What Is SonicWALL CDP?
Business Continuity Solutions
BUSINESS CONTINUITY
SonicWALL CDP Series
SonicWALL CDP 5.0
Administrator’s Guide
SonicWALL CDP 5.0 Administrator’s Guide
SonicWALL, Inc.
1143 Borregas Avenue
Sunnyvale, CA 94089-1306
Phone: +1.408.745.9600
Fax: +1.408.745.9300
E-mail: [email protected]
Copyright Notice
© 2009 SonicWALL, Inc.
All rights reserved.
Under the copyright laws, this manual or the software described within, cannot be copied, in whole or part,
without the written consent of the manufacturer, except in the normal use of the software to make a backup
copy. The same proprietary and copyright notices must be affixed to any permitted copies as were affixed
to the original. This exception does not allow copies to be made for others, whether or not sold, but all of
the material purchased (with all backup copies) can be sold, given, or loaned to another person. Under the
law, copying includes translating into another language or format.
Specifications and descriptions subject to change without notice.
Trademarks
SonicWALL is a registered trademark of SonicWALL, Inc.
Microsoft Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows Server 2000,
Windows Server 2003, Windows Server 2008, Exchange 2000, Exchange 2003, Exchange 2007, SQL
2000, SQL 2005, SQL 2008, Internet Explorer, and Active Directory are trademarks or registered
trademarks of Microsoft Corporation.
Netscape is a registered trademark of Netscape Communications Corporation in the U.S. and other
countries. Netscape Navigator and Netscape Communicator are also trademarks of Netscape
Communications Corporation and may be registered outside the U.S.
Firefox is a trademark or registered trademark of the Mozilla Foundation.
Adobe, Acrobat, and Acrobat Reader are either registered trademarks or trademarks of Adobe Systems
Incorporated in the U.S. and/or other countries.
Other product and company names mentioned herein may be trademarks and/or registered trademarks of
their respective companies and are the sole property of their respective manufacturers.
SonicWALL GPL Source Code
GNU General Public License (GPL)
SonicWALL will provide a machine-readable copy of the GPL open source on a CD. To obtain a complete machinereadable copy, please send your written request, along with a certified check or money order in the amount of US
$25.00 payable to "SonicWALL, Inc." to:
General Public License Source Code Request
SonicWALL, Inc. Attn: Jennifer Anderson
1143 Borregas Ave
Sunnyvale, CA 94089
Limited Warranty
SonicWALL, Inc. warrants that commencing from the delivery date to Customer (but in any case
commencing not more than ninety (90) days after the original shipment by SonicWALL), and continuing for
a period of twelve (12) months, that the product will be free from defects in materials and workmanship
under normal use. This Limited Warranty is not transferable and applies only to the original end user of the
product. SonicWALL and its suppliers' entire liability and Customer's sole and exclusive remedy under this
limited warranty will be shipment of a replacement product. At SonicWALL's discretion the replacement
product may be of equal or greater functionality and may be of either new or like-new quality. SonicWALL's
obligations under this warranty are contingent upon the return of the defective product according to the
terms of SonicWALL's then-current Support Services policies.
This warranty does not apply if the product has been subjected to abnormal electrical stress, damaged by
accident, abuse, misuse or misapplication, or has been modified without the written permission of
SonicWALL.
DISCLAIMER OF WARRANTY. EXCEPT AS SPECIFIED IN THIS WARRANTY, ALL EXPRESS OR
IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES INCLUDING, WITHOUT
LIMITATION, ANY IMPLIED WARRANTY OR CONDITION OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE, NONINFRINGEMENT, SATISFACTORY QUALITY OR ARISING FROM A
COURSE OF DEALING, LAW, USAGE, OR TRADE PRACTICE, ARE HEREBY EXCLUDED TO THE
MAXIMUM EXTENT ALLOWED BY APPLICABLE LAW. TO THE EXTENT AN IMPLIED WARRANTY
CANNOT BE EXCLUDED, SUCH WARRANTY IS LIMITED IN DURATION TO THE WARRANTY
PERIOD. BECAUSE SOME STATES OR JURISDICTIONS DO NOT ALLOW LIMITATIONS ON HOW
LONG AN IMPLIED WARRANTY LASTS, THE ABOVE LIMITATION MAY NOT APPLY TO YOU. THIS
WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS, AND YOU MAY ALSO HAVE OTHER RIGHTS
WHICH VARY FROM JURISDICTION TO JURISDICTION. This disclaimer and exclusion shall apply even
if the express warranty set forth above fails of its essential purpose.
DISCLAIMER OF LIABILITY. SONICWALL'S SOLE LIABILITY IS THE SHIPMENT OF A
REPLACEMENT PRODUCT AS DESCRIBED IN THE ABOVE LIMITED WARRANTY. IN NO EVENT
SHALL SONICWALL OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER,
INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS
INTERRUPTION, LOSS OF INFORMATION, OR OTHER PECUNIARY LOSS ARISING OUT OF THE
USE OR INABILITY TO USE THE PRODUCT, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL,
INCIDENTAL, OR PUNITIVE DAMAGES HOWEVER CAUSED AND REGARDLESS OF THE THEORY
OF LIABILITY ARISING OUT OF THE USE OF OR INABILITY TO USE HARDWARE OR SOFTWARE
EVEN IF SONICWALL OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES. In no event shall SonicWALL or its suppliers' liability to Customer, whether in contract, tort
(including negligence), or otherwise, exceed the price paid by Customer. The foregoing limitations shall
apply even if the above-stated warranty fails of its essential purpose. BECAUSE SOME STATES OR
JURISDICTIONS DO NOT ALLOW LIMITATION OR EXCLUSION OF CONSEQUENTIAL OR
INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU.
Guide Conventions
The following Conventions used in this guide are as follows:
Convention
Use
Bold
Highlights items you can select on the SonicWALL security
appliance management interface.
Italic
Highlights a value to enter into a field. For example, “type
192.68.168.168 in the IP Address field.”
Menu Item > Menu Item
Indicates a multiple step Management Interface menu
choice. For example, Security Services > Content Filter
means select Security Services, then select Content
Filter.
Icons Used in this Manual
These special messages refer to noteworthy information, and include a symbol for quick identification:
Tip
A timesaving tip.
Note
Important information on a feature that requires callout for special attention.
Cross Reference: Provides a pointer to related information in the Administrator’s Guide or other
resources.
SonicWALL Technical Support
For timely resolution of technical support questions, visit SonicWALL on the Internet at
<http://www.sonicwall.com/us/Support.html>. Web-based resources are available to help you resolve most
technical issues or contact SonicWALL Technical Support.
To contact SonicWALL telephone support, see the telephone numbers listed below:
North America Telephone Support
U.S./Canada - 888.777.1476 or +1 408.752.7819
International Telephone Support
Visit <http://www.sonicwall.com/us/support/contact.html> for the latest technical support telephone numbers.
More Information on SonicWALL Products
Contact SonicWALL, Inc. for information about SonicWALL products and services at:
Web: http://www.sonicwall.com
Email: [email protected]
Phone: (408) 745-9600
Fax:
(408) 745-9300
Current Documentation
Check the SonicWALL documentation Web site for that latest versions
of this manual and all other SonicWALL product documentation.
http://www.sonicwall.com/us/Support.html
Table of Contents
Table of Contents
About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
SonicWALL CDP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
What Is SonicWALL CDP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Why Use SonicWALL CDP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
How Does SonicWALL CDP Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Supported Platforms and Deployment Requirements. . . . . . . . . . . . . . . . . . . . . . 11
System and Network Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Requirements for Microsoft Exchange Server Applications . . . . . . . . . . . . . 12
SonicWALL CDP Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
SonicWALL CDP Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Offsite Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
SonicWALL CDP Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Web-Based Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Enterprise Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Agent Tool Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Configuring SonicWALL CDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Initial Configuration of SonicWALL CDP. . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Editing Enterprise Manager Administrative Settings . . . . . . . . . . . . . . . . . . . 53
Changing the SonicWALL CDP Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Encryption Key Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Checking for Firmware Updates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Checking for Software Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Resetting a Lost Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
SonicWALL CDP 5.0 Administrator’s Guide
vii
Using SonicWALL CDP Enterprise Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Managing Agents in Enterprise Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Managing Policies in Enterprise Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . .70
Performing Searches in Enterprise Manager . . . . . . . . . . . . . . . . . . . . . . . . . .83
Generating Reports in Enterprise Manager . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Configuring Email Alerts in Enterprise Manager . . . . . . . . . . . . . . . . . . . . . .86
Backing up Microsoft Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Backing Up a Microsoft Exchange User Mailbox . . . . . . . . . . . . . . . . . . . . .87
Backing Up a Microsoft Exchange Storage Group . . . . . . . . . . . . . . . . . . . .97
Backing up Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
Configuring SonicWALL CDP to Backup Active Directory . . . . . . . . . . . .108
Active Directory Backup Expectations . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
Active Directory Backup Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
Backing up Microsoft SQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109
Configuring SonicWALL CDP to Backup Microsoft SQL. . . . . . . . . . . . . .110
Introduction to Full, Differential, and Log Backup. . . . . . . . . . . . . . . . . . . .110
Full Backup Triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
SonicWALL CDP Storage of the SQL Database . . . . . . . . . . . . . . . . . . . . .111
SQL Configuration Levels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Configuring Backup Intervals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112
SQL Account Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114
SQL Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115
Backing Up Native SQL Databases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118
Offsite Backup of SQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
SQL Backup of Unchanged Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
SQL Database Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
SQL Backup Environment Expectations and Known Errors . . . . . . . . . . . .120
Explanation of Possible Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Recovering Your Data Using SonicWALL CDP . . . . . . . . . . . . . . . . . . . . . . . .122
File Recovery Using the SonicWALL CDP Agent Tool . . . . . . . . . . . . . . .122
Recovering Data from Microsoft Exchange . . . . . . . . . . . . . . . . . . . . . . . . .123
Recovering Data from Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . .131
Recovering Data from Microsoft SQL Server. . . . . . . . . . . . . . . . . . . . . . . .133
SonicWALL CDP 5.0 Administrator’s Guide
viii
Disaster Recovery Using the Offsite Service . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Encryption Key Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Purging Data from the SonicWALL CDP Appliance. . . . . . . . . . . . . . . . . . 143
Recovery when RAID Fails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
If One Disk Fails While Using the SonicWALL CDP 3440i . . . . . . . . . . . . 144
If Two Disks Fail While Using SonicWALL CDP 3440i . . . . . . . . . . . . . . 144
If One Disk Fails While Using SonicWALL CDP 5040 / 6080 / 4440i. . . . 145
If Two Disks Fail While Using SonicWALL CDP 5040 / 6080 / 4440i . . . 145
Configuring SonicWALL CDP with Software Firewalls . . . . . . . . . . . . . . . . . . 145
Working with a Windows XP SP2 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . 145
Working with a McAfee Personal Firewall . . . . . . . . . . . . . . . . . . . . . . . . . 146
Working with a Norton Personal Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Working with a Zone Alarm Firewall. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Configuring SonicOS Security Services for SonicWALL CDP. . . . . . . . . . . . . 152
Setting up Security Services for SonicWALL CDP . . . . . . . . . . . . . . . . . . . 152
Adding a SonicWALL CDP Appliance to GMS . . . . . . . . . . . . . . . . . . . . . . . . 153
Preparing the SonicWALL CDP Appliance . . . . . . . . . . . . . . . . . . . . . . . . . 153
Adding the SonicWALL CDP Appliance to GMS . . . . . . . . . . . . . . . . . . . 153
Registering CDP Appliances for Use with SonicWALL GMS . . . . . . . . . . 155
Configuring Site-to-Site Backup and Recovery . . . . . . . . . . . . . . . . . . . . . . . . . 159
CDP Site-to-Site Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
Setting up CDP Site-to-Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Using CDP Site-to-Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
CDP Site-to-Site Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Configuring SonicWALL CDP Local Archiving . . . . . . . . . . . . . . . . . . . . . . . 180
How Does Local Archiving Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Prerequisites for Local Archiving. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Local Archiving Configuration Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Creating a Local Archive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Ejecting the USB Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Restoring Files, Folders, and Client Applications from a
Local Archive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Restoring a Server Application from a Local Archive . . . . . . . . . . . . . . . . 188
Using the SonicWALL CDP Backup Restore Tool . . . . . . . . . . . . . . . . . . . 190
Creating a Local Archive Task . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
SonicWALL CDP 5.0 Administrator’s Guide
ix
Troubleshooting SonicWALL CDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
SonicWALL CDP Appliance Troubleshooting . . . . . . . . . . . . . . . . . . . . . . .192
SonicWALL CDP Software Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . .192
Backup and Recovery Troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
Technical Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194
Command Line Interface Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207
Related Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
User Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
Index
SonicWALL CDP 5.0 Administrator’s Guide
x
About this Guide
The SonicWALL CDP Administrator’s Guide provides network administrators with an introduction to
SonicWALL CDP (Continuous Data Protection), including a high-level overview of SonicWALL CDP,
a description of deployment restrictions, hardware and software components, configuration examples
and basic troubleshooting.
The SonicWALL CDP Administrator’s Guide contains the following sections:
•
“SonicWALL CDP Overview” section on page 2
•
“Supported Platforms and Deployment Requirements” section on page 11
•
“SonicWALL CDP Hardware” section on page 13
•
“SonicWALL CDP Software” section on page 15
•
“Configuring SonicWALL CDP” section on page 47
•
“Using SonicWALL CDP Enterprise Manager” section on page 57
•
“Backing up Microsoft Exchange” section on page 87
•
“Backing up Active Directory” section on page 108
•
“Backing up Microsoft SQL” section on page 109
•
“Recovering Your Data Using SonicWALL CDP” section on page 122
•
“Disaster Recovery Using the Offsite Service” section on page 142
•
“Recovery when RAID Fails” section on page 144
•
“Configuring SonicWALL CDP with Software Firewalls” section on page 145
•
“Configuring SonicOS Security Services for SonicWALL CDP” section on page 152
•
“Adding a SonicWALL CDP Appliance to GMS” section on page 153
•
“Configuring Site-to-Site Backup and Recovery” section on page 159
•
“Configuring SonicWALL CDP Local Archiving” section on page 180
•
“Troubleshooting SonicWALL CDP” section on page 192
•
“Technical Frequently Asked Questions” section on page 194
•
“Command Line Interface Reference” section on page 195
•
“Glossary” section on page 207
•
“Related Documents” section on page 209
SonicWALL CDP 5.0 Administrator’s Guide
1
SonicWALL CDP Overview
SonicWALL CDP Overview
Protect your network using SonicWALL CDP (Continuous Data Protection), a secure backup solution
that runs continuously, archiving file and application data from assigned agents (servers, laptops or PCs
intended for backup using SonicWALL CDP).
SonicWALL CDP replicates data in real time, capturing new, changed and deleted information. By
storing multiple versions of each file and application revision, SonicWALL CDP can recall data from
nearly any point in time.
In the event of local disaster, data can be recovered from the secure SonicWALL CDP Offsite
Service.The Offsite Service is an optional service that backs up your data at a North American or
European site. For more routine data recovery needs, the SonicWALL CDP appliance provides instant,
onsite data recall. SonicWALL CDP works even when users are on remote laptops connected by IPsec
or SSL VPN connections.
SonicWALL CDP includes an appliance, a Web-based management interface, Enterprise Manager
software, Agent Tool software, and Offsite Service. The SonicWALL CDP management interface and
software is available in the following languages: English, Spanish, French, Italian and German. The
Web-based management interface language can be modified as needed. The Enterprise Manager and
Agent Tool software language is determined at installation and can be changed by uninstalling and
re-installing the software.
This section contains the following subsections, which provide an introduction to the SonicWALL CDP
features and benefits:
•
“What Is SonicWALL CDP?” section on page 3
•
“Why Use SonicWALL CDP?” section on page 4
•
“How Does SonicWALL CDP Work?” section on page 5
– “How the SonicWALL CDP Web-Based Management Interface Works” section on page 6
– “How the SonicWALL CDP Appliance Works” section on page 7
– “How the SonicWALL CDP Agent Service and Agent Tool Work” section on page 8
– “How the SonicWALL CDP Enterprise Manager Works” section on page 9
– “How SonicWALL Bare Metal Recovery Works” section on page 9
– “How the SonicWALL CDP Offsite Service Works” section on page 10
SonicWALL CDP 5.0 Administrator’s Guide
2
SonicWALL CDP Overview
What Is SonicWALL CDP?
SonicWALL CDP protects your network from data loss. SonicWALL CDP is a disk-based data backup
and recovery system that provides protection for assigned agents, regularly preserving the latest file
versions and database revisions locally, and if configured, storing full folder and full database revisions
to the secure Offsite Service.
Backups are performed regularly by SonicWALL CDP, ensuring that new versions of files or application
revisions are continuously updated. In addition, older versions of each file are stored, allowing recovery
from multiple points in time.
SonicWALL CDP comprises the following components: The SonicWALL CDP Web-based management
interface, appliance, Offsite Service, Enterprise Manager, Agent Tool, Agent Service, and Bare Metal
Recovery.
Each SonicWALL CDP component is described below.
•
SonicWALL CDP Web-based Management Interface—The SonicWALL CDP management
interface is a Web browser-based interface that allows the SonicWALL CDP administrator to
configure the SonicWALL CDP appliance firmware. The management interface is available in the
following languages: English, Spanish, French, Italian, and German. For detailed SonicWALL CDP
management interface specifications, refer to the “How the SonicWALL CDP Web-Based
Management Interface Works” section on page 6 and “Web-Based Management Interface” section
on page 16.
•
SonicWALL CDP Appliance—The SonicWALL CDP appliance is a dedicated disk backup
appliance that collects data blocks from agents for storage and for secure transmission to the Offsite
Service (if configured). For detailed SonicWALL CDP appliance specifications, refer to the “How
the SonicWALL CDP Appliance Works” section on page 7 and the “SonicWALL CDP Appliance”
section on page 13.
•
SonicWALL CDP Offsite Service—The SonicWALL CDP Offsite Service is a subscription service
that provides protection against local disaster. Full file revisions from the SonicWALL CDP
appliance are securely transmitted to the Offsite Service and stored for emergency recovery. The
Offsite Service can be configured to use a North American or European data center. For detailed
SonicWALL CDP Offsite Service specifications, refer to the “How the SonicWALL CDP Offsite
Service Works” section on page 10, the “Offsite Service” section on page 14, and the “Configuring
Site-to-Site Backup and Recovery” section on page 159.
•
SonicWALL CDP Enterprise Manager—The SonicWALL CDP Enterprise Manager software is
installed by the CDP administrator and used to manage appliance and agent options. Enterprise
Manager is the master control panel to set policies for agents connected to a SonicWALL CDP
appliance. The Enterprise Manager is available in the following languages: English, Spanish,
French, Italian and German. For detailed SonicWALL CDP Enterprise Manager specifications, refer
to the “How the SonicWALL CDP Enterprise Manager Works” section on page 9 , the “Enterprise
Manager” section on page 30, and the “Using SonicWALL CDP Enterprise Manager” section on
page 57.
•
SonicWALL CDP Agent Tool—The SonicWALL CDP Agent Tool software is installed on every
agent (server, laptop or PC intended to be backed up on the SonicWALL CDP appliance), and
provides a user interface with options to view backup status and recover lost data. User access
privileges to the appliance using the Agent Tool is configured by the CDP administrator using the
Enterprise Manager. The Agent Tool is available in the following languages: English, Spanish,
French, Italian and German. For detailed SonicWALL CDP Agent Tool specifications, refer to the
“How the SonicWALL CDP Agent Service and Agent Tool Work” section on page 8 and the “Agent
Tool Overview” section on page 45. The SonicWALL CDP Agent Tool User’s Guide provides
detailed information about using the Agent Tool.
SonicWALL CDP 5.0 Administrator’s Guide
3
SonicWALL CDP Overview
•
SonicWALL CDP Agent Service—The SonicWALL CDP Agent Service software is installed
automatically with the SonicWALL Agent Tool. By running continuously in the background of each
agent, the Agent Service enables backup of folders and application revisions as it performs
handshaking with the appliance, transmits data, and listens for Windows Event Notifications. For
detailed SonicWALL CDP Agent Service specifications, refer to the “How the SonicWALL CDP
Agent Service and Agent Tool Work” section on page 8 and the “Agent Tool Overview” section on
page 45.
•
Bare Metal Recovery—The Bare Metal Recovery software is a separate, standalone software,
which provides the administrator with the option to create a hard disk image backup. A hard disk
image backup is a copy of information stored on a disk, including the operating system, programs,
documents and settings. For detailed Bare Metal Recovery specifications, refer to the “How
SonicWALL Bare Metal Recovery Works” section on page 9.
Why Use SonicWALL CDP?
SonicWALL CDP is a complete and reliable data protection solution that eliminates exposure to threats
of data loss, using the same security technology implemented by major financial and government
institutions.
Specifically developed for the business and remote office networks, SonicWALL CDP is employed in
network environments with business requirements that necessitate continuous data backup. SonicWALL
CDP also provides real-time, continuous data protection for laptops and remote agents connected by
IPsec or SSL VPN.
By running seamlessly, SonicWALL CDP captures the most recent file and application revisions,
maintaining multiple versions of each backed up file. SonicWALL CDP stores backed up data on a local
SonicWALL CDP appliance for instant recovery, and if configured, to the secure SonicWALL CDP
Offsite Service for protection against local disaster.
You control SonicWALL CDP, specifying which agents will use the appliance, selecting files and
applications for automatic backup, and applying custom filters for non mission-critical file types.
SonicWALL CDP provides the following key features:
•
Continuous Data Protection—SonicWALL CDP replicates data in real time, capturing new,
changed and deleted information. SonicWALL CDP works even when users are on laptops or other
remote connections using IPsec or SSL VPN.
•
Offsite Service—SonicWALL CDP Offsite Service protects businesses against power surges, theft,
server crashes and other disasters by backing up full files and full database revisions to a secure data
center. SonicWALL CDP monitors and recognizes Internet usage patterns so that it completes
backups only when network usage is at its lowest. You can select a North American or European
data center during the appliance registration process.
•
Instant Recovery—Because SonicWALL CDP utilizes an onsite appliance for data storage, agents
have instant access to old file versions and can recover data at any time. And, agents have the ability
to restore their own data without help from an IT administrator.
•
Multiple File Versions—SonicWALL CDP saves multiple versions of every file, not just the latest
version. Therefore, any user on the network can instantly retrieve a previous version of a document,
even after they have saved over it. SonicWALL CDP allows recovery of data from multiple points
in time.
•
Security—Transmission of data to the SonicWALL CDP Offsite Service is secured by the same
256-bit AES (advanced encryption standard) and SSL (secure socket layer) encryption technologies
implemented by major financial institutions and government agencies. SonicWALL CDP also
utilizes public-key encryption and digital certificates as an additional layer of protection.
SonicWALL CDP 5.0 Administrator’s Guide
4
SonicWALL CDP Overview
•
Intelligent Applications—SonicWALL CDP integrates a collection of intelligent software
applications. One such application is a backup reporting tool, which provides constant visual data
backup verification. The tool places a highlighted SonicWALL stamp on each protected file so the
user knows that the SonicWALL CDP is working.
•
Application Support—SonicWALL CDP supports most business applications. Supported agent
applications include Outlook and Outlook Express, and supported server applications include
Microsoft Exchange, Active Directory and SQL Server.
•
RAID Support—Some SonicWALL CDP appliances support RAID (redundant array of
independent disks), providing additional failover protection in the event of a disk failure. The
SonicWALL CDP 6080, 5040, and 4440i include RAID 5, block-level data striping with distributed
parity across the drive set. The SonicWALL CDP 3440i includes RAID 1, data mirroring from one
drive onto another.
How Does SonicWALL CDP Work?
SonicWALL CDP includes the following major components: the SonicWALL CDP Web-based user
interface, appliance, Agent Tool, Agent Service, Enterprise Manager, Bare Metal Recovery, Offsite
Service, and Local Archiving. Each element of the SonicWALL CDP works synchronously to ensure that
data is protected continuously, in real time.
This section provides an overview of the SonicWALL CDP components. This section contains the
following subsections:
•
“How the SonicWALL CDP Web-Based Management Interface Works” section on page 6
•
“How the SonicWALL CDP Appliance Works” section on page 7
•
“How the SonicWALL CDP Agent Service and Agent Tool Work” section on page 8
•
“How the SonicWALL CDP Enterprise Manager Works” section on page 9
•
“How SonicWALL Bare Metal Recovery Works” section on page 9
•
“How the SonicWALL CDP Offsite Service Works” section on page 10
•
“How SonicWALL CDP Local Archiving Works” section on page 10
SonicWALL CDP 5.0 Administrator’s Guide
5
SonicWALL CDP Overview
How the SonicWALL CDP Web-Based Management Interface Works
The operating system inside the SonicWALL CDP appliance is called firmware. The management
interface is a Web browser-based interface that allows the SonicWALL CDP administrator to configure
the SonicWALL CDP appliance firmware. The management interface can be viewed in the following
languages: English, Italian, French, Spanish and German. Select the language from the drop-down menu
on the login screen.
The management interface provides the administrator the ability to register the appliance, view and
configure system and network settings, and purge data from the appliance.
After initial set up of your SonicWALL CDP appliance using the management interface, which includes
setting a static IP address, you must register your appliance using the Enterprise Manager. The
Enterprise Manager is used to insert the registration code that is obtained from MySonicWALL.
