‘to the extent that the income is not used for

Having considered the cases of pancreas transplant loss due to immunological factors in the early postoperative period (irreversible antibody-mediated rejection in Pa- tient 29) and

who is previously considered as a non-resident and who arrives in the Philippines at anytime during the taxable year to reside thereat permanently shall be

organisasjonslæring, arbeidsplasslæring, uformell og formell læring, læring gjennom praksis, sosial praksis og så videre vil derfor være nyttige når man skal foreta en studie

2.  (a)  If  the  sub  lord  of  the  Ascendant  (out  look)  is  the  significator  (in  the  star  of  the occupant  or  owner)  of  the  3rd 

Using information learned from rending about Ancient Greece, have students write about the following prompt:.. "Think about the jobs Ancient Greeks had and how much time

The following figure illustrates the system flow for a SOAP Connector - Listen inbound operation using the Universal Event Monitor for SOA SOAP Connector.... The following

Haider, “Adaptive Design of a Global Opacity Transfer Function for Direct Volume Rendering of Ultrasound Data,” Visualization Conference, IEEE, p.. Orderud, “A Framework for