SonicWALL CDP 5.0 Administrator’s Guide
6
SonicWALL CDP Overview
Figure 1 displays the process for registering a new appliance.
Figure 1
Registering a New Appliance
1
Administrator enters serial number and authorization key at mysonicwall.com.
2
mysonicwall.com provides a new registration code to the administrator.
mySonicWALL
Welcome!
x
Logout
1
2
Administrator
mysonicwall.com
3
Administrator enters new registration code which is sent through CDP portal
registration server and mapped between new and old unit by mysonicwall,com.
4
mysonicwall.com returns success message and replacement for old registration
code to administrator and notifies CDP offsite service of registration change.
mySonicWALL
Welcome!
x
Logout
3
4
Replacement SonicWALL
CDP Appliance
Administrator
mysonicwall.com
5
Local machines can now perform disaster recovery.
CDP Offsite
Service
5
Replacement SonicWALL
CDP Appliance
Administrator
For more information about registration and initial setup of your SonicWALL CDP system, refer to the
SonicWALL CDP Getting Started Guide for your model.
For more information about the SonicWALL CDP management interface, refer to the “Web-Based
Management Interface” section on page 16.
How the SonicWALL CDP Appliance Works
The SonicWALL CDP appliance performs three main tasks: Data processing, data storage, and if
configured, data transmission to the Offsite Service.
The appliance receives data blocks from the Agent Service and compares them to existing blocks in
order to discover new or changed information. The appliance stores the new or changed data blocks, and
if configured, securely transmits them to the Offsite Service.
The appliance is connected using a standard CAT5 or higher Ethernet cable to your local area network
(LAN). The SonicWALL CDP appliance requires configuration of a static IP address in order to
communicate with your network, and a client must be connected to the same LAN as the appliance to
complete initial installation and to run the Enterprise Manager software. An appliance can be connected
manually by typing in its IP address or can be added through auto discovery.
The SonicWALL CDP appliance communicates with the Enterprise Manager, Agent Service and, if
configured, to the Offsite Service. The appliance communicates with the SonicWALL CDP Offsite
SonicWALL CDP 5.0 Administrator’s Guide
7
SonicWALL CDP Overview
Service for registration and storage using HTTPS (TCP 443), providing enhanced security and greater
levels of compatibility with network perimeter devices. As a result, your network must be configured to
allow HTTPS (TCP 443) communication.
To ensure that the appliance performs at its peak, it will automatically alert the administrator if it is close
to reaching capacity. If the appliance is busy, or if an agent has become disconnected from the network,
the agent will continue to attempt communication until a successful backup has been completed.
The process of breaking down files into blocks and saving block-level differences (BLD) is called BLD
optimization. In the case of PST files used by Outlook, Outlook Express and other mail client programs
to archive mail information, the Agent performs BLD optimization directly on the Agent. PST files are
normally very large and performing BLD on the Agent cuts down on network traffic utilization.
How the SonicWALL CDP Agent Service and Agent Tool Work
The SonicWALL CDP Agent Tool and Agent Service are installed at the same time. The Agent Service
runs continuously and in the background as a service, allowing backups of folders and application
revisions.
The Agent Tool is a user interface that allows users to control agent backup to and recovery from the
CDP appliance. User access privileges to the appliance using the Agent Tool is configured by the CDP
administrator using the Enterprise Manager. Users can manage backup options and restore files and
application revisions from the appliance using the Agent Tool.
The Agent Service does the handshaking with the appliance, transmits data to the appliance, and listens
for Windows Event Notifications to discover when data has been written to a local disk, triggering the
agent to backup the change to the SonicWALL CDP. The Agent Service performs discovery by sending
a UDP broadcast to port 10001, and any appliances connected to the local broadcast domain will respond
and can be selected for use. It is also possible to manually connect to a different broadcast domain by
specifying an appliance’s IP address and leaving the port blank. When changes have been made, the
Agent Service transmits 4 KB to 64 KB data blocks (compressed if necessary) to the appliance for
backup. For more information about the SonicWALL CDP Agent Tool, refer to the “Agent Tool
Overview” section on page 45.
SonicWALL CDP 5.0 Administrator’s Guide
8
SonicWALL CDP Overview
How the SonicWALL CDP Enterprise Manager Works
The SonicWALL CDP Enterprise Manager is used by the SonicWALL CDP administrator for
configuration, to obtain logs and reports, set alarms and recover data. Enterprise Manager performs
discovery by sending a UDP broadcast to port 10001, and any appliances connected to the local
broadcast domain will respond and can be selected for use. It is also possible to manually connect to a
different broadcast domain by specifying an appliance’s IP address and leaving the port blank.
Administrators control the flow of data from the Agent Tool(s) to the appliance(s) using Enterprise
Manager to set default policies for agents, specifying a maximum backup allotment, filtering to omit
specific file types, and designating common folders (Desktop, Favorites and My Documents) and
applications to be automatically backed up across agents. For more information on the SonicWALL CDP
Enterprise Manager, refer to the “Enterprise Manager” section on page 30.
How SonicWALL Bare Metal Recovery Works
The Bare Metal Recovery standalone software creates a disk image of information stored on a disk,
including the operating system, programs and documents, and settings.
Disk imaging includes images of disk partitions and track zero with the Master Boot Record (MBR).
Disk partitions include files and folders (independent of their attributes), boot record, FAT (file
allocation table) and root. The Master Boot Record is the code that the BIOS uses to load the operating
system into memory. It resides on track zero of the disk.
Bare Metal Recovery disk image creation is automatic, which means files and folders do not have to be
earmarked for backup. To ensure that the backup and recovery processes are streamlined, Bare Metal
Recovery disk images only store hard disk parts that contain data.
Bare Metal Recovery disk images can be created on local hard disks, CD-R/RW, DVD+R/RW, DVD-RW,
or removable media such as Firewire (IEEE-1394) and USB (1.0, 1.1, and 2.0) devices. Once created,
the image can later be transferred to any other media. Bare Metal Recovery images cannot be backed up
directly to the CDP appliance. Lost data from the disk image can be retrieved at any time. Additionally,
the disk image can be accessed as a virtual drive for browsing and extracting files.
For more information on Bare Metal Recovery, refer to the Bare Metal Recovery and Local Archiving Workstation User’s Guide.
SonicWALL CDP 5.0 Administrator’s Guide
9
SonicWALL CDP Overview
How the SonicWALL CDP Offsite Service Works
The SonicWALL CDP Offsite Service is a secure server that stores backed up data for protection
against local disaster. During registration of your SonicWALL CDP, you are able to select a North
American or European data center. Compressed data blocks of full file and full database revisions are
sent from the appliance using 256-bit AES (advanced encryption standard) encryption. Offsite Service
communication uses SSL/TLS transport layer encryption, and AES application layer encryption. Stored
data can only be accessed with the AES 256-bit encryption key, available only to the network
administrator. Refer to Figure 2 for the Offsite Service data backup flow. For more information about
the SonicWALL CDP Offsite Service, refer to the “Offsite Service” section on page 14.
Figure 2
Offsite Service Data Backup Flow
1
Agent
(Client)
Offsite Service
(Server)
2
SonicWALL
CDP Appliance
(Server)
Local Area Network
Remote Server
Local Data
AES Encrypted Data
1
The agent sends data blocks (compressed as needed) to the SonicWALL CDP Appliance (local server).
2
The SonicWALL CDP appliance sends AES encrypted data blocks the offsite service (remote server).
How SonicWALL CDP Local Archiving Works
Local archiving is a feature of the SonicWALL CDP Enterprise Manager that allows an administrator to
archive some or all of the contents of your SonicWALL CDP appliance onto a USB device. This feature
can also be used to create a portable backup that can be restored at another site that does not have a
SonicWALL CDP appliance. Data can be archived to the USB device in encrypted format. For more
information about Local Archiving, see “Configuring SonicWALL CDP Local Archiving” on page 180.
SonicWALL CDP 5.0 Administrator’s Guide
10
Supported Platforms and Deployment Requirements
Supported Platforms and Deployment Requirements
SonicWALL CDP 5.0 is supported on the following platforms:
•
SonicWALL CDP 110
•
SonicWALL CDP 210
•
SonicWALL CDP 5040
•
SonicWALL CDP 6080
•
SonicWALL CDP 1440i
•
SonicWALL CDP 2440i
•
SonicWALL CDP 3440i
•
SonicWALL CDP 4440i
System and Network Requirements
This section provides deployment considerations for your agents (client or server) and network
requirements. Table 1 lists the minimum system and network requirements.
Table 1
SonicWALL CDP Deployment Requirements
Minimum Client Requirements
Minimum Server Requirements
Network Requirements
•
Pentium III Processor
•
450 MHZ with at least 256 MB of RAM
•
40 MB of free disk space
•
Windows XP (Home and Professional),
Windows Server 2003 or 2008, Windows
2000 Professional
•
Intel Celeron 2.0GHZ Process
•
256 MB DDR
•
Windows XP (Home and Professional),
Windows Server 2003 or 2008, Windows
2000 (Professional and Server)
•
High speed Internet connection (Serial, DSL,
Cable, T1)
•
Router or hub with wired Ethernet port
SonicWALL CDP 5.0 Administrator’s Guide
11
Supported Platforms and Deployment Requirements
Requirements for Microsoft Exchange Server Applications
This section lists the supported platforms for successful operation of the SonicWALL CDP Agent Tool
with the following server applications:
•
Microsoft Exchange User Mailbox Backup and Restore
•
Microsoft Exchange InfoStore Backup and Restore
Microsoft Exchange Versions Supported
The following versions of Microsoft Exchange are supported:
•
Exchange 2000 32-bit
•
Exchange 2003 32-bit
•
Exchange 2007 64-bit (Service Pack 1)
Windows Server Versions Supported
The following versions of Windows Server are supported:
•
Windows Server 2000 (Service Pack 4)
•
Windows Server 2003 32-bit
•
Windows Server 2003 64-bit (Service Pack 2)
•
Windows Server 2008 64-bit
Windows Server / Exchange Compatibility
The following table indicates the versions of Exchange that are supported on each version of Windows
Server:
Windows Server /
Exchange Server Version
Compatibility
Windows
Server 2000
(Service Pack
4)
Exchange Server 2000
Supported
Exchange Server 2003
Supported Requires
Windows
Server Service
Pack 4
Exchange Server 2007
(Service Pack 1)
Note
Windows
Server 2003
64-bit
Windows
Server 2008
64-bit
Supported
Supported
Supported
Refer to the latest SonicWALL CDP Release Notes, available on www.sonicwall.com, for the location
of the full support matrix and compatibility information.
SonicWALL CDP 5.0 Administrator’s Guide
12
Windows
Server 2003
32-bit
SonicWALL CDP Hardware
SonicWALL CDP Hardware
SonicWALL CDP includes the following hardware:
•
SonicWall CDP Appliance—SonicWALL CDP appliances vary in storage size and agent support
capacity.
•
Offsite Service—The SonicWALL CDP Offsite Service is a subscription service that backs up data
to offsite hardware for disaster protection and recovery. For a list of Offsite Service key features,
refer to the “Offsite Service” section on page 14.
SonicWALL CDP Appliance
The SonicWALL CDP appliance is a dedicated disk backup appliance that collects data blocks from
agents for storage and for secure transmission to the Offsite Service storage location (if configured). The
SonicWALL CDP series has several appliance models that range in capacity, agent support and
additional features. For the SonicWALL CDP 5.0 release, SonicWALL provides the following platforms
differentiated by hard disk capacity and the recommended amount of agents:
•
SonicWALL CDP 110
•
SonicWALL CDP 210
•
SonicWALL CDP 5040
•
SonicWALL CDP 6080
•
SonicWALL CDP 1440i
•
SonicWALL CDP 2440i
•
SonicWALL CDP 3440i
•
SonicWALL CDP 4440i
Table 2
SonicWALL CDP Hardware Features
Feature
Description
HDD LED
(Hard Disk Drive)
Indicates data transfer to and from the hard disk.
Power LED
Indicates the SonicWALL CDP appliance is powered on.
Reset Button
Allows reboot of the SonicWALL CDP appliance.
Power Button
Allows the SonicWALL CDP appliance to power on (one
press) or power off (10-second press).
Cooling Fan
Provides optimal air circulation.
AC Power
Allows the SonicWALL CDP appliance to connect to AC
power using the supplied power cable.
LAN Port
Allows the SonicWALL CDP appliance to connect to your
local area network.
USB Port
Allows a USB device to be plugged in and used for local
archiving.
SonicWALL CDP 5.0 Administrator’s Guide
13
SonicWALL CDP Hardware
Offsite Service
The SonicWALL CDP Offsite Service provides a way to backup your data to a separate hardware device
in a different location.
Note
The SonicWALL CDP Offsite Service is offered as a subscription-based service.
The SonicWALL CDP Offsite Service is a subscription-based service that offers secure offsite backup
and recovery, protecting your data from local disaster, including theft, power surges and server crashes.
Data transmitted and stored securely at either the North American or European Offsite Service is
available for retrieval when onsite data has been destroyed or the onsite appliance has been rendered
inoperable, enabling an enterprise to be up and running quickly after a disaster event. The Offsite Service
selection is made when you register your SonicWALL CDP appliance.
Compressed full-database and full-file (with latest revision) data blocks are encrypted and transmitted
from the SonicWALL CDP appliance to the Offsite Service. The SonicWALL CDP administrator can
recover the data from the Offsite Service using an encryption key, in the event that a local SonicWALL
CDP recovery is not viable
Because data backed up using SonicWALL CDP Offsite Service is protected by AES 256-bit encryption,
it can only be recovered using an AES 256-bit encryption key. Data stored using the Offsite Service is
fully secure, as it cannot be decrypted without the key, even by SonicWALL technical support engineers.
For information about subscribing to the Offsite Service, contact SonicWALL Technical Support.
Configuration Examples
For configuration examples using the SonicWALL CDP Offsite Service, refer to the “Recovering Your
Data Using SonicWALL CDP” section on page 122.
SonicWALL CDP 5.0 Administrator’s Guide
14
SonicWALL CDP Software
SonicWALL CDP Software
This section provides information about SonicWALL CDP Software. SonicWALL CDP includes the
following software components:
•
Web Management Interface—The Web management interface is a Web browser-based
administrative tool that provides initial system setting configuration for the SonicWALL CDP
appliance. The management interface also provides system diagnostics and allows for a full purge
of data from the appliance. For a list of firmware management interface key features, refer to the
“Web-Based Management Interface” section on page 16.
•
Enterprise Manager—The Enterprise Manager is software used by SonicWALL CDP
administrator to control the appliance and connected agents. For a list of Enterprise Manager key
features, refer to the “Enterprise Manager” section on page 30.
•
Agent Tool—The Agent Tool is software installed on agents intended to be continuously backed up
by the SonicWALL CDP appliance. The Agent Tool is the interface that allows users to control
backing up to and restoring from the appliance. For a list of Agent Tool key features, refer to the
“Agent Tool Overview” section on page 45.
•
Agent Service—Agent Service is software that creates folder and application revision backups. The
Agent Service is the workhorse of the SonicWALL CDP system, is installed automatically with the
Agent Tool. The Agent Service runs in the background on the agent, controlling communication
with the SonicWALL CDP appliance.
•
Bare Metal Recovery—Bare Metal Recovery is software that creates a disk image backup. A disk
image backup includes a backup of operating systems, applications and configuration files, software
updates, personal settings and other data. For more information on Bare Metal Recovery, refer to
the Bare Metal Recovery and Local Archiving - Workstation User’s Guide, available on the
SonicWALL Web site, <http://www.sonicwall.com/us/Support.html>.
•
Local Archiving—Local archiving is a feature of the SonicWALL CDP Enterprise Manager that
allows an administrator to archive some or all of the contents of your SonicWALL CDP appliance
onto a USB device. This feature can also be used to create a portable backup that can be restored at
another site that does not have a SonicWALL CDP appliance. Data can be archived to the USB
device in encrypted format. For more information about local archiving, see the “Configuring
SonicWALL CDP Local Archiving” section on page 180.
SonicWALL CDP 5.0 Administrator’s Guide
15
SonicWALL CDP Software
Web-Based Management Interface
The operating system inside the SonicWALL appliance is called firmware. The management interface is
a Web browser-based interface that allows the SonicWALL CDP administrator to configure the
SonicWALL CDP appliance firmware.
The management interface provides the administrator the ability to register the appliance, view and
configure system and network settings, and purge data from the appliance. You can also view activity
reports in the management interface, or configure emailed reports.
Figure 3 provides the Web browser display of the user interface.
Figure 3
Web Management Interface
SonicWALL CDP 5.0 Administrator’s Guide
16
SonicWALL CDP Software
The user interface provides the System controls outlined in Table 3, accessible from the tab column on
the left side of the user interface.
Table 3
Web Management Interface System Controls
System Control
Description
Status
Status provides a display of system messages, alerts, system
information and CDP data. System information includes the
appliance model number and serial number, CPU description, total
memory, up time, version, and operating system type.
Time
Time provides the administrator the ability to set the system time
and add or delete NTP servers.
Diagnostics
Diagnostics provides the administrator with a view of system
processes, CPU information, memory utilization, network
information and storage statistics.
Purge Data
Purge Data provides the administrator the ability to purge all
agent information and backed up files on the appliance. Purging
data will not reset IP or password configuration.
Device Reset
Device Reset provides the administrator the ability to reset the
appliance configuration to factory defaults. Resetting the appliance
to factory default settings removes all data and configuration settings,
and reboots the appliance
Upgrade
Upgrade provides the administrator the ability to upgrade the
system.
RAID
RAID provides the administrator the ability to view the status of
the hard drives on appliances with RAID capability. This page is
not available on SonicWALL CDP appliances that do not provide
RAID.
Licenses
Licenses provides the administrator a link for registering the
appliance, and after registration provides status information for
system licenses.
GMS
GMS provides the administrator the ability to enable and
configure GMS management of the CDP appliance.
Reports
Reports provides the administrator the ability to view activity
reports or configured emailed reports.
Restart
Restart provides the administrator the ability to restart the system.
SonicWALL CDP 5.0 Administrator’s Guide
17
SonicWALL CDP Software
The management interface provides the Network controls outlined in Table 4, accessible from the left
pane of the management interface.
Table 4
Management Interface Network Controls
Network Control
Description
Settings
Settings provides the administrator with configuration options,
including IP address, subnet mask, default gateway IP address
and interface, name servers, and hostname and domain.
Connectivity
Connectivity provides the administrator with options for testing
connectivity, including pinging the registration server, pinging a
URL and resolving a URL.
See the following sections for more information about Web management interface settings:
•
“System Status and Information” section on page 18
•
“System Time” section on page 19
•
“System Diagnostics” section on page 19
•
“Purging Data from the SonicWALL CDP Appliance” section on page 20
•
“Resetting to Factory Defaults” section on page 21
•
“Upgrading System Firmware” section on page 21
•
“System RAID” section on page 22
•
“System Licenses” section on page 23
•
“System GMS” section on page 24
•
“System Reports” section on page 24
•
“System Restart” section on page 27
•
“Network Settings” section on page 28
•
“Network Connectivity” section on page 29
System Status and Information
The System > Status page provides a list of system messages and alerts, as well as the following system
information about the SonicWALL CDP appliance:
•
Model
•
Serial number
•
CPU type
•
Total memory
•
Uptime, or time that the system has been booted up
•
Firmware version
•
Operating system type
SonicWALL CDP 5.0 Administrator’s Guide
18
SonicWALL CDP Software
System Time
You can manually set the system time, date, and time zone on the System > Time page or you can
configure the system to use Network Time Protocol (NTP) and configure the NTP servers.
To add an NTP server:
Step 1
On the System > Time page, select the Set time automatically using NTP checkbox.
Step 2
Under NTP Settings, click Add.
Step 3
In the dialog box, type the IP address or FQDN of the NTP server, and then click OK.
System Diagnostics
The Web management interface provides five diagnostics displays for the SonicWALL CDP appliance
on the System > Diagnostics page:
•
CPU information, including vendor ID, model, cache size, MHz, and many characteristics
•
Memory usage, including free memory, buffers in use, cached, active, inactive, swap usage, mapped
pages, and other data
•
Network information, including link status, packet count, and other data for eth0 and eth1, and also
displays active Internet connections with local and foreign addresses, and information about active
UNIX domain sockets
•
System processes, including user ID, process ID, PPID, time, command, and other data
•
Storage statistics, including file system name, total file system capacity, disk space used, disk space
available, percentage of space used, and the directory name where the file system is mounted
To view each page, select the topic in the Diagnostic Tool drop-down list.
SonicWALL CDP 5.0 Administrator’s Guide
19
SonicWALL CDP Software
Purging Data from the SonicWALL CDP Appliance
Purge Data is a function within the management interface. In the event that your appliance is damaged
and needs to be returned to SonicWALL, you may want to purge its contents, including stored data and
agent information.
Caution
Purge data erases all agent information, including backup files. Purge data does not change IP or
password settings.
To purge data from the SonicWALL CDP appliance, perform the following steps:
Step 1
Navigate to System > Purge Data.
Step 2
Click Purge Backup Data.
Step 3
Click Yes - Purge Now to confirm and purge backup data.
Step 4
A confirmation message displays upon completion of data purge.
SonicWALL CDP 5.0 Administrator’s Guide
20
SonicWALL CDP Software
Resetting to Factory Defaults
You can reset the SonicWALL CDP appliance to factory default settings on the System > Device Reset
page. Resetting appliance to factory default settings will remove all data, as well as all configuration settings
and will reboot the appliance.
To reset the appliance to factory defaults:
Step 1
On the System > Device Reset page, click Reset Appliance.
Step 2
In the confirmation page, click Yes.
Upgrading System Firmware
You can upgrade the firmware on your SonicWALL CDP appliance on the System > Upgrade page.
To upgrade firmware:
Step 1
On the System > Upgrade page, to upgrade the appliance to the latest firmware version available from
the SonicWALL online server, click Upgrade to latest version.
Step 2
On the confirmation page, click Yes, Upgrade Now.
Step 3
To download information about available patches you can apply, click Update Patch List. The page
changes to report the status of the download.
Step 4
If you have a copy of the firmware available on your local system or network, click the Browse button
to select it.
Step 5
To upgrade to the selected firmware, click Manual Upgrade.
SonicWALL CDP 5.0 Administrator’s Guide
21
SonicWALL CDP Software
System RAID
The System > RAID page provides a graphical and textual display of the RAID status for the hard drives
on the SonicWALL CDP appliance. The page refreshes the status display every 30 seconds. The System
> RAID page is available only on appliances that have a RAID controller, including the SonicWALL
CDP 6080 and 5040. Some earlier models also provide RAID. The System > RAID page for a
SonicWALL CDP 6080 is shown below:
The SonicWALL CDP 6080 can operate with either four or eight hard drives, while the SonicWALL CDP
5040 accommodates four drives. In SonicWALL CDP 6080 with four drives, the drives in the secondary
array are shown as Not Present at the top of the graphic.
If there is any problem with the RAID configuration on any of the drives, the display will indicate the
status of the drive. RAID will continue to function normally when one drive is impaired or removed, but
data can be lost if two or more drives are unavailable to the RAID controller.
For information about the using the RAID related commands available in the SonicWALL CDP
command line interface, see the “Command Line Interface Reference” section on page 195.
SonicWALL CDP 5.0 Administrator’s Guide
22
SonicWALL CDP Software
If a SonicWALL CDP 6080 Expansion Pack is installed, the secondary array will display the status of
those drives. For full instructions on installing the Expansion Pack, see the SonicWALL 6080 Getting
Started Guide.
For information about replacing a single hard drive on the SonicWALL 6080 or 5040 appliance, see the
SonicWALL 6080 Getting Started Guide or SonicWALL 5040 Getting Started Guide.
System Licenses
You can view the status of SonicWALL CDP services on the System > Licenses page.
Click the Refresh button to update the page after subscribing to a service on MySonicWALL.
SonicWALL CDP 5.0 Administrator’s Guide
23
SonicWALL CDP Software
System GMS
You can manage the SonicWALL CDP appliance from SonicWALL Global Management System (GMS).
The System > GMS page provides a way to add the SonicWALL GMS host name or IP address, and to
specify the number of seconds between heartbeats sent to the SonicWALL GMS system.
For more information about adding the appliance to SonicWALL GMS management, see “Adding a
SonicWALL CDP Appliance to GMS” on page 153.
To prepare the SonicWALL CDP appliance for GMS management:
Step 1
On the System > GMS page, type the GMS host name or IP address of the GMS server and the port
number in the GMS Host Name or IP Address field. The default port is 514.
Step 2
Enter the heartbeat interval, in seconds, in the Heartbeat Interval (seconds) field. The maximum
heartbeat interval is 86400 (24 hours).
Step 3
Click Submit.
System Reports
On the System > Reports page, you can view reports detailing activities taking place on your CDP
appliance. You can also enable daily activity reports to be emailed. When enabled, the activity report for
the previous 24 hours is emailed to the SonicWALL CDP administrator daily at midnight.
SonicWALL CDP 5.0 Administrator’s Guide
24
SonicWALL CDP Software
The Web management interface report is based on data updated every half hour, as seen from the “Last
updated” timestamp. The Web management interface contains functionality to paginate the list.
In the management interface, you can select the view for the current day or the day before. The views
for the level of detail are as follows:
•
Agent summary – Summary of activity per agent
•
Root folder summary – Summary of activity for the folder that was selected for backup
•
Folder summary – Summary of activity for the folder, including the full path, but excluding the
filenames
•
File summary – Summary of activity for the folder, including the full path and filenames
The report is generated by an executable running on the appliance, invoked either on a schedule or by
request from Web management interface. The report includes the following items:
•
Agent name/number
•
A list (or URL link) of all of the files uploaded to a SonicWALL CDP from all agents
•
The file list including full path and timestamp
•
Revision count per agent
SonicWALL CDP 5.0 Administrator’s Guide
25
SonicWALL CDP Software
The Report settings include an option to unsubscribe from email updates.
Email alerts are sent to the email address configured in the SonicWALL CDP Enterprise Manager Mail
Server Settings page. Activity reports are sent to the email address configured in the Enterprise Manager
Administrative Settings page. An activity report is sent daily (at midnight) to the CDP administrator. The
data is based on activity from the previous day. The email generator selects the level of detail based on
the amount of data to report.
Log Features Used in Reporting
The following syslog features are utilized by the SonicWALL CDP:
•
Facility – Segregation of incoming messages based upon a facility level, which is tagged by the
sender.
•
Severity/Priority – Syslog uses eight categories to characterize messages – in ascending order of
severity, the categories are: debug, informational, notice, warning, error, critical, alert, and
emergency.
SonicWALL CDP 5.0 Administrator’s Guide
26
SonicWALL CDP Software
System Restart
You can restart the SonicWALL CDP appliance on the System > Restart page.
To restart the appliance:
Step 1
On the System > Restart page, click Restart your SonicWALL.
Step 2
The page displays confirmation and cancel buttons. Click Yes - Restart Now to restart the appliance, or
click Cancel not to restart.
SonicWALL CDP 5.0 Administrator’s Guide
27
SonicWALL CDP Software
Network Settings
The Network > Settings page provides configuration options for the SonicWALL CDP appliance IP
address, subnet mask, default gateway IP address and interface, name servers, hostname and domain.
For information about configuring the settings available on this page, see “Initial Configuration of
SonicWALL CDP” on page 47.
SonicWALL CDP 5.0 Administrator’s Guide
28
SonicWALL CDP Software
Network Connectivity
The Network > Connectivity page provides options for pinging the SonicWALL registration server,
pinging a URL and resolving a URL.
SonicWALL CDP 5.0 Administrator’s Guide
29
SonicWALL CDP Software
Enterprise Manager
The SonicWALL CDP Enterprise Manager is installed by a network administrator onto a computer and
used to control and monitor the SonicWALL CDP appliance(s) and to administer agent access.
Enterprise Manager is the master control panel to set policies for agents connected to a SonicWALL CDP
appliance. This section provides information about the SonicWALL CDP Enterprise Manager software
features.
For instructions on installing the SonicWALL CDP Enterprise Manager software, see the SonicWALL
CDP Getting Started Guide for your model.
This section includes the following subsections, organized to follow the features available in the toolbar
of the Enterprise Manager user interface:
•
“Enterprise Manager Layout” section on page 31
•
“Status Overview” section on page 33
•
“Agents Overview” section on page 35
•
“Applications Overview” section on page 36
•
“Policies Overview” section on page 37
•
“Search Overview” section on page 39
•
“Reporting Overview” section on page 40
•
“Alerts Overview” section on page 42
•
“Appliance Archive Overview” section on page 43
•
“Help Overview” section on page 44
SonicWALL CDP 5.0 Administrator’s Guide
30
SonicWALL CDP Software
Enterprise Manager Layout
This section provides a brief overview of the Enterprise Manager software. Enterprise Manager is used
by the SonicWALL CDP administrator to control agents and appliances. Enterprise Manager can be
installed in one of the following languages: English, Spanish, Italian, French and German. The language
is determined by the language selected at initial installation. To change the language used in the
Enterprise Manager, you must uninstall and re-install the software. For more information, refer to the
SonicWALL CDP Getting Started Guide for your model.
The Enterprise Manager user interface is depicted in Figure 4.
Figure 4
Enterprise Manager
SonicWALL CDP 5.0 Administrator’s Guide
31
SonicWALL CDP Software
Table 5 provides a list of Enterprise Manager features, accessible using the toolbar at the top of the user
interface.
Table 5
Enterprise Manager Features
Setting
Description
Status
Status provides the administrator with a summary of the SonicWALL
CDP Appliance, including disk usage, settings, and default policies for
agents. For more information on Status, refer to the “Status Overview”
section on page 33.
Agents
Agents allows the administrator to control agent functionality, including
adding, editing and removing agents and agent applications. For more
information on Agents, refer to the “Agents Overview” section on
page 35 and “Managing Agents in Enterprise Manager” section on
page 57.
Applications
Applications allows the administrator to view filtered file types and
predefined and common applications, for example, MS Outlook. For
more information on Applications, refer to the “Applications Overview”
section on page 36.
Policies
Policies allows the administrator to establish individual agent policies,
default policies and common backup policies that propagate across all
agents connected to the SonicWALL CDP Appliance. For more
information on Policies, refer to the “Policies Overview” section on
page 37 and “Managing Policies in Enterprise Manager” section on
page 70.
Search
Search provides the administrator with the ability to search for files or
applications backed up on the appliance. For more information on
Search, refer to the “Search Overview” section on page 39 and
“Performing Searches in Enterprise Manager” section on page 83.
Reporting
Reporting provides key reports for the administrator to manage
SonicWALL CDP. Reporting includes the following reports: Executive
Summary, CDP Agent Summary, Disk Space by File Type, Disk Space
by Agent, Policy Summary, Agents by Policy, Server Application
Backup, Client Application Backup and Offsite Status. For more
information on Reporting, refer to the “Reporting Overview” section on
page 40 and “Generating Reports in Enterprise Manager” section on
page 85.
Alerts
Alerts provides the administrator with an overview of warning messages
that are sent when the SonicWALL CDP appliance reaches predefined
capacity thresholds. Alerts can be configured for automatic email
delivery. For more information on Alerts, refer to the “Alerts Overview”
section on page 42.
Appliance Archive
Appliance Archive allows an administrator to archive some or all of the
contents of a CDP appliance onto a USB device. See “Appliance Archive
Overview” section on page 43 and “Configuring SonicWALL CDP Local
Archiving” section on page 180.
SonicWALL CDP 5.0 Administrator’s Guide
32
SonicWALL CDP Software
Status Overview
Status, a function within Enterprise Manager, provides a system summary for the SonicWALL CDP
appliance and basic usage statistics for all attached agents.
To enter the Status window, click the Status button at the top of the Enterprise Manager interface.
The Status window allows the administrator to view the general status of the appliance and its configured
agents. The left pane provides Administrative Settings, which provides basic information about the
appliance, disk usage, offsite settings and default policy. The right side of the Status window has two
tabs: Activity and Agent Summary. The Activity tab provides information about CDP processes,
including Disk Space Saver, Revision Limiter, and Offsite Uploader. The Agent Summary tab provides
summaries by agent including disk space used, disk space available, and number of files backed up.
Figure 5 provides the Enterprise Manager view of the Status user interface.
Figure 5
Status
SonicWALL CDP 5.0 Administrator’s Guide
33
SonicWALL CDP Software
The following tables provide a description of the fields in the left pane of the Status window.
Table 6
Field
Description
Appliance
Displays the name of the current SonicWALL CDP appliance.
Appliance IP
Displays the IP address of the current SonicWALL CDP appliance.
Administrator Email
Displays the email address of the current administrator to this SonicWALL
CDP appliance.
Registration Code
Displays the registration code for the current SonicWALL CDP appliance.
Agents Installed
Displays the number of agents currently assigned to the SonicWALL CDP
appliance.
Table 7
Disk Usage
Field
Description
Local Usage
Displays the amount of local disk space currently being used, in megabytes.
Local Available
Displays the amount of local disk space available, in megabytes.
Offsite Usage
Displays the amount of offsite (remote) disk space currently being used, in
megabytes.
Offsite Available
Displays the amount of offsite (remote) disk space available, in megabytes.
Table 8
Caution
Administrative Settings
Offsite Settings
Field
Description
Encryption Key
Displays the key needed by administrator to decrypt data stored at the Offsite
service. It is essential to save the Encryption Key in a secure area, such as a
safe or a bank, because data stored at the Offsite Service cannot be restored
without it.
Data from the Offsite Service cannot be recovered without the encryption key, even by SonicWALL
technical support engineers. It is advised that you store your encryption key in a secure location such
as a safe or bank. Your encryption key may be viewed by selecting Edit > Encryption Settings in
the top menu bar
Table 9
Default Policy
Field
Description
Filters
Displays the current filters in use by the SonicWALL CDP appliance
Quota
Displays the current disk space quota for the SonicWALL CDP appliance.
SonicWALL CDP 5.0 Administrator’s Guide
34
SonicWALL CDP Software
Agents Overview
Agents, a function within Enterprise Manager, provides administrators the ability to configure
SonicWALL agents assigned to a SonicWALL CDP appliance.
To view the Agent window, click the Agents button at the top of the Enterprise Manager interface.
The Agents function provides configuration options for agents assigned to the appliance, including a
display of the agents currently backing up. Agents allows the administrator to add, edit agents, and
configure agent applications and agent folders for backup.
Figure 6 provides the Enterprise Manager view of Agents user interface.
Figure 6
Agents
Configuration Examples
For configuration examples of Agent settings, refer to “Managing Agents in Enterprise Manager”
section on page 57.
SonicWALL CDP 5.0 Administrator’s Guide
35
SonicWALL CDP Software
Applications Overview
Applications, a function within Enterprise Manager, allows the administrator to view agent applications
and server applications assigned for backup.
Note
SonicWALL CDP supports agent applications including Outlook and Outlook Express, and server
applications including Microsoft Exchange, Active Directory and SQL Server.
To view the Applications window, click the Applications button at the top of the Enterprise Manager
interface.
The Applications function allows administrators to view agent and server applications assigned for
backup. It provides a list that includes application name, size and most recent backup date. Archives can
be restored or removed within Applications.
Figure 7 provides the Enterprise Manager view of Applications user interface.
Figure 7
Applications
SonicWALL CDP 5.0 Administrator’s Guide
36
SonicWALL CDP Software
Policies Overview
Policies, a function within the Enterprise Manager, allows the administrator to establish common backup
policies that propagate across agents connected to a SonicWALL CDP Appliance or for individual
agents.
Figure 8 illustrates multiple agents communicating to the SonicWALL CDP Appliance for policy
updates.
Figure 8
Multiple Agent Policy Management
1
CDP Appliance
Local Agent
(Enterprise Manager)
2
3
Local Agent
(Agent Service)
CDP Appliance
1
Enterprise Manager updates agent policy on SonicWALL CDP appliance.
2
Agent polls SonicWALL CDP appliance for updates.*
3
SonicWALL CDP appliance responds to agent with policy updates.
* SonicWALL CDP Agents constantly poll the CDP appliance for updates every 2 minutes.
To view the Policies window, click the Policies button at the top of the Enterprise Manager interface.
The Policies function provides the administrator with the ability to define and assign default policies to
individual agents or to groups of agents. Policies may be added, edited or removed on the Policies
window. The Policies window displays policies by name and has options for adding or editing default
policies.
SonicWALL CDP 5.0 Administrator’s Guide
37
SonicWALL CDP Software
Figure 9 displays the Enterprise Manager view of the Policies user interface.
Figure 9
Note
Policies
SonicWALL CDP has a default policy that is initiated at installation. This policy has a filter set to
exclude .tmp files from backup.
Configuration Examples
For configuration examples of Policies settings, refer to “Managing Policies in Enterprise Manager”
section on page 70.
SonicWALL CDP 5.0 Administrator’s Guide
38
SonicWALL CDP Software
Search Overview
Search, a function within Enterprise Manager, provides the administrator with the ability to search for
data stored on the SonicWALL CDP appliance.
To view the Search window, click the Search button at the top of the Enterprise Manager interface.
The Search window allows the administrator to search for specific files, search within server
applications (SQL, Microsoft Exchange and Active Directory) and search within agent applications
(Outlook and Outlook Express).
Figure 10 provides the Enterprise Manager view of the Search user interface.
Figure 10
Search
Configuration Examples
For configuration examples of Search settings, refer to “Performing Searches in Enterprise Manager”
section on page 83.
SonicWALL CDP 5.0 Administrator’s Guide
39
SonicWALL CDP Software
Reporting Overview
Reporting, a function within Enterprise Manager, provides the administrator with key reports on usage
and server status. Report types are listed in detail in Table 10 on page 41.
To view the Reporting window, click the Reporting button in the Enterprise Manager toolbar.
Figure 11 provides the Enterprise Manager view of the Reporting user interface.
Figure 11
Reporting
SonicWALL CDP 5.0 Administrator’s Guide
40
SonicWALL CDP Software
The Reporting window allows the administrator to generate the reports listed in Table 10.
Table 10
Report Types
Report Type
Description
Executive Summary
Executive Summary provides a general overview, including
Appliance Information, Agent Summary and Top 10 (file types by
disk space used).
Agent Summary
Agent Summary provides a summary of agent usage, including file
size, size on disk with revisions, server application size and policy
name.
Disk Space by File Type
Disk Space by File Type provides a summary of disk space usage,
both by file size and number of files, sorted by file extension.
Disk Space by Agent
Disk Space by Agent provides a summary of disk space usage by
agent, including size on disk, percent of total, number of files and
number of revisions.
Policy Summary
Policy Summary provides a summary of policy usage by policy,
including agents assigned to a policy, and backups (including from
the desktop, My Documents and Favorites).
Agents by Policy
Agents by Policy provides a summary of agents sorted by default
policy.
Server Application Backup
Summary
Server Application Backup Summary provides a summary of
server applications selected for backup, including instance, database
name, backup size and number of revisions.
Client Application Backup
Summary
Client Application Backup Summary provides a summary of agent
applications selected for backup, sorted by agent and including path
name, application name, and file size.
Offsite Service
Offsite Service provides a summary of data backed up to the Offsite
Service, sorted both by appliance and agent. This report includes size
of data marked for offsite backup and size of data currently backed
up to the Offsite Service.
Configuration Examples
For configuration examples of Reports settings, refer to “Generating Reports in Enterprise Manager”
section on page 85.
SonicWALL CDP 5.0 Administrator’s Guide
41
SonicWALL CDP Software
Alerts Overview
Alerts, a function within Enterprise Manager, allows the administrator to view a list of alerts that display
before the appliance hits predefined capacity thresholds. Alerts can be configured for automatic email
delivery. SonicWALL CDP uses SMTP as the Mail Transfer Agent.
The settings for email alerts are configured from Enterprise Manager on the Edit > Mail Server Settings
page. For information about setting up email alert delivery, refer to “Configuring Email Alerts in
Enterprise Manager” section on page 86.
To view the Alerts window, click the Alerts button in the Enterprise Manager toolbar.
Figure 12 provides the Enterprise Manager view of the Alerts user interface.
Figure 12
Alerts
The Alerts function allows the administrator to view alerts for the events listed in Table 11.
SonicWALL CDP 5.0 Administrator’s Guide
42
SonicWALL CDP Software
Table 11
Alert Events
Alert Event
Description
Agent Near Capacity
Agent Near Capacity alerts you when an agent has reached a pre-set
capacity threshold. The Agent default is 80% of quota.
Agent Quota Reached
Agent Quota Reached alerts you when an agent quota has been reached,
and when an agent has attempted to exceed the allotted quota.
Appliance Near Capacity
Appliance Near Capacity alerts you when the appliance has reached a
pre-set capacity threshold. The Appliance Warning default is 80%.
Appliance Full
Appliance Full alerts you when the appliance is full and will not accept
further backups. Full is 90% capacity.
Offsite Near Capacity
Offsite Near Capacity alerts you when the Offsite Service is about to
reach a pre-set capacity threshold. The default capacity warning is 80%.
Offsite Full
Offsite Full alerts you when the Offsite Service has reached capacity.
Full is 90% capacity.
Each alert has its own high and low threshold. When a condition is met at or above the high threshold,
SonicWALL CDP will issue an alert.
If the condition improves and the low threshold is reached, the alert resets back to its original state.
As an example, a single OFFSITE_FULL alert is issued when offsite capacity is at or more than 90%
full. Later, after some files are deleted, the offsite capacity is at or below 70% full and the
OFFSITE_FULL alert condition is reset so that it is ready to be issued again when the condition worsens.
The alert IDs for high and low thresholds, as well as point of connection failure, are shown in Table 12:
Table 12
Alert IDs and Thresholds
Alert ID
High
Low
LOCAL_80
80%
60%
LOCAL_FULL
90%
70%
OFFSITE_80
80%
60%
OFFSITE_FULL
90%
70%
PCONN_FAIL
services/
0
parentfilesync/
frequency *4
Appliance Archive Overview
Appliance Archive, a function within Enterprise Manager, is also known as local archiving. The feature
allows an administrator to archive some or all of the contents of a SonicWALL CDP appliance onto a
USB device. This feature can also be used to create a portable backup that can be restored at another site
that does not have a SonicWALL CDP appliance. Data can be archived to the USB device in encrypted
format. The administrator can also configure automated tasks to copy data from the SonicWALL CDP
appliance to a USB device.
SonicWALL CDP 5.0 Administrator’s Guide
43
SonicWALL CDP Software
To view the Appliance Archive window, click the Appliance Archive button in the Enterprise Manager
toolbar.
Local archiving is a licensed service offered at no additional charge. You must obtain a license on
MySonicWALL before using this feature.
For complete information about this feature, see the “Configuring SonicWALL CDP Local Archiving”
section on page 180.
Help Overview
Help, a function within Enterprise Manager, redirects the administrator to online SonicWALL CDP help.
content.
To view the help content, click the Help button in the Enterprise Manager toolbar.
Figure 13 provides the Enterprise Manager view of help content.
Figure 13
Help
SonicWALL CDP 5.0 Administrator’s Guide
44
SonicWALL CDP Software
Agent Tool Overview
The SonicWALL CDP Agent Tool is software installed on every agent (server, laptop or PC intended to
be backed up on the SonicWALL CDP Appliance).
The Agent Tool is a user interface that allows users of agents to set files and applications for backup (if
so configured by the administrator in the Enterprise Manager) and to recover backed up files. The
SonicWALL Agent Service is installed automatically with the Agent Tool and runs in the background,
communicating with the CDP appliance.
By default, the Agent Tool includes four controls: Status, Folders, Applications, and Search. These
controls are displayed in Figure 14, which depicts the Agent Tool toolbar.
Figure 14
Agent Tool Toolbar
Agent access to these controls is granted and administered by the administrator using the Enterprise
Manager. Table 13 provides an overview of the four default Agent Tool controls:
Table 13
Agent Tool Default Controls
Default Control
Description
Status
Status, a function within the Agent Tool, provides the user with a general
overview, including agent information, agent status and policy settings.
Folders
Folders, a function within the Agent Tool, provides the user with a list of
folders being backed up and folder Offsite Service status. The Folders
function also provides the ability to add folders, add common folders and
remove old file versions.
Applications
Applications, a function within the Agent Tool, provides the user with the
backup status of agent and server applications and with the option to add
applications for backup.
Search
Search, a function within the Agent Tool, provides the user with the
ability to search for files, server applications and agent applications. The
Search function also provides the option to restore files and remove old
file versions.
Help
Help, a function within the Agent Tool, redirects the user to online
SonicWALL CDP help.
SonicWALL CDP 5.0 Administrator’s Guide
45
SonicWALL CDP Software
Figure 15 provides the Agent Tool view of the user interface.
Figure 15
Note
Agent Tool Interface
For more information on using the SonicWALL CDP Agent Tool, refer to the SonicWALL CDP Agent
Tool User’s Guide.
SonicWALL CDP 5.0 Administrator’s Guide
46
Configuring SonicWALL CDP
Configuring SonicWALL CDP
This section provides basic configuration information for your SonicWALL CDP appliance using the
Web management interface and the Enterprise Manager.
This section includes the following subsections:
•
“Initial Configuration of SonicWALL CDP” section on page 47
•
“Editing Enterprise Manager Administrative Settings” section on page 53
•
“Changing the SonicWALL CDP Appliance” section on page 54
•
“Encryption Key Management” section on page 55
•
“Checking for Firmware Updates” section on page 55
•
“Checking for Software Updates” section on page 56
•
“Resetting a Lost Password” section on page 56
Initial Configuration of SonicWALL CDP
To prepare your SonicWALL CDP for first use, it is necessary to add a name server, configure a static
IP address and set the local time zone for the SonicWALL CDP appliance. All of these are configured
in the Web-based management interface. The SonicWALL CDP appliance requires at least one valid
name server and the correct time zone settings and a static IP address on your local subnet in order to
communicate with your network.
For more information on registration and initial setup of SonicWALL CDP, refer to the SonicWALL CDP
Getting Started Guide for your model.
This section contains the following subsections:
•
“Configuring Local Time Zone” section on page 48
•
“Configuring a Static IP Address” section on page 49
•
“Configuring a Default Gateway” section on page 51
•
“Configuring Domain Name Server (DNS) Address” section on page 51
•
“Testing Internet Connectivity” section on page 52
SonicWALL CDP 5.0 Administrator’s Guide
47
Configuring SonicWALL CDP
Configuring Local Time Zone
To configure local time zone settings and a local time zone on your SonicWALL CDP appliance, perform
the following steps:
Step 1
Log into the Web-based management interface.
Step 2
Navigate to System > Time in the left-hand navigation menu.
Step 3
Complete the fields as described in the table below:
Field
Time (hh:mm:ss)
Date
Time Zone
Set time automatically
using NTP
NTP Server
Step 4
Description
Select the time (hours:minutes:seconds) from the drop-down menus
in. The time is in 24 hour format.
Select the date (month, day, year) from the drop-down menus.
Select your local time zone form the drop down menu.
Check this box to allow the time to set automatically using the
default NTP server.
Click the Add button to add your own NTP server. If you do not add
your own NTP server, an internal list of servers will be used by
default.
Click the Accept button to save changes.
SonicWALL CDP 5.0 Administrator’s Guide
48
Configuring SonicWALL CDP
Configuring a Static IP Address
This section describes how to configure your SonicWALL CDP appliance with a static IP address on
your local subnet.
Note
Once the IP address of your SonicWALL CDP appliance is changed, you will not be able to access
the appliance without this address. Before continuing, make a note of the chosen IP address for your
SonicWALL CDP appliance.
To configure a static IP address for your SonicWALL CDP appliance, perform the following steps:
Step 1
Using the supplied crossover cable and the computer you are using to administer the SonicWALL CDP
appliance, connect the LAN port on the computer to the LAN port on the back of your SonicWALL CDP
appliance.
Administration
Computer
CDP Appliance
Step 2
Configure the computer with an available IP address on the 192.168.168.0/24 subnet, such as
192.168.168.50. For help with setting up a static IP address on your computer, refer to the SonicWALL
CDP Getting Started Guide for your model.
Step 3
Open a Web browser on the computer and enter http://192.168.168.169 (the default IP address of the
SonicWALL CDP appliance) in the Location or Address field. The SonicWALL CDP Static IP
Management login screen displays.
SonicWALL CDP 5.0 Administrator’s Guide
49
Configuring SonicWALL CDP
Step 4
Enter “admin” in the User Name field and “password” in the Password field. Select your preferred
language from the Language drop-down menu. Click the Login button.
Step 5
Navigate to Network > Settings in the left-hand navigation menu.
Step 6
Click the Configure icon in the Interfaces table.
Step 7
In the IP Address field, enter an unused static IP address that is within the range of your local subnet.
Step 8
Enter the subnet mask for your local subnet into the Subnet Mask field.
Step 9
Optionally enter a description in the Comment field.
Step 10 Click the OK button.
Step 11 Press the Submit button to submit the IP address change.
Step 12 Disconnect your management computer from the CDP. Your SonicWALL CDP appliance is now set to
communicate with your network using a static IP address.
For more information on initial setup of your SonicWALL CDP appliance, refer to the SonicWALL CDP
Getting Started Guide for your model.
SonicWALL CDP 5.0 Administrator’s Guide
50
Configuring SonicWALL CDP
Configuring a Default Gateway
This section describes how to configure the SonicWALL CDP appliance with the default gateway for
your local network.
Step 1
In the Web-based management interface, navigate to Network > Settings in the left-hand navigation
menu.
Step 2
Under Network Routes, click the Configure button in the row for the default Destination Network.
Step 3
In the Default Gateway dialog box, type the IP address of your gateway device in the Default Gateway
field.
Step 4
Click OK.
Step 5
On the Network > Settings page, click the Accept button at the top of the screen to save your settings.
Configuring Domain Name Server (DNS) Address
At least one valid name server must be configured for the SonicWALL CDP appliance to communicate
with the portal, registration and time servers.
You will not be able to register or use SonicWALL CDP without a valid DNS server configuration. The
Appliance Registration Wizard will test your Internet connectivity using your DNS configuration. For
more information, refer to the SonicWALL CDP Getting Started Guide for your model.
To configure a domain name server, perform the following steps:
Step 1
In the Web-based management interface, navigate to Network > Settings in the left-hand navigation
menu.
Step 2
Scroll down to Name Servers and click Add
Step 3
In the Add/Entry field, enter the IP address of a single domain name server
SonicWALL CDP 5.0 Administrator’s Guide
51
Configuring SonicWALL CDP
Step 4
Click the OK button.
Step 5
Repeat steps 2 through 4 to add additional DNS servers.
Step 6
On the Network > Settings page, click the Accept button to save your settings.
Testing Internet Connectivity
SonicWALL CDP will not work without valid interface and domain settings allowing for Internet
connectivity. Your Internet connectivity will be tested before you can register and use the Enterprise
Manager and Agent Tool software, however, it is recommended that you test your connection manually
before proceeding. To test your Internet connectivity, perform the following steps:
Step 1
Navigate to Network > Connectivity in the left-hand navigation menu.
Step 2
Click Ping Registration Server to verify that your SonicWALL CDP can communicate with the
SonicWALL registration server.
Step 3
In the http:// field under Ping URL, enter a URL to ping, or leave the field blank to ping
www.sonicwall.com to test Internet connectivity. Click Ping URL.
Step 4
Under Resolve URL, enter a URL to resolve, or leave the field blank to resolve www.sonicwall.com.
Click Resolve URL.
SonicWALL CDP 5.0 Administrator’s Guide
52
Configuring SonicWALL CDP
Editing Enterprise Manager Administrative Settings
The Enterprise Manager provides a way to edit the administrative settings, such as the SonicWALL CDP
appliance name and the user information for the appliance administrator.
To edit your Enterprise Manager administrative settings, perform the following steps:
Step 1
Select Edit > Administrator Settings in the top menu bar of the Enterprise Manager software.
Step 2
Fill in the fields as described in Table 14.
Table 14
Step 3
Administrator Settings
Field
Description
First Name
Enter your first name into the First Name field.
Last Name
Enter your last name into the Last Name field.
Email Address
Enter the administrator email address into the Email Address field. Enter a
valid email address.
Password
Create a password in the Password field. Your password must be at least 6
characters long.
Confirm Password
Re-enter your password in the Password field.
Server Name
Enter your server name in the Server Name field. Your server name may be
up to 40 characters in length.
Click the Save button.
Figure 16 provides the Enterprise Manager view of the Administrator Settings dialog window.
Figure 16
Administrator Settings Dialog Window
SonicWALL CDP 5.0 Administrator’s Guide
53
Configuring SonicWALL CDP
Changing the SonicWALL CDP Appliance
The Change SonicWALL CDP Appliance feature allows the administrator to change appliances in a
multiple-appliance deployment scenario.
Note
If you want to connect to an appliance that is not on the local broadcast domain, you must exit and
re-launch the Enterprise Manager, then select “Manual Connection” to specify the IP address of the
target SonicWALL CDP appliance.
To change your SonicWALL CDP appliance, perform the following steps:
Step 1
Select Tools > Change Appliance in the top menu bar of the Enterprise Manager software.
Step 2
Select the desired appliance and click the Connect button to change to that appliance.
SonicWALL CDP 5.0 Administrator’s Guide
54
Configuring SonicWALL CDP
Encryption Key Management
The Encryption management feature allows the administrator to enable AES 256-bit encryption to
protect data being securely transmitted to the Offsite Service. The administrator may also view the
encryption key using Encryption Key Management.
Note
Print the encryption key and store it in a secure location, such as a bank or vault. Data stored at the
Offsite Service cannot be recovered without the encryption key, even by SonicWALL technical
support engineers.
To manage your encryption key, perform the following steps:
Step 1
Select Edit > Encryption Settings in the top menu bar of the Enterprise Manager software.
Step 2
To save the key locally, click Copy Key to Clipboard. You can then paste the key to a file for storage.
Step 3
To print the key, click the Printable Key button. A new window will display that you can print for your
records.
Step 4
Click the Close button when you are finished.
Resetting the Encryption Key
The encryption key cannot be reset.
Contact SonicWALL Technical Support for more information.
Checking for Firmware Updates
The SonicWALL CDP automatically searches for and installs firmware updates at startup, and again
every six hours. If SonicWALL releases a new firmware version or update, it will be automatically
located and installed.
The Check for Updates feature allows the administrator to manually check for and download the latest
SonicWALL CDP firmware updates.
To manually check for new firmware updates, perform the following steps:
Step 1
Select Tools > Check for Updates in the top menu bar.
Step 2
Click the Yes button at the prompt to search for and download firmware updates.
Step 3
SonicWALL CDP will automatically update if there are new updates.
SonicWALL CDP 5.0 Administrator’s Guide
55
Configuring SonicWALL CDP
Checking for Software Updates
The SonicWALL CDP automatically searches for and installs software updates at startup, and again
every six hours. If SonicWALL releases a new software version or update, it will be automatically
located and installed.
The Check for Updates feature allows the administrator to manually check for and download the latest
SonicWALL CDP software updates.
To manually check for new software updates, perform the following steps:
Step 1
Select Tools > Check for Updates in the top menu bar.
Step 2
Click the Yes button at the prompt to search for and download software updates.
Step 3
SonicWALL CDP appliance is automatically updated if there are new updates.
Resetting a Lost Password
You can reset a lost password in the SonicWALL CDP Enterprise Manager or by using the Command
Line Interface (CLI). For information about using the CLI to reset a lost password, see the Example Use
Case: , page 199.
To reset a lost password using SonicWALL CDP Enterprise Manager, perform the following steps:
Step 1
Launch the CDP Enterprise Manager.
Step 2
Click the Lost Password link on the login screen.
Step 3
You will be prompted to confirm the new password. Click OK to confirm or No to cancel.
Step 4
You will receive a confirmation that the password has been reset and the new password will be sent to
the email address that was used to register the appliance.
SonicWALL CDP 5.0 Administrator’s Guide
56
Using SonicWALL CDP Enterprise Manager
Using SonicWALL CDP Enterprise Manager
This section describes how to use Enterprise Manager to manage agent systems and configure backup
policies. See the following subsections:
•
“Managing Agents in Enterprise Manager” on page 57
•
“Managing Policies in Enterprise Manager” on page 70
•
“Performing Searches in Enterprise Manager” on page 83
•
“Generating Reports in Enterprise Manager” on page 85
•
“Configuring Email Alerts in Enterprise Manager” on page 86
Managing Agents in Enterprise Manager
This section provides a configuration list specific to the Agent tab in Enterprise Manager. This section
includes the following subsections:
•
“Agent Security Handshake Overview” section on page 58
•
“Adding a New Agent” section on page 59
•
“Editing an Agent’s Name” section on page 60
•
“Selecting an Agent’s Policy” section on page 60
•
“Resetting an Agent’s Key” section on page 61
•
“Removing an Agent” section on page 62
•
“Managing Agent Folders” section on page 63
•
“Configuring Agent Application Backup” section on page 67
SonicWALL CDP 5.0 Administrator’s Guide
57
Using SonicWALL CDP Enterprise Manager
Agent Security Handshake Overview
The SonicWALL CDP Enterprise Manager recognizes agents (servers, laptops and PCs) using an agent
name, which is the same as the agent’s Windows Computer Name. The Windows Computer Name can
be viewed and edited by right-clicking My Computer, selecting Properties, and clicking the Computer
Name tab.
The first time a CDP agent communicates with a CDP appliance, it securely requests a
handshake-password, which will be stored in the local registry and used for future validation.
If a handshake-password has already been created for another agent, the command will fail and the agent
will not be allowed to connect. The following message displays for unauthorized agents:
In the event that a disaster restore is necessary, the administrator will need to reset the
handshake-password in the Enterprise Manager.
SonicWALL CDP 5.0 Administrator’s Guide
58
Using SonicWALL CDP Enterprise Manager
To reset the handshake-password, perform the following tasks:
Step 1
Login to the Enterprise Manager.
Step 2
Click Agents in the top menu bar.
Step 3
In the left pane, select the agent to reset from the SonicWALL CDP Agents list.
Step 4
In the right pane, click Reset Key.
Step 5
A popup displays. Click OK to reset the key.
Step 6
A confirmation displays.
Adding a New Agent
The Add New Agent feature within the Enterprise Manager allows the administrator to add agents to
SonicWALL CDP.SonicWALL CDP recognizes agents by agent name, which is the same as Computer
Name. Follow the tasks in this section to add a new agent whenever you have a new server, laptop or PC
that you would like to backup using SonicWALL CDP.
Adding an agent is a two-step process: It is necessary to add the agent to the Enterprise Manager, and to
install the Agent Tool software on the agent computer.
If you do not install the Agent Tool software onto the agent, it will not appear in the Enterprise Manager
at the next startup.
This set of instructions provides the instructions for adding an agent using the Add New Agent feature
in the Enterprise Manager. For instructions on installing the Agent Tool, refer to the Agent Tool User’s
Guide.
To add a new agent, perform the following steps:
Step 1
At the top of the window, click the Agents button to view the Agent Management window.
Step 2
On the Agents page, click the Add New Agent button to open the Add Agent dialog.
Step 3
Enter the name of the agent you want to add in the Enter CDP Agent Name field.
Step 4
Click the Add Agent button to add the new agent.
Step 5
Install the Agent Tool on the added computer, if it is not already installed.
SonicWALL CDP 5.0 Administrator’s Guide
59
Using SonicWALL CDP Enterprise Manager
Editing an Agent’s Name
The Edit Name function allows the administrator to change an inoperable agent’s name in the Enterprise
Manager. SonicWALL CDP recognizes agents by agent name, which is the same as Computer Name.
In order to recover backed up data from an agent that has been rendered inoperable, it is necessary to
change the name of that agent in Enterprise Manager to match the name of a new agent. The new name
must be the same as the Computer Name of the new agent.
Editing an inoperable agent’s name to match a new agent allows Enterprise Manager to recognize the
new agent and associate backed up data from the inoperable agent with the newly assigned agent.
Note
The Edit Name function should only be used to recover data from disabled agents. An alternate
solution is to configure the new agent with the same Computer Name as the disabled agent. To change
the Computer Name, right click My Computer and select Properties. Click the Computer Name
tab and select Change, then type in the Computer Name of your previous computer.
To edit an agent’s name, perform the following steps:
Step 1
At the top of the window, click the Agents button to view the Agent Management window.
Step 2
Select an agent from the SonicWALL CDP Agents list in the left hand navigation bar.
Step 3
On the Agents page, click the Edit Name button to open the Rename Agent dialog.
Step 4
Enter the desired name in the Rename To field.
Step 5
Click the Rename button to change the agent name.
Selecting an Agent’s Policy
The Select Policy view is within the Agent view in the Enterprise Manager.
Selecting an agent’s policy allows the administrator to assign an agent to a new policy. If an agent is
moved from a default policy to a custom policy, the data previously backed up will remain on the
appliance. However, if the agent is moved from a custom policy to a different custom policy, the data
previously backed up will be purged from the appliance.
To select an agent’s policy, perform the following steps:
Step 1
At the top of the window, click the Agents button to view the Agent Management window.
Step 2
Select an agent from the SonicWALL CDP Agents list in the left hand navigation bar.
Step 3
Click the Select Policy button in the Agent window.
Step 4
Select a policy from the Current Policy list and click the Update button to apply changes.
SonicWALL CDP 5.0 Administrator’s Guide
60
Using SonicWALL CDP Enterprise Manager
Resetting an Agent’s Key
The administrator may need to reset the handshake-password for an agent. To reset the
handshake-password, perform the following tasks:
Step 1
At the top of the window, click the Agents button to view the Agent Management window.
Step 2
Select an agent from the SonicWALL CDP Agents list in the left hand navigation bar.
Step 3
Click the Reset Key button in the agent window.
Step 4
A popup displays. Click OK to reset the key.
Step 5
A confirmation displays.
SonicWALL CDP 5.0 Administrator’s Guide
61
Using SonicWALL CDP Enterprise Manager
Removing an Agent
The Remove Agent view is within the Agents view in the Enterprise Manager. Removing an agent allows
the administrator to remove the rights of an agent to connect to the SonicWALL CDP. If an agent is
removed and tries to connect, the agent will be blocked from connecting or backing up to the
SonicWALL CDP.
Removing an agent requires the following two steps:
•
Removing the agent using the Enterprise Manager.
•
Uninstalling the Agent Tool from the agent.
If a user uninstalls the Agent Tool from an agent, or removes the agent from the network, the agent
settings will not be changed and previously backed up data will remain on the appliance. Similarly, if an
administrator removes an agent, and the Agent Tool remains on the agent, the agent will reappear in the
Enterprise Manager at the next startup.
If you do not uninstall the Agent Tool software from the agent computer, the agent will reappear in the
Enterprise Manager at the next startup.
Note
If you remove an agent from the agents list in the Enterprise Manager, any data associated with the
agent will be purged from the appliance.
To remove an agent, perform the following steps:
Step 1
At the top of the window, click the Agents button to view the Agent Management window.
Step 2
In the SonicWALL CPDP Agents list in the left-hand window, select the agent you want to remove.
Step 3
In the Agents page, click the Remove Agent button.
Step 4
A warning screen displays. Click the Yes button to remove the agent from the SonicWALL
CDP appliance.
Step 5
Uninstall the Agent Tool software from the agent computer, if you have not already done so.
SonicWALL CDP 5.0 Administrator’s Guide
62
Using SonicWALL CDP Enterprise Manager
Managing Agent Folders
The Folders view is within the Agent view in the Enterprise Manager. The Folders view allows the
administrator to administer agent folders for backup.
This section contains the following subsections:
•
“Adding a Folder” section on page 64
•
“Adding a Common Folder” section on page 64
•
“Viewing and Restoring Old File Versions” section on page 64
•
“Backing Up Files to the Offsite Service” section on page 66
•
“Retrieving Folders to a Location” section on page 66
•
“Viewing Folder Properties” section on page 66
To manage agent folders within the Folders view, perform the following steps:
Step 1
At the top of the window, click the Agents button to view the Agent Management window.
Step 2
Select the Agent you want to view from the SonicWALL CDP Agents list.
Step 3
Click the Folders icon in the Agent window to display the Folders view.
SonicWALL CDP 5.0 Administrator’s Guide
63
Using SonicWALL CDP Enterprise Manager
Adding a Folder
Adding a folder allows the administrator to add folders to be automatically backed up from agents.
If a folder is selected for backup that does not exist on the agent, it will not be backed up.
To add an agent folder for backup, perform the following steps:
Step 1
In the Agent window, select the Agent you want to view from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders View.
Step 3
In the Folders window at the bottom of the Agent screen, click Add Folder.
Step 4
Enter the folder you want to add (<drive_letter>:\<folder>\).
Step 5
Click the Save button. Repeat the process to add more folders.
Adding a Common Folder
Adding a common folder allows the administrator to select common folders (Desktop, Favorites and My
Documents) to be backed up across agents in a selected policy.
To add a common folder, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders View.
Step 3
In the Folders window at the bottom of the Agent screen, click Add Common Folder.
Step 4
In the Add Common Folder Backup dialog box, choose the folder you want to add (folders may only
be added one at a time).
Step 5
Select the Set For Offsite Backup checkbox if you want this folder to be backed up to the Offsite
Service.
Step 6
Click the OK button. Repeat the process to add more folders.
Viewing and Restoring Old File Versions
Multiple versions of each file are archived using SonicWALL CDP. You can view and restore old file
versions of a single file. If a newer version of a file gets damaged, it is possible to restore an older
version.
To restore an old file version, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders View.
Step 3
In the Folders window at the bottom of the Agent screen, click Save to Location.
SonicWALL CDP 5.0 Administrator’s Guide
64
Using SonicWALL CDP Enterprise Manager
Step 4
The Save Folder to Location displays, providing the properties of the folder.
Step 5
Click Browse to select a location to restore the folder.
Step 6
Select a location or click Make a New Folder. Click OK.
Step 7
Click Restore.
Removing Old File Versions
Multiple versions of each file are archived using SonicWALL CDP. Because SonicWALL CDP has the
option to store unlimited versions of each file, for space considerations it may be necessary to remove
outdated versions periodically.
To remove old file versions, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders View.
Step 3
In the Folders window at the bottom of the Agent screen, click Remove Old Versions.
Note
Step 4
You can also choose to remove old file versions from specific folders by first clicking the folder in
the agent view, and then clicking Remove Old Versions.
Click the Yes button to remove all old file versions.
SonicWALL CDP 5.0 Administrator’s Guide
65
Using SonicWALL CDP Enterprise Manager
Backing Up Files to the Offsite Service
Backup Offsite provides the administrator the ability to select files for backup to the Offsite Service,
where they are stored securely and can be recovered in the event of a disaster that renders local data
destroyed or otherwise unrecoverable.
Note
Backup Offsite will only work if you have a subscription for backup to the Offsite Service.
To backup files to the Offsite Service, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders View.
Step 3
Select the folder you want to backup to the Offsite Service.
Step 4
In the Folders window at the bottom of the Agent screen, click Backup Offsite.
Step 5
Select the Check for offsite backup checkbox and click the Set Status button.
Retrieving Folders to a Location
Administrators have the ability to retrieve saved folders and save them to a specified location.
To retrieve saved folders and save them to a specified location, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders view.
Step 3
Select the folder you want to save.
Step 4
In the Folders window at the bottom of the Agent screen, click Save to Location.
Step 5
Choose a location to save the folder and click the OK button.
Viewing Folder Properties
Viewing the folder properties provides the administrator with a summary of agent folders, including total
folder size and the number of files it contains.
To view folder properties, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Folders button to view Folders view.
Step 3
Select the folder you want to view properties for.
Step 4
In the Folders window at the bottom of the Agent screen, click Properties.
SonicWALL CDP 5.0 Administrator’s Guide
66
Using SonicWALL CDP Enterprise Manager
Configuring Agent Application Backup
The Applications view in the Enterprise Manager allows the administrator to add, remove, or restore
applications for revision backup. The Applications view is specific to the selected agent in the Agents
view.
Applications that can be configured for revision backup using SonicWALL CDP include agent
applications Outlook and Outlook Express and server applications Microsoft Exchange, Active
Directory and SQL Server.
Note
Active Directory, Microsoft Exchange and SQL Server can only be configured for backup or
recovery using the Agent Tool.
This section includes the following subsections:
•
“Adding an Application for Backup” section on page 68
•
“Removing an Application from Backup” section on page 69
•
“Restoring an Application” section on page 69
To navigate to the Applications view for agents, perform the following steps:
Step 1
Click the Agents button in the Enterprise Manager toolbar.
Step 2
Select the agent you want to view from the SonicWALL CDP Agents list in the left-hand navigation
toolbar.
Step 3
Click the Applications icon in the agent window.
SonicWALL CDP 5.0 Administrator’s Guide
67
Using SonicWALL CDP Enterprise Manager
Adding an Application for Backup
Adding an application allows the administrator to add applications for backup. Applications that can be
configured for revision backup using SonicWALL CDP include:
•
Agent applications, including Outlook and Outlook Express.
•
Server applications, including Microsoft Exchange, Active Directory and SQL Server.
To add an application for backup, perform the following steps:
Step 1
In the Agent view, select the Agent you want to administer from the SonicWALL CDP Agents list.
Step 2
Click the Applications button to view the Agent window.
Step 3
Click the Add Application button.
Note
With the exception of Outlook and Outlook Express, only applications that are installed on your local
PC display in the Add Application Backup dialog box.
Step 4
Select the desired application from the list.
Step 5
Check the Set For Offsite Backup option for the folder to be backed up to the Offsite Service.
Step 6
Click the Add button. Repeat the process to add more applications.
Note
If the dialog box is empty when you click Add, there are no applications installed on the agent to be
backed up.
SonicWALL CDP 5.0 Administrator’s Guide
68
Using SonicWALL CDP Enterprise Manager
Removing an Application from Backup
Removing an application from backup allows the administrator to remove previously selected
applications from the backup process.
Applications that can be configured for revision backup using SonicWALL CDP include agent
applications Outlook and Outlook Express and server applications Microsoft Exchange, Active
Directory and SQL Server.
To remove an application from backup, perform the following steps:
Step 1
In the Agent view, select the Agent you wish to administer from the SonicWALL CDP Agents list.
Step 2
Click the Applications button to view Applications View.
Step 3
Select the desired application from the list in the Agent window.
Step 4
Click the Remove Application button.
Step 5
A warning screen displays. Click Yes to remove the application.
Restoring an Application
Restoring an application allows the administrator to restore an application revision to an agent’s
computer.
Applications that can be configured for revision backup using SonicWALL CDP include agent
applications Outlook and Outlook Express and server applications Microsoft Exchange, Active
Directory and SQL Server.
For specific details on recovering data from server applications, refer to the following:
•
“Recovering Data from Active Directory” section on page 131
•
“Recovering Data from Microsoft Exchange” section on page 123
•
“Recovering Data from Microsoft SQL Server” section on page 133
To restore an old version of an application, perform the following steps:
Step 1
In the Agent view, select the Agent you wish to administer from the SonicWALL CDP Agents list.
Step 2
Click the Applications button to view Applications View.
Step 3
Right-click on the desired application from the list in the Agent window and select Expand Children.
SonicWALL CDP 5.0 Administrator’s Guide
69
Using SonicWALL CDP Enterprise Manager
Step 4
Note
Right-click on the archive file and select Restore a Version.
When using the Enterprise Manager to restore an agent folder, restore will take place locally (on the
Enterprise Manager machine) by default.
Managing Policies in Enterprise Manager
This section provides a configuration list specific to Policies in the Enterprise Manager. There are two
kinds of policies, default and custom. Agents are assigned to the default policy unless they are moved
to a custom policy. This section includes the following subsections:
•
“Managing the Default Policy” section on page 70
•
“Adding a New Policy” section on page 73
•
“Applying a Policy” section on page 77
•
“Editing a Policy” section on page 77
•
“Removing a Policy” section on page 82
Managing the Default Policy
The default policy is automatically assigned to agents using SonicWALL CDP. Whenever an agent is
added to SonicWALL CDP or removed from a custom policy, the agent will be added to the default
policy. It is recommended that the default policy backup quota be set to zero, so that agents must be
assigned to a custom policy before they can begin the backup process.
Note
If an agent is switched from the default policy to a custom policy, the data previously backed up will
remain on the appliance. However, if the agent is moved from a custom policy to a different custom
policy, the data previously backed up will be purged from the appliance.
SonicWALL CDP 5.0 Administrator’s Guide
70
Using SonicWALL CDP Enterprise Manager
To manage the default policy, perform the following steps:
Step 1
At the top of the window, click the Policies button.
Step 2
Click the Edit Default Policy button near the top of the Policy window, or click the Edit Default Policy
link in the right pane.
The Edit Policy dialog displays for the default policy.
SonicWALL CDP 5.0 Administrator’s Guide
71
Using SonicWALL CDP Enterprise Manager
Step 3
Note
Step 4
Edit General Settings for the policy as follows:
1.
The Policy Name field cannot be changed.
2.
Enter a maximum backup quota (in Gigabytes) for this policy in the Quota field.
A maximum backup quota must be less than the capacity of your SonicWALL CDP appliance.
Though you cannot oversubscribe an agent, you will receive an alert when the appliance has reached
80% capacity, and you may wish to recalculate the maximum agent policies.
3.
Select the Enable Local Management checkbox to give agents the ability to manage
their policy locally.
4.
Select the Enable Offsite Backup For This Policy checkbox to allow secure backups to the Offsite
Service.
Edit Folder Settings and Application Settings as needed. The procedures are the same as those used
when adding a new policy. Refer to the following sections for complete instructions:
•
“Filtering File Extensions” section on page 74
•
“Managing Common Folders” section on page 75
•
“Managing Predefined Folders” section on page 76
•
“Managing Predefined Applications” section on page 76
SonicWALL CDP 5.0 Administrator’s Guide
72
Using SonicWALL CDP Enterprise Manager
Adding a New Policy
Adding a new policy allows the administrator to add custom policies that can be assigned to agents in
lieu of the default policy.
To add a new policy, perform the following steps:
Step 1
At the top of the window, click the Policies button.
Step 2
Click the Add New Policy button near the top of the Policy window, or click the Add New Policy link
in the right pane. The Policy Management dialog displays.
SonicWALL CDP 5.0 Administrator’s Guide
73
Using SonicWALL CDP Enterprise Manager
Step 3
Edit General Settings for the policy as follows:
Editing General Settings
Note
1.
Enter a friendly name for this policy in the Policy Name Field.
2.
Enter a maximum backup quota (in Gigabytes) for this policy in the Quota field.
A maximum backup quota must be less than the capacity of your SonicWALL CDP appliance.
Though you cannot oversubscribe an agent, you will receive an alert when the appliance has reached
80% capacity, and you may wish to recalculate the maximum agent policies.
3.
Check the Enable Local Management option to give agents the ability to manage
their policy locally.
4.
Check the Enable Offsite Backup For This Policy option to allow secure backups to the Offsite
Service.
Filtering File Extensions
This feature allows you to filter out (exclude) any file extensions form being backed up once the policy
is applied to an agent. Only .tmp files are filtered by default.
Note
File extensions may be specified with or without a period. For example, mp3 and .mp3 will both
filter mp3 files.
1.
Click the button to the right of the Filters field.
2.
Click the Add button. The Add Filter Extension dialog displays.
SonicWALL CDP 5.0 Administrator’s Guide
74
Using SonicWALL CDP Enterprise Manager
3.
Enter the file extension you wish to filter (for example: mp3 or .mp3) in the Filter Extension field
and click the Save button.
4.
To add another file extension, click the Add button again. Otherwise, click the Apply Changes
button to add this file extension to the exclusion list.
Managing Common Folders
This feature allows the administrator to edit common folders (desktop, favorites, my documents) defined
for backup.
1.
Click the Manage Common Folders button. The Common Folder Management dialog displays.
2.
Click the Add button to display the Add Common Folder Backup dialog.
3.
Choose the folder you want to add (folders may only be added one at a time).
4.
Check the Set For Offsite Backup option if you want this folder to be backed up to the Offsite
Service.
5.
Click the Add button. Repeat the process to add more folders.
6.
Click the Apply Changes button to add these folders to the backup policy.
SonicWALL CDP 5.0 Administrator’s Guide
75
Using SonicWALL CDP Enterprise Manager
Managing Predefined Folders
This feature allows you to define a folder or set of folders for backup once the policy is applied to an
agent. The folder(s) will be backed up on agents to which this policy is applied.
1.
Click the Manage Predefined Folders button. The Root Folder Management dialog displays.
2.
Click the Add button to display the Root Folder dialog.
3.
Enter the folder you want to add (<drive_letter>:\<folder>).
4.
Check the Set For Offsite Backup option if you want this folder to be backed up to the Offsite
Service.
5.
Click the Save button. Repeat the process to add more folders.
6.
Click the Apply Changes button to add these folders to the backup policy.
Managing Predefined Applications
This feature allows you to define applications for revision backup once the policy is applied to an agent.
The application revisions will be backed up for agents to which this policy is applied.
1.
Click the Manage Predefined Applications button. The Application Management dialog
displays.
2.
Click the Add button to display a list of applications.
3.
Choose the application you want to add (applications may only be added one at a time).
4.
Check the Set For Offsite Backup option if you want this folder to be backed up to the Offsite
Service.
5.
Click the Add button. Repeat the process to add more folders.
6.
Click the Apply Changes button to add these folders to the backup policy.
SonicWALL CDP 5.0 Administrator’s Guide
76
Using SonicWALL CDP Enterprise Manager
Applying a Policy
Once a policy has been created, it can be assigned to any SonicWALL CDP agent(s).
To apply a policy to an agent, perform the following steps:
Step 1
At the top of the window, click the Agents button.
The Agents window displays.
Step 2
Select an Agent from the SonicWALL CDP Agents list.
Step 3
Click the Select Policy button in the Agent window.
Step 4
Select a policy from the Current Policy list and click the Update button to apply changes.
Editing a Policy
Editing a policy allows the administrator to change general settings including backup quota, local
management and Offsite Service backup. It also allows folder filtering and management of folder and
applications for a given policy.
If an agent has already backed up data and then is assigned to a lower-capacity quota, the data previously
backed up will remain on the appliance. For example, if an agent has 20GB stored on the appliance and
is re-assigned to a 5BG policy, the data previously backed up with the larger quota will remain on the
box. However, future backups will only allow 5GB.
To edit a policy, perform the following steps:
Step 1
At the top of the window, click the Policies button.
Step 2
Select a policy to edit from the policies list in the left pane.
Step 3
Click the Edit Policy button in the Policy window.
SonicWALL CDP 5.0 Administrator’s Guide
77
Using SonicWALL CDP Enterprise Manager
The Policy Management dialog displays.
Note
Step 4
You can also edit the default policy by clicking the Policies button and then selecting Edit Default
Policy from the Policies main page.
Edit General Settings for the policy as follows:
Editing General Settings
1.
Enter a friendly name for this policy in the Policy Name Field.
2.
Enter a maximum backup quota (in Gigabytes) for this policy in the Quota field. This is only limited
by the maximum capacity of your appliance. You cannot oversubscribe agents and you will receive
an alert when your appliance has reached 80% capacity.
3.
Check the Enable Local Management option to give agents the ability to manage
their policy locally. (If Enable Local Management is unchecked, agents under the policy will be
restrained from all management activity and will only be able to restore data from the appliance.)
4.
Check the Enable Offsite Backup For This Policy option to allow secure backups to the Offsite
Service.
SonicWALL CDP 5.0 Administrator’s Guide
78
Using SonicWALL CDP Enterprise Manager
Filtering File Extensions
This feature allows you to filter out (exclude) file extensions from being backed up once the policy is
applied to an agent.
Note
File extensions may be specified with or without a period. For example, mp3 and .mp3 will both
filter mp3 files.
1.
Click the button to the right of the Filters field.
2.
Click the Add button. The Add Filter Extension dialog displays.
3.
Enter the file extension you want to filter (for example, mp3 or .mp3) in the Filter Extension field
and click the Save button.
4.
To add another file extension, click the Add button again. Otherwise, click the Apply Changes
button to add this file extension to the exclusion list.
SonicWALL CDP 5.0 Administrator’s Guide
79
Using SonicWALL CDP Enterprise Manager
Managing Common Folders
This feature allows the administrator to edit common folders (Desktop, Favorites and My Documents)
set for backup.
1.
Click the Manage Common Folders button. The Common Folder Management dialog displays.
2.
Click the Add button to display the Common Folder Backup dialog.
3.
Choose the folder you want to add (folders may only be added one at a time).
4.
Check the Set For Offsite Backup option if you want this folder to be backed up to the Offsite
Service.
5.
Click the Add button. Repeat the process to add more folders.
6.
Click the Apply Changes button to add these folders to the backup policy.
Managing Predefined Folders
This feature allows you to define a folder or set of folders for backup once the policy is applied to an
agent. The folder(s) will be backed up on agents to which this policy is applied.
1.
Click the Manage Predefined Folders button. The Root Folder Management dialog displays.
2.
Click the Add button to display the Root Folder dialog.
3.
Enter the folder you want to add (<drive_letter>:\<folder>) or click Browse to select the folder.
4.
Select the Set For Offsite Backup checkbox if you want this folder to be backed up to the Offsite
Service.
5.
Click the OK button. Repeat the process to add more folders.
6.
Click the Apply Changes button to add these folders to the backup policy.
SonicWALL CDP 5.0 Administrator’s Guide
80
Using SonicWALL CDP Enterprise Manager
Managing Predefined Applications
This feature allows administrators to define common applications for revision backup once the policy is
applied to an agent. The application revisions will be backed up on agents to which this policy is applied.
1.
Click the Manage Predefined Applications button. The Application Management dialog
displays.
2.
Click the Add button to display a list of applications.
3.
Choose the application you want to add (applications may only be added one at a time).
4.
Check the Set For Offsite Backup option if you want this folder to be backed up to the Offsite
Service.
5.
Click the Add button. Repeat the process to add more folders.
6.
Click the Apply Changes button to add these folders to the backup policy.
SonicWALL CDP 5.0 Administrator’s Guide
81
Using SonicWALL CDP Enterprise Manager
Removing a Policy
Removing a policy allows the administrator to remove previously defined policies. Agents assigned to
policies that are removed will be covered under the default policy. If the default policy has a lower quota
than the previous policy, the data not covered under the policy will be purged. If the default policy
includes different files for backup, the files from the previous policy will be purged.
To remove a policy, perform the following steps:
Step 1
At the top of the window, click the Policies button.
Step 2
Select the policy you want to remove from the policies list in the left -hand window.
Step 3
Click the Remove Policy button in the Policy window.
Step 4
A warning screen displays. Click the Yes button to remove the policy.
SonicWALL CDP 5.0 Administrator’s Guide
82
Using SonicWALL CDP Enterprise Manager
Performing Searches in Enterprise Manager
This section provides a configuration list specific to the Search tab in the Enterprise Manager. This
section includes the following subsections:
•
“Searching for Files” section on page 83
•
“Searching Within Server Applications” section on page 84
•
“Searching Within Agent Applications” section on page 84
Searching for Files
This allows the administrator to search for files marked for backup.
To search for files, perform the following steps:
Step 1
In the Search view, select Files from the left-hand window.
Step 2
Select the agent you want to search from the Agent drop-down menu, or select Search All Agents.
Step 3
Select the folder you want to search from the Folder drop-down menu, or select Search All Folders.
Step 4
Enter a search string in the All or part of the file name field.
Step 5
To search a specific date or date-range, select a last modified date from the pre-defined time ranges in
the When was it modified drop-down menu, or specify your own dates in the drop down menus below.
Step 6
To search for a specific file size or file size-range, select a size from the What size is it drop-down menu,
or specify your own size or size-range below.
Step 7
Select a value from the How many backup versions should exist drop-down menu and enter a number.
Step 8
To search only for folders marked for Offsite Service backup, select Yes from the Marked for offsite
backup menu.
SonicWALL CDP 5.0 Administrator’s Guide
83
Using SonicWALL CDP Enterprise Manager
Step 9
If searching for folders marked for offsite backup, choose to search only for folders which currently exist
at the Offsite Service by selecting Yes from the Exists offsite drop-down menu.
Step 10 Click the Search button to start your search.
Searching Within Server Applications
This allows the administrator to search within server applications, including Active Directory, Microsoft
Exchange and SQL Server.
To search within server applications, perform the following steps:
Step 1
In the Search view, select Server Applications form the left-hand window.
Step 2
Select an application to search from the Application drop-down menu.
Step 3
Select the agent you want to search from the Agent drop-down menu.
Step 4
Select an instance from the Instance menu.
Step 5
Select an object to search for form the Object menu.
Step 6
Click the Search button to start your search.
Searching Within Agent Applications
This allows the administrator to search within agent applications, including Outlook and Outlook
Express.
To search within agent applications, perform the following steps:
Step 1
In the Search view, select Client Applications form the left-hand window.
Step 2
Select an application to search from the Application drop-down menu.
Step 3
Select the agent you want to search from the Agent drop-down menu or select Search all agents.
Step 4
Click the Search button to start your search.
SonicWALL CDP 5.0 Administrator’s Guide
84
Using SonicWALL CDP Enterprise Manager
Generating Reports in Enterprise Manager
This section provides information about generating reports using the Enterprise Manager, and a
configuration list specific to the Reporting view in the Enterprise Manager.
Generating CDP Agent Reports
The administrator can generate reports using the Enterprise Manager that provide agent and backup
statistics.
To generate reports, perform the following steps:
Step 1
At the top of the window, click the Reporting button.
Step 2
In the Reports list in the left -hand window, double-click the report you want to run (refer to Table 15
for report type descriptions).
Step 3
When the report is complete, you can save the report in HTML format by clicking the Save button and
selecting a location to save.
Step 4
If you want to view the report in your browser without saving, click the Browser button.
Table 15
Report Types
Report Type
Description
Executive Summary Executive Summary provides a general overview, including Appliance
Information, Agent Summary and Top 10 (file types by disk space used).
Agent Summary
Agent Summary provides a summary of agent usage, including file size, size
on disk with revisions, server application size and policy name.
Disk Space by File
Type
Disk Space by File Type provides a summary of disk space usage, both by file
size and number of files, sorted by file extension.
Disk Space by Agent Disk Space by Agent provides a summary of disk space usage by agent,
including size on disk, percent of total, number of files and number of revisions.
Policy Summary
Policy Summary provides a summary of policy usage by policy, including
agents assigned to a policy, and backups (including from the desktop, My
Documents and Favorites).
Agents by Policy
Agents by Policy provides a summary of agents sorted by default policy.
Server Application
Backup Summary
Server Application Backup Summary provides a summary of server
applications selected for backup, including instance, database name, backup
size and number of revisions.
Client Application
Backup
Client Application Backup provides a summary of client applications selected
for backup, sorted by agent and including path name, application name and file
size.
Offsite Status
Offsite Status provides a summary of data backed up to the Offsite Service,
sorted both by appliance and agent. This report includes size of data marked for
offsite backup and size of data currently backed up at the Offsite Service.
SonicWALL CDP 5.0 Administrator’s Guide
85
Using SonicWALL CDP Enterprise Manager
Configuring Email Alerts in Enterprise Manager
This section provides a configuration list specific to the Alerts view in Enterprise Manager. The Alerts
view allows you to configure email alerts for six events:
•
When an agent reaches 80% of quota
•
When an agent reaches 90% of quota (“quota limit”)
•
When the appliance is 80% full
•
When the appliance is 90% full (“full”)
•
When the offsite service is 80% full
•
When the offsite service is 90% full (“full”)
To configure email alerts, perform the following tasks:
Step 1
In the Enterprise Manager toolbar, navigate to Edit > Mail Server Settings.
Step 2
Provide the following SMTP information:
•
Mail server (name or IP address): Provide the SMTP mail server or IP address. For example,
mail.mycompany.com.
•
To email address: Specify the email address where the alert will be sent. For example,
[email protected]
•
From email address: Specify the email address that will appear as the sender of the email. For
example, [email protected]
•
From email domain: Specify the email domain that will appear in the sender’s email address. For
example, mycompany.com.
•
User name (if required): Specify a user name associated with the email address you specified in
From email address, if required. For example, administrator_2.
•
Password (if required): Specify a password associated with the email address you specified in
From email address, if required.
Step 3
Click Send Test Email to test your SMTP settings.
Step 4
In the Test email sent pop-up, click OK.
Step 5
Check the email account you specified in To email address to verify that the email was delivered.
Note
If you did not receive your test email, verify that you have provided the correct credentials, that you
have Internet connectivity, and that the mail server you specified is available. Failed emails will be
stored and sent when a mail server connection is established.
SonicWALL CDP 5.0 Administrator’s Guide
86
Backing up Microsoft Exchange
Backing up Microsoft Exchange
Backing up Microsoft Exchange using SonicWALL CDP allows users to store and retrieve Microsoft
Exchange revisions from an agent machine. Microsoft Exchange backup cannot be configured using the
Enterprise Manager.
Note
Microsoft Exchange can only be backed up using the Agent Tool.
See the following sections:
•
“Backing Up a Microsoft Exchange User Mailbox” section on page 87
•
“Backing Up a Microsoft Exchange Storage Group” section on page 97
Backing Up a Microsoft Exchange User Mailbox
You can backup individual user mailboxes by using the Microsoft Exchange User Mailbox Backup and
Restore server application in the SonicWALL CDP Agent Tool. The user mailbox is backed up onto your
SonicWALL CDP appliance.
You can use this feature by adding the Microsoft Exchange - User Mailbox application to the
SonicWALL CDP Agent Tool. From the Agent Tool, you can use the User Mailbox application to
configure the backup schedule for one or more user mailboxes, the login credentials for the Exchange
server, the parameters for offsite backup, and to restore individual user mailboxes to the Exchange
server. For information about restoring a user mailbox, see the “Recovering a Microsoft Exchange User
Mailbox” section on page 123.
The User Mailbox Backup and Restore feature includes the following capabilities:
•
Convenient interface for adding user mailboxes to or deleting them from the backup process
•
Ability to set the backup schedule for a group of mailboxes or for individual user mailboxes
•
Secure login using credentials to Microsoft Exchange server
•
Optional automatic backup of user mailboxes to an offsite location
•
Retention of multiple backups for each user mailbox
See the following sections:
•
“How Does User Mailbox Backup and Restore Work?” section on page 88
•
“Installation Prerequisites” section on page 88
•
“Adding the User Mailbox Application to the Agent Tool” section on page 90
•
“Adding User Mailboxes for Backup” section on page 91
•
“Scheduling Backups for User Mailboxes” section on page 92
•
“Configuring Access to the Exchange Server” section on page 93
•
“Configuring Offsite Backup of User Mailboxes” section on page 95
•
“Removing User Mailboxes from the Backup Schedule” section on page 95
•
“Removing the User Mailbox Application” section on page 96
•
“Verifying User Mailbox Backup Activity” section on page 96
SonicWALL CDP 5.0 Administrator’s Guide
87
Backing up Microsoft Exchange
How Does User Mailbox Backup and Restore Work?
The SonicWALL CDP Microsoft Exchange User Mailbox Backup and Restore feature is implemented
as a server application that is added to the SonicWALL CDP Agent Tool. To use the feature, add the
Microsoft Exchange - User Mailbox (User Mailbox) application to the SonicWALL CDP Agent Tool
from within the Agent Tool user interface. You can then select the application in the left pane of the
Agent Tool and access the application controls in the right pane.
The User Mailbox application allows you to add or delete individual user mailboxes for backup, set
backup schedules, restore specific backups of individual mailboxes, enter credentials for accessing the
Exchange server, and configure offsite backup. You can view log entries in the SonicWALL CDP Agent
Tool on the Status tab to verify that backups are successful.
Installation Prerequisites
This section lists the necessary prerequisites for successful operation of the SonicWALL CDP Agent
Tool with the Microsoft Exchange User Mailbox Backup and Restore feature. For information about
supported servers and versions of Exchange, see the “Requirements for Microsoft Exchange Server
Applications” section on page 12.
Note
The SonicWALL CDP appliance must be licensed for server applications. On models that do not
support server application licenses, such as SonicWALL CDP 110 and 210, you can still use the User
Mailbox Backup and Restore feature.
SonicWALL CDP 5.0 Administrator’s Guide
88
Backing up Microsoft Exchange
ExOLEDB / ADO / CDO Requirements
SonicWALL CDP uses ExOLEDB to access Microsoft Exchange. The Exchange OLE DB Provider
should be installed along with Microsoft Exchange, and must be accessible by SonicWALL CDP
Enterprise Manager and Agent Tool.
The ADO (ActiveX Data Objects) and CDO (Collaboration Data Objects) APIs are also required by this
feature. These are application programming interfaces provided by Microsoft that allow applications to
access data stores in a uniform manner. These APIs are included with the Microsoft Exchange installation.
ESE Backup Client DLL/ CDOEXM Requirements
SonicWALL CDP uses the Exchange Backup and Restore API to access Microsoft Exchange. The
Microsoft ESE Backup Client DLL (EsEbCli2.dll) should be installed along with Microsoft Exchange,
and must be accessible by SonicWALL CDP Enterprise Manager and Agent Tool. The Collaboration
Data Objects for Exchange Management (CDOEXM) APIs are also used to automate the restore
procedure, but not required by this feature.
You can copy the EsEbCli2.dll file from your Microsoft installation disk, or download it from Microsoft,
or copy it manually from another location into the Sonicwall Continuous Data Protection folder where
the client was installed. The default program installation folder location is:
C:\Program Files\SonicWALL\SonicWALL Continuous Data Protection
Note
The ESE Backup Client DLL (EsEbCli2.dll) is installed by default under the 32-bit installation. On
64-bit machines you need to manually obtain the EsEbCli2.dll. For more information, see “Manually
Obtaining EsEbcli2.dll For 64-bit Machine” on page 107.
SonicWALL CDP 5.0 Administrator’s Guide
89
Backing up Microsoft Exchange
Adding the User Mailbox Application to the Agent Tool
Before you can use the Microsoft Exchange User Mailbox Backup and Restore feature, you need to add
the Microsoft Exchange - User Mailbox application to the SonicWALL CDP Agent Tool.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab at the top of the window.
Step 2
In the left pane, select Server Applications.
Step 3
In the right pane, click the Add Application button.
Step 4
In the Add Application Backup dialog box, select Microsoft Exchange Server - User Mailbox.
Step 5
Optionally select the Set for Offsite Backup checkbox to backup the User Mailbox application data
offsite. You can change this setting at any time after adding the User Mailbox application. For
information about configuring offsite backup, see “Configuring Offsite Backup of User Mailboxes” on
page 95.
Step 6
Click OK.
After the User Mailbox application is added, you can access it on the Applications tab.
SonicWALL CDP 5.0 Administrator’s Guide
90
Backing up Microsoft Exchange
Adding User Mailboxes for Backup
This section describes how to add individual user mailboxes for backup.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane, expand Server Applications and select Microsoft Exchange - User Mailbox.
Step 3
In the right pane, click the Add Mailbox button.
Step 4
In the Add Mailbox dialog box, select one or more mailboxes to backup.
Step 5
Click Add.
The selected mailboxes appear in the bottom pane of the User Mailbox application page.
SonicWALL CDP 5.0 Administrator’s Guide
91
Backing up Microsoft Exchange
Scheduling Backups for User Mailboxes
This section describes how to configure the backup schedule for user mailboxes.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane select one or more user mailboxes for which you want to schedule backups. To schedule
backups for all mailboxes, select Microsoft Exchange - User Mailbox.
Step 3
In the right pane, click the Backup Interval button.
Step 4
In the Schedule Interval dialog box, select one of the following backup intervals from the drop-down
list:
Step 5
•
Monthly – The backup occurs once a month.
•
Biweekly – The backup occurs every two weeks.
•
Weekly – The backup occurs every week.
•
Daily – The backup occurs every day at approximately the same time.
Click Save.
The first backup occurs immediately.
Step 6
Note
To view the backup status in the User Mailbox application window, select a user mailbox or Microsoft
Exchange - User Mailbox in the left pane and then click the Refresh button.
The window does not refresh automatically after the backup occurs.
SonicWALL CDP 5.0 Administrator’s Guide
92
Backing up Microsoft Exchange
If a single mailbox was selected, the bottom pane of the User Mailbox application window displays the
backup dates and the amount of disk space used for the selected mailbox.
If Microsoft Exchange - User Mailbox was selected, backup data is displayed for all mailboxes. At the
application level, one row is displayed for each user mailbox and the Size fields indicate the total size
of all existing backups for that mailbox.
Configuring Access to the Exchange Server
This section describes how to configure access between the SonicWALL CDP appliance and the
Exchange server where the user mailboxes reside. You can use the default Use Trusted Connection
setting, which allows access to the Exchange server without providing credentials. Or, you can provide
the user name and password credentials for accessing the Exchange server. In either case, you can test
the connection between the SonicWALL CDP appliance and the Exchange server.
Note
If the Use Trusted Connection setting is selected, the actual backup process uses the local SYSTEM
account to access the Microsoft Exchange database.
SonicWALL CDP 5.0 Administrator’s Guide
93
Backing up Microsoft Exchange
Configuring Login Credentials for the Exchange Server
Before configuring the User Mailbox application to use credentials when accessing the Exchange server,
you must first configure the credentials on the Exchange server. The user name must have appropriate
privileges to access user mailbox data on the Exchange server. For more information about configuring
users and access privileges on Microsoft Exchange, see KB821897 at:
http:/support.microsoft.com/kb/821897
http://support.microsoft.com/kb/556045
To configure a user name and password for SonicWALL CDP to use when accessing the Exchange
server, perform the following steps:
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Server Applications, select Microsoft Exchange - User Mailbox.
Step 3
In the right pane, click the Configure Authentication button.
Step 4
In the Authentication dialog box, to configure the access credentials for the Exchange server, clear the
Use Trusted Connection checkbox. The User Name and Password fields become active.
Step 5
Type the user name into the User Name field.
This account must have privileges for accessing user mailbox data on the Exchange server (see
KB821897).
Step 6
Type the password into the Password field.
Step 7
To test the connection between the User Mailbox application and the Exchange server, click the Test
Connection button.
Step 8
To save this configuration, click Save.
Configuring Access to the Exchange Server Without Credentials
You can choose to access the Exchange server without using login credentials.
Note
In this case, you are using the current user privileges to access Microsoft Exchange and Active
Directory. Actual backups will be executed using the local SYSTEM account.
SonicWALL CDP 5.0 Administrator’s Guide
94
Backing up Microsoft Exchange
To configure trusted access without the need for login credentials when SonicWALL CDP accesses the
Exchange server, perform the following steps:
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Server Applications, select Microsoft Exchange - User Mailbox.
Step 3
In the right pane, click the Configure Authentication button.
Step 4
In the Authentication dialog box, select the Use Trusted Connection checkbox.
Step 5
To test the connection between the User Mailbox application and the Exchange server, click the Test
Connection button.
Step 6
To save this configuration, click Save.
Configuring Offsite Backup of User Mailboxes
This section describes how to configure the User Mailbox application to backup user mailboxes to an
offsite SonicWALL CDP appliance. Offsite backup settings must already be configured in SonicWALL
CDP Enterprise Manager, and the offsite appliance must be available. For instructions and information,
see the SonicWALL CDP Administrator’s Guide.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Server Applications, select Microsoft Exchange - User Mailbox.
Step 3
In the right pane, click the Offsite Backup button.
Step 4
In the Offsite Status dialog box, select the Check for offsite backup checkbox.
Step 5
Click Set Status.
Removing User Mailboxes from the Backup Schedule
This section describes how to remove a user mailbox from the list of mailboxes scheduled for backup.
Note
Removing a user mailbox also removes all existing backups of that mailbox.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Microsoft Exchange - User Mailbox, select the user mailbox that you want to
remove from the backup schedule.
Step 3
In the right pane, click the Remove Mailbox button.
SonicWALL CDP 5.0 Administrator’s Guide
95
Backing up Microsoft Exchange
Step 4
Click Yes in the confirmation dialog box.
Removing the User Mailbox Application
This section describes how to remove the User Mailbox application from the SonicWALL CDP Agent
Tool.
Note
Removing the User Mailbox application also removes all existing mailbox backups.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane, select Microsoft Exchange - User Mailbox.
Step 3
In the right pane, click the Remove Application button.
Step 4
Click Yes in the confirmation dialog box.
Verifying User Mailbox Backup Activity
This section describes how to tell if your user mailbox backups are working correctly. You can view log
entries showing the backups in the Status page of the SonicWALL CDP Agent Tool.
You should see log entries showing backups right after adding one or more user mailboxes to the backup
schedule, and then after each scheduled backup.
Step 1
In the SonicWALL CDP Agent Tool, click the Status tab at the top of the window.
Step 2
View the log entries in the bottom right pane.
SonicWALL CDP 5.0 Administrator’s Guide
96
Backing up Microsoft Exchange
Each related entry contains the application name in the Name column.
Backing Up a Microsoft Exchange Storage Group
You can backup and restore a Microsoft Exchange Storage Group by using the SonicWALL CDP
Microsoft Exchange InfoStore Backup and Restore server application in the SonicWALL CDP Agent
Tool. The Storage Group, or InfoStore, is backed up onto your SonicWALL CDP appliance. You can use
this feature by adding the Microsoft Exchange Server - InfoStore application to the SonicWALL CDP
Agent Tool. From the Agent Tool, you can use the InfoStore application to configure the backup
schedule, the parameters for offsite backup and to restore the Microsoft Exchange Storage Group back
to your machine. For information about restoring a Storage Group, see the “Recovering a Microsoft
Exchange Storage Group” section on page 125.
Note
The SonicWALL CDP appliance must be licensed for server applications. On the SonicWALL CDP
110 and 210 platforms, this feature requires the purchase of the SonicWALL CDP 110/210 5 Server
Applications License upgrade. This license allows you to back up five applications that are installed
on your server, such as Exchange, SQL, Active Directory, and others.
SonicWALL CDP 5.0 Administrator’s Guide
97
Backing up Microsoft Exchange
The SonicWALL CDP Microsoft Exchange InfoStore Backup and Restore feature includes the following
capabilities:
•
Convenient interface for adding InfoStore to or removing it from the backup process
•
Ability to set and manage the backup schedule
•
Optional automatic backup to an offsite location
•
Retention of multiple backup versions
How Does InfoStore Backup and Restore Work?
The SonicWALL CDP Microsoft Exchange InfoStore Backup and Restore feature is implemented as a
server application that is added to the SonicWALL CDP Agent Tool. To use the feature, add the
Microsoft Exchange Server - InfoStore application to the SonicWALL CDP Agent Tool from within
the Agent Tool user interface. You can then select the application in the left pane of the Agent Tool and
access the application controls in the right pane.
The InfoStore application allows you to add or remove individual Microsoft Exchange Storage Groups
for backup, set backup schedules, restore specific backups of Exchange server, and configure offsite
backup. You can view log entries in the SonicWALL CDP Agent Tool under the Status tab to verify that
backups were successful.
Installation Prerequisites
This section lists the necessary prerequisites for successful installation and operation of the Microsoft
Exchange Server - InfoStore server application on the SonicWALL CDP Agent Tool. For information
about supported servers and versions of Exchange, see the “Requirements for Microsoft Exchange
Server Applications” section on page 12.
Turn Off Circular Logging
Circular logging allows the Exchange Server to overwrite transaction log files after the data that the log
files contain has been committed to the database. However, if circular logging is enabled, you can
recover Exchange Server data only up until the last full backup. Additionally, incremental or differential
backups will no longer be allowed. For more information, see the following:
Note
•
http://support.microsoft.com/kb/314605
•
http://technet.microsoft.com/en-us/library/bb331968.aspx
SonicWALL recommends that the circular logging feature in MS Exchange be turned off for all
platforms when the SonicWALL CDP Agent is installed. Circular logging is enabled by default on
Windows Server 2003/2008 SBS.
The procedure for turning off circular logging applies to the following system configuration:
•
32-bit machine: (MS Windows SBS 2003 and MS Exchange 2003)
To turn off circular logging, perform the following steps:
Step 1
Start the Exchange Management Console.
Step 2
In the console tree, expand Server Configuration, and then click Mailbox.
SonicWALL CDP 5.0 Administrator’s Guide
98
Backing up Microsoft Exchange
Step 3
In the work pane, right-click the storage group for which you want to disable circular logging, and then
click Properties. The <Storage Group Name> Properties dialog box appears.
Step 4
Clear the Enable circular logging check box.
Step 5
Click OK.
Step 6
To make your changes to the circular logging settings effective, restart the Microsoft Exchange
Information Store service, or dismount and then mount all of the databases in the storage group.
ESE Backup Client DLL/ CDOEXM Requirements
SonicWALL CDP uses the Exchange Backup and Restore API to access Microsoft Exchange. The
Microsoft ESE Backup Client DLL (EsEbCli2.dll) should be installed along with Microsoft Exchange,
and must be accessible by SonicWALL CDP Enterprise Manager and Agent Tool. The Collaboration
Data Objects for Exchange Management (CDOEXM) APIs are also used to automate the restore
procedure, but not required by this feature.
You can copy the EsEbCli2.dll file from your Microsoft installation disk, or download it from Microsoft,
or copy it manually from another location into the Sonicwall Continuous Data Protection folder where
the client was installed. The default program installation folder location is:
C:\Program Files\SonicWALL\SonicWALL Continuous Data Protection
Note
The ESE Backup Client DLL (EsEbCli2.dll) is installed by default under the 32-bit installation. On
64-bit machines you need to manually obtain the EsEbCli2.dll. For more information, see “Manually
Obtaining EsEbcli2.dll For 64-bit Machine” on page 107.
Adding the InfoStore Application to the Agent Tool
Before you can use the Microsoft Exchange InfoStore Backup and Restore feature, you need to add the
Microsoft Exchange Server - InfoStore application to the SonicWALL CDP Agent Tool.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab at the top of the window.
Step 2
In the left pane, select Server Applications.
SonicWALL CDP 5.0 Administrator’s Guide
99
Backing up Microsoft Exchange
Step 3
In the right pane, click the Add Application button.
Step 4
In the Add Application Backup dialog box, select Microsoft Exchange Server - InfoStore.
Step 5
Optionally select the Set for Offsite Backup checkbox to backup the InfoStore application data offsite.
You can change this setting at any time after adding the InfoStore application. For information about
configuring offsite backup, see “Offsite Backup of Storage Group” on page 104.
Step 6
Click OK.
After the InfoStore application is added, you can access it on the Applications tab.
SonicWALL CDP 5.0 Administrator’s Guide
100
Backing up Microsoft Exchange
Configuring Storage Group Backup
This section contains the following subsections:
•
“Adding Storage Group for Backup” section on page 101
•
“Scheduling Backups” section on page 102
Adding Storage Group for Backup
Once the Microsoft Exchange Server - InfoStore application is configured, it can be used to add a
Microsoft Exchange Storage Group for backup.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane, expand Server Applications and select Microsoft Exchange - InfoStore.
Step 3
In the right pane, click the Add Storage Group button.
SonicWALL CDP 5.0 Administrator’s Guide
101
Backing up Microsoft Exchange
Step 4
In the Add Storage Group dialog box, select the Storage Group to backup.
Step 5
Click Add.
The selected storage group appear in the bottom pane of the InfoStore application page.
Scheduling Backups
This section describes how to configure the backup schedule for InfoStore.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane select one or more Storage Groups for which you want to schedule backups. To schedule
backups for all groups, select Microsoft Exchange - InfoStore.
Step 3
In the right pane, click the Backup Interval button.
SonicWALL CDP 5.0 Administrator’s Guide
102
Backing up Microsoft Exchange
Step 4
Step 5
In the Schedule Interval dialog box, select one of the following backup intervals from the Full Backup
drop-down list:
•
Monthly – The backup occurs once a month.
•
Biweekly – The backup occurs every two weeks.
•
Weekly – The backup occurs every week.
•
Daily – The backup occurs every day at approximately the same time.
Click Save.
The first backup occurs immediately.
Step 6
Note
To view the backup status in the InfoStore application window, select a storage group or Microsoft
Exchange - InfoStore in the left pane and then click the Refresh button.
The window does not refresh automatically after the backup occurs.
If a single group was selected, the bottom pane of the InfoStore application window displays the backup
dates and the amount of disk space used for the selected group.
SonicWALL CDP 5.0 Administrator’s Guide
103
Backing up Microsoft Exchange
If Microsoft Exchange - InfoStore was selected, backup data is displayed for all storage groups. At the
application level, one row is displayed for each storage group and the Size fields indicate the total size
of all existing backups for that group.
Offsite Backup of Storage Group
The SonicWALL CDP Offsite Data Backup Service is an optional offsite backup and recovery solution
that stores data in a secure data center, and can be purchased for an additional fee. This section describes
the basics of the offsite backup. For more information, see the “Configuring Site-to-Site Backup and
Recovery” section on page 159 and the SonicWALL CDP Offsite Data Backup Service data sheet at:
<http://www.sonicwall.com/downloads/DS_CDP_Offsite_US_060507.pdf>
Offsite Backup Quota
The SonicWALL CDP Offsite Data Backup provides different services, ranging from 5 to 100 GB of
quota. You need to make sure that the total size of all of your backups does not exceed quota limit. If
quota is exceeded the consequent backup will fail, the Quota Exceeded Error message will be
displayed, and the status for the last backup will changes to Quota Exceeded. You will receive an email
notification informing you of the failed backup attempt. You can free up your storage space by removing
some of the old backups or by purchasing additional quota.
Configuring Offsite Backup of Storage Group
This section describes how to configure the InfoStore application to backup Storage Groups to an offsite
SonicWALL CDP appliance. Offsite backup settings must already be configured in SonicWALL CDP
Enterprise Manager, and the offsite appliance must be available.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Server Applications, select Microsoft Exchange - InfoStore.
SonicWALL CDP 5.0 Administrator’s Guide
104
Backing up Microsoft Exchange
Step 3
In the right pane, click the Offsite Backup button.
Step 4
In the Offsite Status dialog box, select the Check for offsite backup checkbox.
Step 5
Click Set Status.
Removing Storage Group from the Backup Schedule
This section describes how to remove a storage group from the list of groups scheduled for backup.
Note
Removing a storage group also removes all existing backups of that storage group.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Microsoft Exchange - InfoStore, select the storage group that you want to remove
from the backup schedule.
Step 3
In the right pane, click the Remove Storage Group button.
Step 4
Click Yes in the confirmation dialog box.
Removing the InfoStore Application
This section describes how to remove the InfoStore application from the SonicWALL CDP Agent Tool.
Note
Removing the InfoStore application also removes all existing storage group backups.
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane, select Microsoft Exchange - Info Store.
Step 3
In the right pane, click the Remove Application button.
SonicWALL CDP 5.0 Administrator’s Guide
105
Backing up Microsoft Exchange
Step 4
Click Yes in the confirmation dialog box.
Verifying InfoStore Backup Activity
This section describes how to tell if your Microsoft Exchange backups are working correctly. You can
view log entries showing the backups in the Status page of the SonicWALL CDP Agent Tool.
You should see log entries showing backups right after adding one or more storage groups to the backup
schedule, and then after each scheduled backup.
Step 1
In the SonicWALL CDP Agent Tool, click the Status tab at the top of the window.
Step 2
View the log entries in the bottom right pane.
Each related entry contains the application name in the Name column.
SonicWALL CDP 5.0 Administrator’s Guide
106
Backing up Microsoft Exchange
Manually Obtaining EsEbcli2.dll For 64-bit Machine
The SonicWALL CDP MS Exchange InfoStore Backup and Restore feature uses the Exchange Backup
and Restore API. The API is implemented by the Dynamically Linked Library (DLL) file: EsEbcli2.dll.
This DLL is installed by default on all 32-bit installations. On 64-bit installation, you must obtain
EsEbcli2.dll manually.
EsEbcli2.dll can be obtained from the following sources:
•
Microsoft Exchange Server 2007 Installation CD
•
Microsoft Download Center
Obtaining EsEbcli2.dll from the Microsoft Exchange Server 2007 Installation CD
This section describes how to manually obtain the EsEbcli2.dll from your Microsoft Exchange Server
2007 Installation CD.
Step 1
Navigate to setup\i386\exchange\bin folder of the Exchange 2007 installation CD
Step 2
Locate the EsEbcli2.dll file, right-click it and select Copy from the pop up menu.
Step 3
Navigate to C:\Program Files(x86)\SonicWALL\SonicWALL Continuous Data Protection\ folder on
your machine.
Step 4
Right-click inside the folder and select Paste from the pop up menu.
Step 5
Restart the CDP Agent Tool and the SonicWALL CDP Agent Service.
The Microsoft Exchange Server - InfoStore application should function properly.
Obtaining EsEbcli2.dll from the Microsoft Download Center
This section describes how to manually obtain the EsEbcli2.dll from the Microsoft Exchange Server
2007 Service Pack 1, available at the Microsoft Download Center.
Step 1
Navigate to Microsoft Download Center at <http://www.microsoft.com/downloads>.
Step 2
Type in “E2K7SP1EN32.exe” in the search window and select Go.
Step 3
List of results will appear. Select the Exchange Server 2007 Service Pack 1 page.
Step 4
Scroll down to the bottom of the page and select the Download button next to E2K7SP1EN32.exe file.
Make sure to download the 32-bit version, the 64-bit version does not include the missing DLL file.
Step 5
Extract the E2K7SP1EN32.exe file, making sure to note down the extraction folder.
Step 6
Navigate to the extraction folder from step 3 and to the following path <setup\serverroles\common\path>
inside the folder.
Step 7
Locate EsEbcli2.dll file, right-click it and select Copy from the pop up menu.
Step 8
Navigate to C:\Program Files(x86)\SonicWALL\SonicWALL Continuous Data Protection\ folder.
Step 9
Right-click inside the folder and select Paste from the pop up menu.
Step 10 Restart the CDP Agent Tool and the SonicWALL CDP Agent Service.
The Microsoft Exchange Server - InfoStore application should function properly.
SonicWALL CDP 5.0 Administrator’s Guide
107
Backing up Active Directory
Backing up Active Directory
Backing up Active Directory using SonicWALL CDP allows users to store and retrieve Active Directory
revisions from agent machines.
Note
Active Directory cannot be added from the Enterprise Manager. Active Directory can be added using
the Agent Tool.
See the following sections:
•
“Configuring SonicWALL CDP to Backup Active Directory” section on page 108
•
“Active Directory Backup Expectations” section on page 108
•
“Active Directory Backup Algorithm” section on page 108
Configuring SonicWALL CDP to Backup Active Directory
To add Active Directory for backup using the Agent Tool, perform the following steps:
Step 1
Open the SonicWALL Agent Tool on the Domain Controller.
Step 2
Go to Applications and add Active Directory.
The following options are available to edit for Active Directory using the Agent Tool:
•
Configure Backup Interval - (Default or custom).
•
Backup Offsite - Send data to the Offsite Service.
•
Remove Server Application - Stop backing up Active Directory.
Active Directory Backup Expectations
An Active Directory is installed on the machine whether or not a backup can be performed at this
moment. A backup cannot be performed if it is currently being restored, or if another backup agent is
performing backup at the same time. If the backup cannot be performed, return with information stating
the backup is delayed.
If the backup fails due to heavy activity in the storage group, return with an error stating that the backup
is delayed.
If the backup fails due to Disk-Full or Quota error in the CDP appliance, abort backup and return with
an error.
Active Directory Backup Algorithm
This section describes the logical process of backing up Active Directory.
1.
Check if an Active Directory is installed on the machine. If not, return with an error.
2.
Check if a backup can be performed at this moment. A backup cannot be performed if it is currently
being restored, or another backup agent is performing backup at this moment. If the backup cannot
be performed, return with information stating the backup is delayed.
SonicWALL CDP 5.0 Administrator’s Guide
108
Backing up Microsoft SQL
3.
Check if the CDP appliance is ready to accept the backup. If the CDP appliance is busy, return with
an error stating that the appliance is busy.
4.
Start backup.
5.
If the backup fails due to heavy activity in the storage group, return with an error stating that the
backup is delayed.
6.
If the backup fails due to a Disk-Full or a Quota error in the CDP appliance, abort backup and return
with an error.
7.
Otherwise, complete the backup.
8.
Return with success.
Backing up Microsoft SQL
Backing up Microsoft SQL using SonicWALL CDP allows users to store and retrieve Microsoft SQL
revisions from an agent machine. Microsoft SQL databases are configured for backup using the
SonicWALL CDP Agent Tool.
Note
Microsoft SQL can only be configured using the Agent Tool.
During SQL backup and restore using CDP, the Agent Service directly interfaces with the Microsoft SQL
server through the Open Database Connectivity (ODBC) API, using an SQL-ODBC driver that is
installed with SQL. By ODBC, the Agent service communicates to the SQL server through transactional
SQL commands.
SonicWALL CDP 5.0 Administrator’s Guide
109
Backing up Microsoft SQL
When the CDP Agent Service backs up an SQL database, it instructs SQL to place the data in a certain
location in memory. The Agent Service will then process the data one block at a time, compressing it
and sending to the appliance.
The Agent Service first needs to connect to the database and authenticate using either a Windows user
account credentials or using a SQL account. More details are provided in the “SQL Authentication”
section on page 115.
This section contains the following subsections:
•
“Configuring SonicWALL CDP to Backup Microsoft SQL” section on page 110
•
“Introduction to Full, Differential, and Log Backup” section on page 110
•
“Full Backup Triggers” section on page 111
•
“SonicWALL CDP Storage of the SQL Database” section on page 111
•
“SQL Configuration Levels” section on page 111
•
“Configuring Backup Intervals” section on page 112
•
“SQL Account Configuration” section on page 114
•
“SQL Authentication” section on page 115
•
“Backing Up Native SQL Databases” section on page 118
•
“Offsite Backup of SQL” section on page 119
•
“SQL Backup of Unchanged Databases” section on page 119
•
“SQL Database Maintenance” section on page 119
•
“SQL Backup Environment Expectations and Known Errors” section on page 120
•
“Explanation of Possible Errors” section on page 120
Configuring SonicWALL CDP to Backup Microsoft SQL
To backup Microsoft SQL using the Agent Tool, perform the following steps:
Step 1
Open the SonicWALL Agent Tool on the SQL server
Step 2
Go to Applications and add Microsoft SQL.
The following options are available to edit for SQL using the Agent Tool:
•
Backup Interval - Default or custom.
•
Remove SQL Server Instance - Stop backing up a SQL Server instance.
•
Restore Database - Restore a backed up database version.
•
Remove Database - Stop backing up the database.
Introduction to Full, Differential, and Log Backup
The SQL database provides full, differential, and log backups. A full backup is a snapshot of the entire
database at the time of the backup. A log backup is a snapshot of all transactions within the current
transaction log file marked as active. A Differential backup includes everything that changed in the
database since the last full backup.
SonicWALL CDP 5.0 Administrator’s Guide
110
Backing up Microsoft SQL
A full backup extracts the entire database. The SQL server divides a database into logical blocks. After
a full backup, the database tags blocks of data that have changed. In a differential backup, only the
tagged blocks of data are backed up. The “changed” tag is removed from all blocks every time a full
backup is performed.
Each database is composed of two files which, by default, are located in the data folder. One is the main
database file with the MDF extension. The other is the database’s transactional log file with the LDF
extension. The SQL Database Management System (DBMS) will write each SQL command to the log
file before it writes to the database. The SQL commands in the log are uncommitted until they are
executed on the database. A log backup will retrieve all committed transactions from the log file and,
afterwards, it will truncate the file. Full and differential backups will also truncate the log file. Backing
up log files allow for point-in-time recovery.
Full Backup Triggers
There are situations where it is necessary to re-create a backup set under certain conditions. In some
cases it may be necessary for SonicWALL CDP to start with a new full backup prior to what is
configured in the backup schedule.
The following conditions can automatically trigger a full backup and override the backup sequence:
•
Whenever the backup object is overridden either through restore or by being deleted and a new
instance created externally; for example, restoring a database with override enabled
•
Adding a new file to a SQL database for storing the data
•
Detaching and reattaching a database in the SQL server
•
Terminating the CDP agent while uploading either a log or incremental backup
SonicWALL CDP Storage of the SQL Database
The CDP appliance will store the last two full backups of each database, together with all related
differential and log backups.
If the agent is also configured for SQL Offsite Service backup, the last full backup is stored at the offsite
service for all databases backed up on the appliance.
SQL Configuration Levels
SQL backup configuration is set at different levels. These are:
•
Agent (or application) Level: Offsite backup is set on the entire agent.
•
SQL Instance Level: More than one SQL instance can be running on a same machine.
SonicWALL CDP 5.0 Administrator’s Guide
111
Backing up Microsoft SQL
•
Database Level: An instance can contain one or more databases. The databases are backed up
independently.
Servers normally have only one instance, which matches the Windows computer name. SQL instances
can be created to allow for completely separate database management access to different databases.
Also, an instance will be created for each database version installed on the same machine. For example,
SQL 2000 and SQL 2005 can run on the same server, but they will have different instances.
Different SQL backup configurations settings for each level are shown below. For example, Offsite
Backup is applied to the entire agent, meaning that all selected instances and databases will be backed
up to offsite. Authentication is set at an instance level.
Configuring Backup Intervals
SonicWALL CDP can be configured to perform full, differential, and/or log backup. Each database is
backed up independently from one another where backup intervals can be set differently for each.
Possible intervals are listed in Table 16.
SonicWALL CDP 5.0 Administrator’s Guide
112
Backing up Microsoft SQL
Table 16
Database Backup Intervals
Full
•
•
•
•
Monthly
Biweekly
Weekly
Daily
Differential
•
•
•
Daily
Every 12, 6, 4, 3, 2 or 1 hours
Every 30 minutes
Log
•
•
•
Daily
Every 12, 6, 4, 3, 2 or 1 hours
Every 30 minutes
The following interval settings precedence rules apply:
•
Full backup always takes precedence over Differential:
– If the differential is >= than the full, then the full will take precedence.
•
Differential always takes precedence over Log:
– If the log is >= than the differential, then the differential will take precedence.
The image below shows how the precedence rules play out on different interval scheduling on the
“Barcelona” database.
As previously noted, the backup interval can be scheduled at the agent, instance and database level.
Note
SonicWALL CDP will always backup at the interval set at the database level.
Changing the interval backup configuration at a higher level will change all interval configurations
below it. For example, setting a daily full backup at the agent level will make all its instances and
databases below to be set to full backup. On the other hand, configuring an interval on a database level
will only affect configuration for that database alone.
As seen in the “Backing Up Native SQL Databases” section on page 118, interval scheduling
configuration on a native SQL database may be overridden by the SQL server.
SonicWALL CDP 5.0 Administrator’s Guide
113
Backing up Microsoft SQL
SQL Account Configuration
In order to backup a database, the SQL account used to access the SQL database must have:
•
System administrators role
•
Database Owner Role (db_owner)
•
Access Right to Database to back up
In general, a user called “sa” is created when the SQL is installed.
To verify the SQL account configuration, perform the following steps:
Step 1
From SQL Enterprise Manager, highlight the SQL account on the right hand side of the screen and
double click it.
Step 2
Expand the security tab under the SQL server instance.
Step 3
Click Logins.
Step 4
Click the Server Roles tab.
Step 5
Select the System Administrators role.
Step 6
Click the Database Access tab.
Step 7
Make sure that the user has the db_owner role, and make sure that access is permitted to the databases
to backup.
SonicWALL CDP 5.0 Administrator’s Guide
114
Backing up Microsoft SQL
SQL Authentication
SQL Authentication can be set with both the CDP Agent Tool and the CDP Enterprise Manager by
selecting the SQL instance and clicking on the Authentication button.
The authentication window provides a Use Trusted Connection checkbox. This option uses Windows
Authentication in which the Windows User credentials are submitted to SQL. Clearing the Use Trusted
Connection checkbox allows User Name and Password entry for SQL server authentication. The Test
Connection button allows successful connection to the database.
This section contains the following subsections:
•
“Authentication Modes in Microsoft SQL Server” section on page 115
•
“About Windows Authentication” section on page 116
•
“About SQL Server Authentication” section on page 116
•
“Setting Up Windows Authentication Mode Security” section on page 117
•
“Setting Up Mixed Mode Security” section on page 118
Authentication Modes in Microsoft SQL Server
Microsoft SQL Server can operate in one of two security (authentication) modes:
•
Windows Authentication Mode (Windows Authentication)
•
Mixed Mode (Windows Authentication and SQL Server Authentication)
Windows Authentication mode allows a user to connect through a Microsoft Windows user account.
Mixed Mode allows users to connect to an instance of SQL Server using either Windows Authentication
or SQL Server Authentication. Users who connect through a Windows user account can make use of
trusted connections in either Windows Authentication Mode or Mixed Mode.
SonicWALL CDP 5.0 Administrator’s Guide
115
Backing up Microsoft SQL
SQL Server Authentication is provided for backward compatibility. For example, if you create a single
Windows 2000 group and add all necessary users to that group, you will need to grant the Windows 2000
group login rights to SQL Server and access to any necessary databases.
About Windows Authentication
When a user connects through a Windows user account, SQL Server revalidates the account name and
password by calling back to Windows for the information.
SQL Server achieves login security integration with Windows by using the security attributes of a
network user to control login access. A user's network security attributes are established at network login
time and are validated by a Windows domain controller. When a network user tries to connect, SQL
Server uses Windows-based facilities to determine the validated network user name. SQL Server then
verifies that the person is who they say they are, and then permits or denies login access based on that
network user name alone, without requiring a separate login name and password.
Login security integration operates over any supported network protocol in SQL Server.
Note that if a user attempts to connect to an instance of SQL Server providing a blank login name, SQL
Server uses Windows Authentication. Additionally, if a user attempts to connect to an instance of SQL
Server configured for Windows Authentication Mode by using a specific login, the login is ignored and
Windows Authentication is used.
Windows Authentication has certain benefits over SQL Server Authentication, primarily due to its
integration with Windows security system. Windows security provides more features, such as secure
validation and encryption of passwords, auditing, password expiration, minimum password length, and
account lockout after multiple invalid login requests.
Because Windows users and groups are maintained only by Windows, SQL Server reads information
about a user's membership in groups when the user connects. If changes are made to the accessibility
rights of a connected user, the changes become effective the next time the user connects to an instance
of SQL Server or logs on to Windows (depending on the type of change).
About SQL Server Authentication
When a user connects with a specified login name and password from a non-trusted connection, SQL
Server performs the authentication itself by checking to see if a SQL Server login account has been set
up and if the specified password matches the one previously recorded. If SQL Server does not have a
login account set, authentication fails and the user receives an error message.
SonicWALL CDP 5.0 Administrator’s Guide
116
Backing up Microsoft SQL
SQL Server Authentication is provided for backward compatibility because applications written for SQL
Server version 7.0 or earlier may require the use of SQL Server logins and passwords. Additionally, SQL
Server Authentication is required when an instance of SQL Server is running on Windows 98 because
Windows Authentication Mode is not supported on Windows 98. Therefore, SQL Server uses Mixed
Mode when running on Windows 98 (but supports only SQL Server Authentication).
Application developers and database users may prefer SQL Server Authentication because they are
familiar with the login and password functionality. SQL Server Authentication may also be required for
connections with clients other than Windows clients.
Figure 17
SQL Server Security Decision Tree
Note that when connecting to an instance of SQL Server running on Windows using Named Pipes, the
user must have permission to connect to the Windows Named Pipes IPC, \\<computername>\IPC$. If the
user does not have permission to connect, it is not possible to connect to an instance of SQL Server using
Named Pipes unless either the Windows guest account on the computer is enabled (disabled by default),
or the permission "access this computer from the network" is granted to their user account.
Setting Up Windows Authentication Mode Security
To set up Windows Authentication Mode security with the SQL Enterprise Manager:
Step 1
Expand a server group.
Step 2
Right-click a server, and then click Properties.
SonicWALL CDP 5.0 Administrator’s Guide
117
Backing up Microsoft SQL
Step 3
On the Security tab, under Authentication, click Windows only.
Step 4
Under Audit level, select the level at which user accesses to Microsoft SQL Server are recorded in the
SQL Server error log:
•
None causes no auditing to be performed.
•
Success causes only successful login attempts to be audited.
•
Failure causes only failed login attempts to be audited.
•
All causes successful and failed login attempts to be audited.
Setting Up Mixed Mode Security
To set up Mixed Mode security with the SQL Enterprise Manager:
Step 1
Expand a server group.
Step 2
Right-click a server, and then click Properties.
Step 3
On the Security tab, under Authentication, click SQL Server and Windows.
Step 4
Under Audit level, select the level at which user accesses to Microsoft SQL Server are recorded in the
SQL Server error log:
•
None causes no auditing to be performed.
•
Success causes only successful login attempts to be audited.
•
Failure causes only failed login attempts to be audited.
•
All causes successful and failed login attempts to be audited.
Backing Up Native SQL Databases
The Microsoft SQL makes use of a few databases for its own operation. It is recommended to backup
the “model,” “master,” and “msdb” databases. For example, the master database stores users names and
passwords used to connect the database. It is up to the user to set these databases for backup, as they are
not backed up automatically. Because these databases are typically small, it is recommended to back
them up on a daily basis.
The SQL server will also override interval scheduling set by CDP. Table 17 shows the scheduling rules
imposed by the SQL server.
Table 17
Scheduling Rules
Database
SQL Imposed Backup Behavior
master
Only full (daily backup recommended)
model
Only full (daily backup recommended)
msdb
Only full (daily backup recommended)
northwind
Only full and differential
pubs
Only full and differential
tempdb
No backups allowed
SonicWALL CDP 5.0 Administrator’s Guide
118
Backing up Microsoft SQL
Offsite Backup of SQL
Offsite Service backup of CDP is set at the agent level. This implies that all SQL instances and databases
selected on the agent are going to be backed up to the Offsite Service. The Offsite Service will store the
last full backup.
SQL Backup of Unchanged Databases
The CDP SQL agent will not take any backup if there is no change made to the target database with SQL
server 2000 and above. This optimization is not applicable for SQL server 6.5 and SQL server 7.
The following cases are exceptions to this behavior:
•
If the backup sequence in CDP is interfered with by any external backup agent or activity
This can be caused by using third party agents like Veritas, or native SQL backup, or changing the
CDP agent between more than one appliance.
•
Removing SQL application from backup and adding it back again
•
If the SQL server is stopped and restarted or the machine is rebooted
•
If the database is detached and reattached to the SQL server
•
If the database is renamed and a new database is created with the same name
•
If the CDP agent service is restarted
The agent uses the following SQL statement to determine whether any changes are made with respect to
the last SQL backup. This information is cached in memory and lost when the agent is restarted.
To execute the SQL statement, replace $DatabaseName$ in the following statement with the actual
database name.
SELECT
CONVERT(int, SERVERPROPERTY('ProcessID')) SQLProcessId,
ISNULL(SUM((SIGN((c.status & 0x40)) ^ 1) * a.numberwrites), 0) NumberOfDataWrites,
ISNULL(SUM((SIGN((c.status & 0x40)) ^ 1) * a.byteswritten), 0) DataBytesWritten,
ISNULL(SUM(SIGN((c.status & 0x40)) * a.numberwrites), 0) NumberOfLogWrites,
ISNULL(SUM(SIGN((c.status & 0x40)) * a.byteswritten), 0) LogBytesWritten
FROM ::fn_virtualfilestats(-1,-1) a,
sysdatabases b,
[$DatabaseName$]..sysfiles c
WHERE b.name = '$DatabaseName$'
AND b.dbid = a.dbid
AND a.fileid = c.fileid
SQL Database Maintenance
Databases can become corrupted over time. Therefore, it is common practice to run a Database
Consistency Check (DBCC) periodically to make sure that the database is healthy.
SonicWALL CDP 5.0 Administrator’s Guide
119
Backing up Microsoft SQL
SQL Backup Environment Expectations and Known Errors
The backup environment expectations are the following:
•
The SQL Instance exists and is running.
•
The authentication information is valid.
•
The SQL database exists.
•
Identify if the database can be backed up or not (configuration?/state?).
•
Identify if the specified backup type is permitted on the given database. If not, request the agent to
backup the next higher scope backup. For Log, this would be Incremental, and for Incremental, this
would be Full.
•
For log and incremental backup, check if the backup continuity is broken. This can be done by
comparing last-backup-id with the last backup id for this database stored in the master database. If
the continuity is broken, then request the agent to perform full backup.
•
For SQL 2000 and SQL 2005, check if the database is modified from the last backup activity. If the
database is not modified, then no backup is required.
•
If the backup fails due to heavy activity in the database, return with information to delay the backup.
Also, the backup can fail if the database is being restored while attempting to backup.
•
If the backup fails due to disk-full or quota error in the CDP appliance, abort backup and return with
error.
Explanation of Possible Errors
Installation Issues
During installation on Windows 2000 the following error may result:
The dynamic link library WINHTTP.dll could not be found in the specified path C:\Program
Files\SonicWALL\SonicWALL Continuous Data Protection;.;C:\WINNT\System32;
C:\WINNT\system;C:\WINNT;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Prog
ram Files\Microsoft SQL Server\80\Tools\BINN;c:\cygwin;c:\cygwin\bin.
This error most likely occurs because the Windows 2000 Service Pack is not installed. Installing Service
Pack 4 will install this library and solve the problem.
Three SQL Full Backups
SonicWALL CDP keeps the two latest full backups of SQL on the appliance. Sometimes when reviewing
the SQL backup on the appliance, three SQL full backups may be observed.
When a third full backup occurs, the appliance will remove the first full backup on the appliance along
with any subsequent differential or log backups up until the second full backup. However, this
“trimming” process is asynchronous. Therefore, some time may elapse until the database is removed.
Making trimming asynchronous speeds up the backup by postponing part of the processing.
SonicWALL CDP 5.0 Administrator’s Guide
120
Backing up Microsoft SQL
VDI Object Creation Error
SQL Backup generates the following error on the Agent Tool:
error_mssql_vdi_object_creation_failed
For improved performance, CDP avoids placing the backup data on the disk. To do so, the Agent Service
requests (by sending SQL commands via the SQL ODBC driver) the SQL server to place the backup data
in memory, rather than on disk.
The CDP Agent uses SQL server’s in-memory component to backup the SQL database. The error occurs
when this component is not installed in the agent machine. Generally, the SQL server installs this
component as part of regular installation unless the SQL customized installation is configured to not
install it. The following instructions should solve the problem:
Step 1
Verify the location of the "sqlvdi.dll" file by searching the local computer.
Step 2
Verify, in the registry, that the following two keys do not exist:
HKEY_CLASSES_ROOT\CLSID\{40700425-0080-11d2-851f-00c04fc21759}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{b5e7a132-a7bd-11d1-84c2-00c04fc21759}\InprocServer32
Step 3
Re-register the sqlvdi.dll file from the DOS prompt using the regsvr32 program. In a DOS window, go
to the directory where the sqlvdi.dll file is located, and execute the following command:
regsvr32 sqlvdi.dll
The sqlvdi.dll file can also be re-registered from within Windows Explorer:
•
Navigate to the directory where the sqlvdi.dll is located, right-click the DLL, select Open with |
Other..., navigate to Winnt\System32 and select regsvr32 | Open | OK. Again, there should be a
pop-up message indicating successful registration.
Step 4
For either DOS or Windows registration, a pop-up message similar to the following one should appear,
indicating the successful registration of the DLL file.
Step 5
Rerun the backup, and confirm success.
If the above resolution doesn’t work, perform the procedure detailed in the following MS KB article.
http://support.microsoft.com/default.aspx?scid=kb;en-us;280759
The following SQL components are used by SQLVDI:
•
Sqlvdi.dll
•
Sqlresld.dll
•
Sqlunirl.dll
•
Sqlsvc.dll
SonicWALL CDP 5.0 Administrator’s Guide
121
Recovering Your Data Using SonicWALL CDP
Recovering Your Data Using SonicWALL CDP
When using SonicWALL CDP, if an agent should experience an event that results in data loss, you will
be able to recover any data that you had defined for backup. In the event of agent data loss, data can be
recovered directly from the SonicWALL CDP appliance. In the event of a disaster that has rendered local
data corrupted or destroyed, data can be recovered from the Offsite Service.
This section contains the following two subsections:
•
“File Recovery Using the SonicWALL CDP Agent Tool” section on page 122
•
“Recovering Data from Microsoft Exchange” section on page 123
•
“Recovering Data from Active Directory” section on page 131
•
“Recovering Data from Microsoft SQL Server” section on page 133
•
“Disaster Recovery Using the Offsite Service” section on page 142
•
“Recovery when RAID Fails” section on page 144
File Recovery Using the SonicWALL CDP Agent Tool
SonicWALL CDP allows you to recover lost data directly from the appliance. Recovery can be
performed to replace a folder that has been deleted, or to restore a previous version of a folder that has
been changed or otherwise damaged. Recovery can be performed on any agent and recovered files are
restored directly from the appliance.
If necessary, before restoring a file, first follow the prescribed restore procedures of the system which
may include the re-installation of the operating system, applications or replacement of hardware.
To recover data using the SonicWALL CDP appliance, perform the following steps:
Step 1
Note
Once the system is operable again, reinstall the SonicWALL CDP Agent software on the affected
computer using the software provided by SonicWALL. Be sure to enter the same user name and company
that you entered during your initial installation for the reinstall.
To recover data stored by an agent that is no longer operable, it is necessary to configure a new agent
with the same Computer Name as the disabled agent. To change your Computer Name, right click
My Computer and select Properties. Click the Computer Name tab and select Change, then type
in the Computer Name of your previous computer.
Step 2
Launch the SonicWALL CDP Agent software.
Step 3
Click the Folders button to enter Folders View.
Step 4
Select the folder you want to restore.
Step 5
In the Folders window at the bottom of the Agent screen, click Save to Location.
Step 6
Choose a location to save the folder and click the OK button.
Step 7
Repeat the process to restore additional folders to your computer.
SonicWALL CDP 5.0 Administrator’s Guide
122
Recovering Your Data Using SonicWALL CDP
Recovering Data from Microsoft Exchange
Recovery of data from Microsoft Exchange using SonicWALL CDP allows users to retrieve Microsoft
Exchange revisions from an agent machine previously configured to backup that data.
Note
Microsoft Exchange data can be restored using the Enterprise Manager or Agent Tool. Exchange
restore using Enterprise Manager can restore to disk any Exchange database, even for servers on
different agents than the Enterprise Manager.
See the following sections:
•
“Recovering a Microsoft Exchange User Mailbox” section on page 123
•
“Recovering a Microsoft Exchange Storage Group” section on page 125
•
“Recovering Exchange Using SonicWALL CDP Enterprise Manager” section on page 131
Recovering a Microsoft Exchange User Mailbox
This section describes how to restore an individual user mailbox backup to the Exchange server, by using
the Microsoft Exchange User Mailbox Backup and Restore server application in the SonicWALL CDP
Agent Tool. During the restore process, the backed up data is first copied to a temporary location and
then copied to the Exchange server.
For information about the Microsoft Exchange User Mailbox Backup and Restore server application,
including installation prerequisites, adding/removing this server application in the SonicWALL CDP
Agent Tool, and configuring user mailbox backups, see “Backing Up a Microsoft Exchange User
Mailbox” section on page 87.
Note
The current account must have privileges to access the Exchange server. See KB821897.
To restore a user mailbox, perform the following steps:
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Microsoft Exchange - User Mailbox, select the user mailbox that you want to
restore.
SonicWALL CDP 5.0 Administrator’s Guide
123
Recovering Your Data Using SonicWALL CDP
Step 3
In the right pane, click the Restore Mailbox button.
Step 4
In the Restore Mailbox dialog box, select the backup that you want to restore.
Step 5
Click Restore To Application.
The Browse For Folder dialog box appears.
Step 6
In the Browse For Folder dialog box, do one of the following to select a temporary location:
•
Select an existing folder to store the temporary copy of the user mailbox data
SonicWALL CDP 5.0 Administrator’s Guide
124
Recovering Your Data Using SonicWALL CDP
•
Step 7
Click Make New Folder to create a new folder for the temporary data
Click OK.
The application displays a progress bar as the backed up data is copied to the temporary folder and then
to the user’s mailbox on the Exchange Server. When the restore process is complete, the progress bar
dialog box closes and the Restore Completed dialog box is displayed.
Step 8
Note
Click OK in the Restore Completed dialog box.
After the data is restored to the Exchange server, you may need to synchronize your local mail client
(Outlook) in order to see restored emails.
Recovering a Microsoft Exchange Storage Group
You can restore an Exchange Storage Group by using the SonicWALL CDP Microsoft Exchange
InfoStore Backup and Restore server application in the SonicWALL CDP Agent Tool.
For information about adding the Microsoft Exchange Server - InfoStore application to the SonicWALL
CDP Agent Tool, installation prerequisites, and configuring backups, see the “Backing Up a Microsoft
Exchange Storage Group” section on page 97.
This section describes how to restore an individual Storage Group. You can restore the Storage Group
in two ways:
•
Restore to Application - Copies the data directly to the Exchange database
•
Restore to Disk - Copies the data to a folder on the local disk, then another CDP tool is used to copy
it to the Exchange database
During the restore process, the backed up data is first copied to a temporary location and then copied to
the Exchange server Storage Group directory. It is recommended to dismount all the databases within
the Storage Group and backup and remove all existing files from the Storage Group directory. See
Microsoft Exchange Disaster Recovery Operations Guide - KB867704.
Note
The current account must have privileges to access the Exchange server. See KB867704 and
KB824126
SonicWALL CDP 5.0 Administrator’s Guide
125
Recovering Your Data Using SonicWALL CDP
Restoring to Application
To restore a Storage Group using Restore to Application, perform the following steps:
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Microsoft Exchange - InfoStore, select the group that you want to restore.
Step 3
In the right pane, click the Restore Storage Group button.
Step 4
In the Restore Storage Group dialog box, select the backup that you want to restore.
SonicWALL CDP 5.0 Administrator’s Guide
126
Recovering Your Data Using SonicWALL CDP
Step 5
Click Restore To Application.
The Browse For Folder dialog box appears.
Step 6
Step 7
In the Browse For Folder dialog box, do one of the following to select a temporary location:
•
Select an existing folder to store the temporary copy of the InfoStore data
•
Click Make New Folder to create a new folder for the temporary data
Click OK.
The application displays a progress bar as the backed up data is copied to the temporary folder and then
to the Exchange Server folder. When the restore process is complete, the progress bar dialog box closes
and the Restore Completed dialog box is displayed.
Step 8
Click OK in the Restore Completed dialog box.
SonicWALL CDP 5.0 Administrator’s Guide
127
Recovering Your Data Using SonicWALL CDP
Restoring to Disk
To restore a Storage Group using Restore to Disk, perform the following steps:
Step 1
In the SonicWALL CDP Agent Tool, click the Applications tab.
Step 2
In the left pane under Microsoft Exchange - InfoStore, select the group that you want to restore.
Step 3
In the right pane, click the Restore Storage Group button.
Step 4
In the Restore Storage Group dialog box, select the backup that you want to restore.
Step 5
Click Restore To Disk.
The Browse For Folder dialog box appears.
SonicWALL CDP 5.0 Administrator’s Guide
128
Recovering Your Data Using SonicWALL CDP
Step 6
In the Browse For Folder dialog box, do one of the following to select a location on your local system:
•
Select an existing folder to store the copy of the InfoStore data
•
Click Make New Folder to create a new folder for the data
Step 7
Click OK.
Step 8
Launch the CDP Backup and Restore Tool by double-clicking MsExchangeRestore.exe in the
SonicWALL CDP installation folder. You can also launch the tool from the Windows Start menu.
Step 9
Click the Add button. The Open dialog box appears.
SonicWALL CDP 5.0 Administrator’s Guide
129
Recovering Your Data Using SonicWALL CDP
Step 10 In the Open dialog box, browse to the local folder where the backup is located, select the XML file
CDPMsExchangeBackup.xml, and click Open.
Step 11 In the CDP Backup and Restore Tool main window, click the entry in the Select Archive field to select
it, and then click Restore.
Step 12 Wait for the restore process to finish. When finished, a dialog box will indicate the status. Click OK.
SonicWALL CDP 5.0 Administrator’s Guide
130
Recovering Your Data Using SonicWALL CDP
Recovering Exchange Using SonicWALL CDP Enterprise Manager
To recover a Microsoft Exchange database instance using the Enterprise Manager, perform the following
steps:
Step 1
Click Agents in the Enterprise Manager toolbar.
Step 2
In the left-hand navigation toolbar, select an agent.
Step 3
In the right-hand window, click Applications.
Step 4
In the center pane, select the Microsoft Exchange instance to restore.
Step 5
Click Restore Database.
Step 6
Click Restore to Disk.
Step 7
Select the location to restore the files and click OK.
Recovering Data from Active Directory
Recovery of data from Active Directory using SonicWALL CDP allows users to retrieve Active
Directory revisions from agent machines previously configured to backup that data. Active Directory
data cannot be restored from the Enterprise Manager.
Note
Active Directory data can only be restored using the Agent Tool.
This section contains the following subsections:
•
“Restarting the Domain Controller in Safe Mode” section on page 131
•
“Restoring Active Directory” section on page 132
•
“Using Authoritative Restore” section on page 133
Restarting the Domain Controller in Safe Mode
With the exception of Active Directory on Windows Server 2008, you cannot restore Active Directory
in normal Windows mode. This is because the service is already active. Before restoring Active
Directory on Windows Server 2003 or 2000, you must boot your computer into safe mode. Once in safe
mode, you can restore the Active Directory as an application. This is because in safe mode the Active
Directory is disabled.
Note
Do not boot your computer into safe mode when restoring Active Directory on Windows Server
2008.
To boot your computer into safe mode, perform the following steps:
Step 1
Boot your computer and press F5 or F8 after POST/BIOS and before the Windows splash-screen,
depending on hardware specs of the server.
Step 2
Select the Directory Services Recovery Mode (DSRM).
SonicWALL CDP 5.0 Administrator’s Guide
131
Recovering Your Data Using SonicWALL CDP
Restoring Active Directory
This procedure applies to a single-server Active Directory and is intended for disaster recovery.
Restoring Active Directory will cause the loss of any changes to AD since the date of the backup that is
being restored.
SonicWALL recommends the use of redundant Active Directory domain controllers. In the case of
mirrored Active Directory domain controllers, you can optionally restore a small part of the database
rather than the entire database (for example, because some people were deleted by mistake by the
administrator or a script/program), keeping the remainder of the database up to date. In this case, the
administrator selects the old data that needs to be pushed on top of the latest data during replication, after
the server is rebooted out of Recovery Mode.
To restore Active Directory using the Agent Tool, perform the following steps:
Step 1
Restart the Domain Controller in Directory Services Restore Mode.
Step 2
Login as Restore Mode Administrator.
Step 3
Open the SonicWALL Agent Tool.
Step 4
Click Applications in the Agent Tool toolbar.
Step 5
In the left -hand navigation toolbar, expand the Server Applications tree.
Step 6
Highlight Microsoft Active Directory.
Step 7
In the right -hand portion of the window, highlight one of the backup versions and click Restore Active
Directory.
Note
The option to restore Active Directory content using the Restore Active Directory button is only
available if there is data to restore. If there is no data to restore, the Restore Active Directory button
will not be displayed.
Step 8
In the window that displays, select the version you would like to restore.
Step 9
Click Restore to Application.
Step 10 Select a folder to temporarily store the recovered data and click OK.
Step 11 After restoration is complete, restart the Domain Controller in normal mode to complete Active
Directory restoration.
SonicWALL CDP 5.0 Administrator’s Guide
132
Recovering Your Data Using SonicWALL CDP
Using Authoritative Restore
An authoritative restore is most commonly used to restore corrupt or deleted objects. For example, a
deleted user account can be recovered from an Active Directory backup that precedes the deletion of the
user account. An authoritative restore should not be used to restore an entire domain controller, nor
should it be used as part of a change-control infrastructure.
Proper delegation of administration and change enforcement will optimize data consistency, integrity,
and security.
MSDN Web links:
•
http://support.microsoft.com/?kbid=258062
•
http://support.microsoft.com/default.aspx?scid=kb;en-us;240655
•
http://support.microsoft.com/default.aspx?scid=kb;en-us;830574
•
http://support.microsoft.com/default.aspx?scid=kb;en-us;314980
•
http://support.microsoft.com/default.aspx?scid=kb;en-us;265089
•
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Operations/f66ee9e4-96d
7-4f74-a2fe-d669194bf5a2.mspx
MSDN Engineering recommends the following as the most helpful to see what is happening:
•
http://support.microsoft.com/default.aspx?scid=kb;en-us;840001
•
http://support.microsoft.com/kb/239803/
Recovering Data from Microsoft SQL Server
Recovery of data from Microsoft SQL using SonicWALL CDP allows users to retrieve Microsoft SQL
revisions from an agent machine previously configured to backup that data. Microsoft SQL recovery can
be made directly to the SQL database.
Restoring the database can be done in two ways. The database can be either restored to disk or to
application. When restoring the database to disk as in Figure 18, the database is downloaded as a set of
files from the CDP Appliance.
Figure 18
Restoring to Disk
SonicWALL CDP 5.0 Administrator’s Guide
133
Recovering Your Data Using SonicWALL CDP
Restoring to application, on the other hand, applies the database directly to the same SQL server. See
Figure 19.
Figure 19
Note
Restoring to Application
Microsoft SQL data can be restored using the Enterprise Manager and the Agent Tool. SQL restore
using the Enterprise manager can restore to disk any SQL database, even for servers on different
agents than the Enterprise Manager.
If an SQL database system fails, the first step is to recover all databases and transaction log files from
the server. These databases contain the latest information, up to the point of failure. Next, the SQL
system should be brought up on the same server or a different server. Having spare hardware will speed
up database recovery.
Each recovered database should be run through a data consistency check (using “DBCC CHECKDB”)
because it is possible that these are corrupted databases and may have been the reason for failure. If the
databases are corrupted, these could either be fixed, which normally includes data loss, or the latest
backed up database (from CDP) could be used instead.
If the backed up databases consist of a full, a differential, and several logs, these have to be applied in
order and a database consistency check should be run at each step.
See the following sections:
•
“Recovering SQL Using the Agent Tool” section on page 135
•
“Recovery Using Enterprise Manager” section on page 135
•
“Restore to Application Using Agent Tool” section on page 135
•
“Restore To Disk Using Agent Tool” section on page 136
•
“SQL Structure” section on page 137
•
“SQL Versions Supported” section on page 140
•
“Configuring SQL Authentication” section on page 140
•
“Additional Information” section on page 141
•
“Database Locked Error” section on page 141
SonicWALL CDP 5.0 Administrator’s Guide
134
Recovering Your Data Using SonicWALL CDP
Recovering SQL Using the Agent Tool
The Agent Tool displays a useful log in the Status page showing each database being backed up. If Local
Management is disabled for the Agent’s policy, then the Agent Tool will not be able to perform backup
and restore operations.
To restore a Microsoft SQL database using the Agent Tool, perform the following steps:
Step 1
Click Applications in the Agent Tool toolbar.
Step 2
In the left-hand navigation toolbar, expand the Server Applications tree.
Step 3
Expand the Microsoft SQL tree and select the database you want to restore.
Step 4
In the right-hand portion of the window, highlight one of the backup versions and click Restore
Database.
Step 5
In the window that displays, select the version you would like to restore. You may want to use the backup
type (full, differential) or date of the backup to determine which version to restore.
Step 6
Click Restore to Application to restore the revision directly to the application, or click Restore to Disk
to restore the revision to disk.
Step 7
To restore to disk, select the location to restore the files and click OK.
Step 8
To restore to the application, select a location to restore the files temporarily and click OK.
Step 9
Select a SQL Server instance and click Add.
Recovery Using Enterprise Manager
Enterprise Manager can also perform a subset of operations from a different agent. It is able to restore
SQL to disk and it can modify backup intervals on a database. However, it can not perform operations
that rely on local querying of SQL, such as adding new databases for backup or restoring to application.
To restore a Microsoft SQL database using the Enterprise Manager, perform the following steps:
Step 1
Click Agents in the Enterprise Manager toolbar.
Step 2
In the left-hand navigation toolbar, select an agent.
Step 3
In the right-hand window, click Applications.
Step 4
In the center pane, select the SQL Server instance to restore.
Step 5
Click Restore Database.
Step 6
Click Restore to Disk.
Step 7
Select the location to restore the files and click OK.
Restore to Application Using Agent Tool
This section describes the procedure for restoring to the application using the Agent Tool.
Step 1
Ensure that the destination database (restore-to database) has the same name as database backed up. You
can rename the original and create a new database with the same name, or overwrite the current database.
Step 2
Close SQL Enterprise Manager.
Step 3
Launch CDP Agent Tool, then go to Applications.
SonicWALL CDP 5.0 Administrator’s Guide
135
Recovering Your Data Using SonicWALL CDP
Step 4
Navigate to Server Applications > Microsoft SQL Server > SQL Instance, and select the database
you wish to restore.
Step 5
Click Restore Database.
Step 6
Select the Log, Differential, or Full based on the date/time-stamp that you want to restore from, then
click Restore to Application.
Step 7
Select a temporary location to download data from the CDP Appliance before importing into SQL itself
(can be local or network location). Please note that this location must have sufficient free disk space to
store each Log, Differential, and Full being restored. To be sure you have enough free space, roughly
count each Log and Differential that exists below the version you are restoring back to the last Full (CDP
will restore/replay each of these logs/differentials in order of oldest to newest automatically).
Restore To Disk Using Agent Tool
Step 1
Launch CDP Agent Tool, go to Applications.
Step 2
Navigate to Server Applications > Microsoft SQL Server > SQL Instance, select the database you
want to restore.
Step 3
Click Restore Database.
Step 4
Select the version (date/time-stamp) to restore.
SonicWALL CDP 5.0 Administrator’s Guide
136
Recovering Your Data Using SonicWALL CDP
Step 5
Click Restore to Disk and select location on file system to restore database files.
Files will be restored using the following naming convention/syntax:
MSSQL_MSSQLSERVER_DBNAME_full.bak
MSSQL_MSSQLSERVER_DBNAME_Log1.bak
MSSQL_MSSQLSERVER_DBNAME_Log2.bak
MSSQL_MSSQLSERVER_DBNAME_Diff1.bak
MSSQL_MSSQLSERVER_DBNAME_Diff2.bak
You can then import these files into a different database, or even onto a different database server.
SQL Structure
Microsoft SQL is a Database Management System (DBMS) which manages one or more databases.
Each database has two associated files:
•
The data file that contains the entire database, normally called by the database name plus the “MDF”
extension
•
The transaction log file, normally called by the database name plus the “LDF” extension, that
contains the following:
– Uncommitted SQL transactions
– Committed SQL transactions, not backed up yet
SonicWALL CDP 5.0 Administrator’s Guide
137
Recovering Your Data Using SonicWALL CDP
The write command flow is shown in Figure 20, and is generally as follows:
•
SQL write
•
Transaction logs
•
Database
Figure 20
SQL Write Command Flow
In simple recovery mode you can only restore Full database backups. In full recovery mode you can
restore Full, Differential, and Transaction Logs backups. Transaction Logs backups are shown in
Figure 21.
Figure 21
Transaction Logs Backups
Transaction log size can only increase. Truncation frees space, but does not decrease the log size. Make
sure your Transaction log size is limited; otherwise, the log will grow until all disk space is used up.
SonicWALL CDP 5.0 Administrator’s Guide
138
Recovering Your Data Using SonicWALL CDP
Databases backup follows a periodic schedule, as shown below:
Database recovery involves several steps, as shown below:
SQL levels are shown in the Agent Tool and Enterprise Manager:
SonicWALL CDP 5.0 Administrator’s Guide
139
Recovering Your Data Using SonicWALL CDP
SQL Versions Supported
SonicWALL CDP supports the following SQL server versions:
•
SQL 2000 / 2005 / 2008
SonicWALL CDP supports a SQL server running on the following operating systems:
Note
•
Windows Server 2000 (SP 4)
•
Windows Server 2003 (SP 2)
•
Windows Server 2008
•
Windows XP (SP 2)
Refer to the latest SonicWALL CDP Release Notes, available on www.sonicwall.com, for the location
of the full support matrix and compatibility information.
Configuring SQL Authentication
Configuring SQL Authentication on Windows
This does not require any changes in SQL server.
Configuring SQL Account Authentication
1.
Make sure that SQL server is configured in mixed mode authentication. This can be set using SQL
Enterprise Manager:
– Launch SQL Server Enterprise Manager.
– Right click on the SQL server instance and choose Properties. This will launch the SQL Server
Properties screen.
– Go to the Security tab.
– Make sure that the radio button for SQL Server and Windows is chosen.
2.
Make sure that the SQL account is part of SQL system administrators:
– Expand security tab under SQL server instance.
– Click Logins.
– Highlight the SQL account on the right hand side of the screen and double click on it.
– Go to the Server Roles tab.
– Make sure that the System Administrators role is selected.
3.
Make sure that SQL account has DBO access to the master database and all other application
databases that are marked for backup:
– Expand the Security tab under SQL Server Instance.
– Click Logins.
– Double click the SQL account on the right hand side of the screen.
– Go to the Database access tab.
– Make sure that the account has db_owner role for all the databases selected for backup.
SonicWALL CDP 5.0 Administrator’s Guide
140
Recovering Your Data Using SonicWALL CDP
Additional Information
More information can be found here:
SQL Forum on Disaster Recovery run by Microsoft:
http://forums.microsoft.com/MSDN/ShowForum.aspx?ForumID=744&SiteID=1
Handling Large Log Files:
http://mkruger.cfwebtools.com/index.cfm?mode=entry&entry=CFEA536D-FC85-271F-691D1A974B
A71B07
Database Locked Error
Actions that can lock the database and prevent the restore process include:
•
Querying
•
Accessing by user or application
•
Opening Enterprise Manager with database selected
Revisions may not appear immediately or even for some time due to a number of reasons including, but
not limited to, large databases, single user mode databases, 24x7 databases, or other databases with high
access frequency.
SonicWALL CDP 5.0 Administrator’s Guide
141
Disaster Recovery Using the Offsite Service
Disaster Recovery Using the Offsite Service
SonicWALL CDP Offsite Service is a subscription service that allows the administrator to perform a
disaster recovery when local data have been rendered unrecoverable. Data can only be recovered from
the Offsite Service in the event that a disaster renders local data corrupted, destroyed or otherwise
unrecoverable.
Note
Data cannot be recovered from the Offsite Service without the Encryption Key, even by SonicWALL
technical support engineers. It is advised that you store your encryption key in a secure location, such
as a safe or bank. Your encryption key may be viewed by selecting Edit > Encryption Settings in the
top menu bar. For more information, refer to the “Encryption Key Management” section on page 142.
To recover data from the Offsite Service, perform the following steps:
Step 1
Locate your encryption key, which should be stored in a safe location, such as a vault or bank.
Step 2
Verify that your SonicWALL CDP appliance is under warranty or extended warranty. If it is not under
warranty, it will be necessary to purchase a replacement SonicWALL CDP appliance with enough
storage to contain the data recovered from the Offsite Service. Contact your SonicWALL Technical
Support representative for your replacement appliance.
Step 3
Configure the replacement SonicWALL CDP appliance to match the settings of the original appliance.
Step 4
Replace the encryption key of the replacement appliance with the encryption key of the original
appliance.
Step 5
When the replacement appliance is properly configured with the encryption key from the original
appliance, it will automatically recover data from the Offsite Service.
Encryption Key Management
Encryption management allows you to view your encryption key. You may need to view your encryption
key if you have not already printed or written it down and stored it in a secure location.
See the following sections:
•
“Viewing and Saving Your Encryption Key” section on page 142
•
“Resetting Your Encryption Key” section on page 143
Viewing and Saving Your Encryption Key
To view your encryption key, perform the following steps:
Step 1
Select Edit > Encryption Settings in the top menu bar.
Step 2
Click the Enable Encryption button to enable security on the SonicWALL CDP appliance.
Step 3
To save the key locally, click the Copy Key to Clipboard. You can paste the key to a file for your
records.
SonicWALL CDP 5.0 Administrator’s Guide
142
Disaster Recovery Using the Offsite Service
Step 4
To create printable key, click the Printable Key button. A printable version of the key will display for
you to print and store.
Step 5
When you are finished, click the Close button.
Resetting Your Encryption Key
The encryption key cannot be reset.
When you click on Reset Encryption button, a message displays directing you to contact technical
support.
Contact SonicWALL Technical Support for more information.
Purging Data from the SonicWALL CDP Appliance
Purge Data is a function within the user interface. In the event that your appliance is damaged and needs
to be returned to SonicWALL, you may want to purge its contents, including stored data and agent
information.
Caution
Purge data erases all agent information, including backup files. Purge data does not change IP or
password settings.
To purge data from the SonicWALL CDP appliance, perform the following steps:
Step 1
Navigate to System > Purge Data.
Step 2
Click Purge Backup Data.
SonicWALL CDP 5.0 Administrator’s Guide
143
Recovery when RAID Fails
Step 3
Click Yes - Purge Now to confirm and purge backup data.
Step 4
A confirmation message displays upon completion of data purge.
Recovery when RAID Fails
If you are using the SonicWALL CDP 5040, 6080, 3440i or 4440i appliances, your data will be protected
by the additional failover protection of a RAID system in the event that a drive goes down.
SonicWALL CDP 3440i has RAID 1, which involves two disks, with data mirroring from one disk onto
another.
SonicWALL CDP 5040, 6080 and 4440i have RAID 5, which involves three or more disks, with
block-level data striping with distributed parity across the drive set.
This section contains the following subsections:
•
“If One Disk Fails While Using the SonicWALL CDP 3440i” section on page 144
•
“If Two Disks Fail While Using SonicWALL CDP 3440i” section on page 144
•
“If One Disk Fails While Using SonicWALL CDP 5040 / 6080 / 4440i” section on page 145
•
“If Two Disks Fail While Using SonicWALL CDP 5040 / 6080 / 4440i” section on page 145
If One Disk Fails While Using the SonicWALL CDP 3440i
If one disk fails while using the SonicWALL CDP 3440i:
•
Contact SonicWALL Technical Support. Though your system will remain operational, it is
necessary to correct the disk failure.
If Two Disks Fail While Using SonicWALL CDP 3440i
If two disks fail while using the SonicWALL CDP 3440i:
•
Contact SonicWALL Technical Support. Your system will no longer be operational.
SonicWALL CDP 5.0 Administrator’s Guide
144
Configuring SonicWALL CDP with Software Firewalls
If One Disk Fails While Using SonicWALL CDP 5040 / 6080 / 4440i
If one disk fails while using the SonicWALL CDP 5040 or 6080 or 4440i:
•
Contact SonicWALL Technical Support. Though your system will remain operational, it is
necessary to correct the disk failure.
If Two Disks Fail While Using SonicWALL CDP 5040 / 6080 / 4440i
If two disks fail while using the SonicWALL CDP 5040 or 6080 or 4440i:
•
Contact SonicWALL Technical Support. Your system will no longer be operational.
Configuring SonicWALL CDP with Software Firewalls
Most software firewalls detect SonicWALL CDP Enterprise Manager and Agent Tool during installation
and prompt for permission to open the appropriate ports. If you have a firewall installed you will need
to configure it before using the SonicWALL CDP Agent or SonicWALL CDP Enterprise Manager.
This section contains the following subsections:
•
“Working with a Windows XP SP2 Firewall” section on page 145
•
“Working with a McAfee Personal Firewall” section on page 146
•
“Working with a Norton Personal Firewall” section on page 148
•
“Working with a Zone Alarm Firewall” section on page 150
Working with a Windows XP SP2 Firewall
Windows XP SP2 installs and activates a firewall by default. If you applied Service Pack 2 after
installing the SonicWALL CDP Agent software, you may need to add CDPAgent.exe and
SonicWALL.Agent.exe to Windows XP Internet Connection Firewall settings before the backup service
can start again. Microsoft has excellent instructions on how to do this here:
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx
To enable or disable Windows XP Internet Connection Firewall, perform the following steps:
Step 1
Open the Network Connections control panel in Start > Control Panel.
Step 2
In the left window under Network Tasks, click the LAN or high-speed Internet connection that you are
using.
Step 3
Click Change Windows Firewall Settings. In this menu you can simply select Off, then click OK.
SonicWALL CDP 5.0 Administrator’s Guide
145
Configuring SonicWALL CDP with Software Firewalls
Working with a McAfee Personal Firewall
Note
If you are using Windows XP SP2, make sure you have configured XP's firewall first, using the
instructions above.
If you are using a McAfee firewall product you will likely see warnings when starting the SonicWALL
CDP Agent such as the following. In both cases, select Grant Access. Figure 22 provides the McAfee
Firewall configuration.
Figure 22
Configuring McAfee Firewall
To manually add CDPAgent.exe and SonicWALL.Agent.exe to the Allowed Applications list, perform
the following steps:
Step 1
Open McAfee Personal Firewall.
Step 2
Select Internet Applications List.
Step 3
Choose New Allowed Application.
Step 4
Navigate to Program Files > SonicWALL > Continuous Data Protection > SonicWALL.Agent.exe.
Step 5
Click Open to select the SonicWALL.Agent.exe file.
Step 6
Choose New Allowed Application.
Step 7
Navigate to Program Files > SonicWALL > Continuous Data Protection > CDPAgent.exe.
Step 8
Click Open to select the CDPAgent.exe file.
SonicWALL CDP 5.0 Administrator’s Guide
146
Configuring SonicWALL CDP with Software Firewalls
Step 9
Close McAfee Personal Firewall.
When properly configured, McAfee program control should look like Internet Applications view
provided in Figure 23.
Figure 23
McAfee Program Control
SonicWALL CDP 5.0 Administrator’s Guide
147
Configuring SonicWALL CDP with Software Firewalls
Working with a Norton Personal Firewall
Note
If you are using Windows XP SP2, make sure you have opened ports or disabled XP's firewall first,
using the instructions above.
If you are using a Norton Internet Security and Norton Personal Firewall product you will likely see
warnings when starting the agent such as illustrated in Figure 24. In both cases select Permit Always.
Figure 24
Norton Personal Firewall
To manually configure Norton Internet Security and Norton Personal Firewall, perform the following
steps:
Step 1
Open Norton Internet Security (a new window displays).
Step 2
Double-click Personal Firewall, (or click once to select Personal Firewall, then click the Configure
button to the right), as illustrated in Figure 25.
Figure 25
Norton Personal Firewall
SonicWALL CDP 5.0 Administrator’s Guide
148
Configuring SonicWALL CDP with Software Firewalls
Step 3
Click the Program Control tab.
Step 4
Click the Add button.
Step 5
Navigate to Program Files > SonicWALL > Continuous Data Protection > SonicWALL.Agent.exe.
Step 6
Click the Open button.
Step 7
The window should now display “Internet Access Permit All” next to SonicWALL.Agent.exe.
Step 8
Click the Program Control tab again.
Step 9
Click the Add button.
Step 10 Navigate to Program Files > SonicWALL > Continuous Data Protection > CDPAgent.exe.
Step 11 Click the Open button.
Step 12 The window should now display “Internet Access Permit All” next to CDPAgent.exe.
Step 13 Click the OK button.
Figure 26 provides the Programs view within the Norton Personal Firewall program control.
Figure 26
Norton Personal Firewall: Program Control
This adds SonicWALL.Agent.exe and CDPAgent.exe, which should enable you to backup your files.
You may need to restart your computer for these changes to take effect.
For online support using Norton Internet Security or Norton Personal Firewall, visit the Symantec Web
site: http://www.symantec.com/techsupp/.
SonicWALL CDP 5.0 Administrator’s Guide
149
Configuring SonicWALL CDP with Software Firewalls
Working with a Zone Alarm Firewall
If you have Zone Alarm installed you will likely see the following warnings immediately after installing
the SonicWALL CDP Agent and attempting to use the CDP service. Figure 27 provides an example of
the Zone Alarm Alert.
Figure 27
Zone Alarm Alert
Zone Alarm personal firewall must be configured to grant server rights to SonicWALL.Agent.exe and
CDPAgent.exe. By default, Zone Alarm will block applications from connecting to other computers and
acting as servers. If you have checked the “Remember this setting” box when receiving the initial
warnings, then you will not receive additional ones.
To manually configure Zone Alarm, perform the following steps:
Step 1
Open Zone Alarm and select Program Control.
Step 2
Next, click the Program Wizard button to set the correct permissions for SonicWALL.Agent.exe.
Step 3
In the Program Wizard window, select the Advanced option to manually set server permissions for
SonicWALL.Agent.exe then click the Next button to open the Secure Programs window. Click the Add
button.
Step 4
Navigate to Program Files > SonicWALL > Continuous Data Protection > SonicWALL.Agent.exe.
Click the Open button.
Step 5
In the Secure Programs window, set SonicWALL.Agent.exe with both access and server rights, then
click the Finish button.
Step 6
Select Program Control again.
Step 7
Click the Program Wizard button to set the correct permissions for CDPAgent.exe.
Step 8
In the Program Wizard window, select the Advanced option to manually set server permissions for
CDPAgent.exe then click the Next button to open the Secure Programs window. Click the Add button.
Step 9
Navigate to Program Files > SonicWALL > Continuous Data Protection > CDPAgent.exe. Click the
Open button.
Step 10 In the Secure Programs window, set CDPAgent.exe with both access and server rights, then click the
Finish button.
SonicWALL CDP 5.0 Administrator’s Guide
150
Configuring SonicWALL CDP with Software Firewalls
When properly configured, ZoneAlarm program control should look like the ZoneAlarm Program
Control displayed in Figure 28.
Figure 28
ZoneAlarm: Program Control
This adds SonicWALL.Agent.exe and CDPAgent.exe, which enable you to backup your files. For
online support using Zone Alarm, visit the Zone Labs Web site: http://www.zonelabs.com/support/.
SonicWALL CDP 5.0 Administrator’s Guide
151
Configuring SonicOS Security Services for SonicWALL CDP
Configuring SonicOS Security Services for
SonicWALL CDP
When using SonicWALL CDP in conjunction with a SonicWALL Unified Threat Management (UTM)
appliance, it is necessary to add the appliance to the Security Services exclusion lists.
Configuring the Security Services Firewall Exception List for CDP
Step 1
On SonicOS Enhanced versions prior to 3.5, load the unlinked Diag page
(https://<192.168.168.168>/diag.html).
Note that newer firmware versions including SonicOS Enhanced 3.5 or higher, have this selection on a
normal linked page.
Step 2
Click on the Internal Settings button.
Step 3
Clear the Enforce Host Tag Search for CFS radio button.
Step 4
Click Apply.
Setting up Security Services for SonicWALL CDP
This section describes the steps needed when adding a SonicWALL CDP appliance to your network
when you are running SonicOS Security Services. To prevent the Security Services from blocking access
to your SonicWALL CDP appliance, you must configure SonicOS Security Services with exclusions for
the IP address of the appliance.
Under Security Services, perform the following steps:
Step 1
Navigate to Content Filtering Security Services > Enable CFS exclusion list.
Step 2
Add the SonicWALL CDP IP address to the list.
Step 3
Navigate to Client AV Enforcement > Client AV Enforcement exclusion list.
Step 4
Add the SonicWALL CDP IP address to the list.
Step 5
Navigate to Gateway AV > Configure GW AV Settings > Enable GAV exclusion list.
Step 6
Add the SonicWALL CDP IP address to the list.
Step 7
Select the Enable Http byte-range requests with GAV checkbox.
Step 8
Navigate to IPS Settings > Enable IPS exclusion list.
Step 9
Add the SonicWALL CDP IP address to the list.
Step 10 Select the Enable IP re-assembly checkbox.
Step 11 Navigate to Anti-Spyware settings > Configure Anti-Spy exclusion list.
Step 12 Add the SonicWALL CDP IP address to the list.
SonicWALL CDP 5.0 Administrator’s Guide
152
Adding a SonicWALL CDP Appliance to GMS
Adding a SonicWALL CDP Appliance to GMS
SonicWALL CDP appliances must be running firmware version 2.3 or later to be managed using
SonicWALL GMS. To configure a SonicWALL CDP for SonicWALL GMS management, perform the
following tasks:
– “Preparing the SonicWALL CDP Appliance” on page 153
– “Adding the SonicWALL CDP Appliance to GMS” on page 153
– “Registering CDP Appliances for Use with SonicWALL GMS” on page 155
Preparing the SonicWALL CDP Appliance
1.
Log in to your SonicWALL CDP appliance.
2.
Navigate to System > GMS.
3.
Type the GMS host name or IP address of the GMS server and the port number in the GMS Host
Name or IP Address field. The default port is 514.
4.
Enter the heartbeat interval, in seconds, in the Heartbeat Interval (seconds) field. The maximum
heartbeat interval is 86400 (24 hours).
5.
Click Submit
Adding the SonicWALL CDP Appliance to GMS
To add your appliance to GMS, perform the following tasks:
1.
Log in to GMS.
2.
Click the CDPs appliance tab
. If the CDPs tab is not visible above the TreeControl pane,
click the down arrow button and select CDPs from the drop-down list.
SonicWALL CDP 5.0 Administrator’s Guide
153
Adding a SonicWALL CDP Appliance to GMS
3.
In the left-most pane, right click and select Add Unit. The Add Unit popup displays.
4.
Enter a descriptive name for the SonicWALL appliance in the Unit Name field.
5.
Enter the appliance administrator login name in the Login Name field.
6.
Enter the appliance administrator password in the Password field.
7.
Enter the appliance serial number in the Serial Number field. The serial number can be found in
the CDP appliance management interface under General > Status.
8.
The management mode defaults to Using HTTPS.
9.
Click OK.
10. It may take up to a minute for the data to load.
SonicWALL CDP 5.0 Administrator’s Guide
154
Adding a SonicWALL CDP Appliance to GMS
The SonicWALL CDP is displayed in the left pane of the SonicWALL GMS interface as a yellow icon,
which means the unit has not been acquired by SonicWALL GMS. After the appliance has been acquired,
the icon will either turn red, indicating that the appliance status is down, or blue, indicating that the
appliance status is up. For detailed appliance icon descriptions, see “Web-Based Management Interface”
on page 16.
It may take up to five minutes for the SonicWALL GMS to establish an HTTPS connection and acquire
the SonicWALL appliance for management.
Your CDP is now ready for management using SonicWALL GMS.
Registering CDP Appliances for Use with SonicWALL GMS
To register a CDP appliance, you must perform tasks on GMS and on the CDP appliance through its local
user interface. See the following sections:
•
“Registration Tasks on GMS” section on page 155
•
“Registration Tasks on the CDP Appliance” section on page 156
Registration Tasks on GMS
When you add a CDP appliance, GMS creates a task to register it. You can see the scheduled Appliance
Registration task in the Console > Tasks > Scheduled Task screen.
Note
When a unit is added to GMS, once it is acquired successfully by GMS, it is automatically
registered by GMS. However, CDP appliances cannot be used until you complete the
registration tasks on the local CDP appliance.
You can also register CDP appliances manually in GMS. To register a CDP appliance:
1.
In the left pane, select the CDP appliance.
2.
Click the Policies tab.
SonicWALL CDP 5.0 Administrator’s Guide
155
Adding a SonicWALL CDP Appliance to GMS
3.
In the center pane, navigate to Register/Upgrades > Register CDPs.
4.
Click Register. The scheduler displays.
5.
Expand the Scheduler settings by clicking the plus button.
6.
Do one of the following:
– Select Immediate.
– Select the At button and specify a date and time for SonicWALL GMS to perform the
registration.
7.
Note
Click Accept.
It may take several seconds for GMS to contact SonicWALL to register the CDP.
Registration Tasks on the CDP Appliance
After the GMS task has been executed, it disappears from the table of scheduled tasks in the Console >
Tasks > Scheduled Tasks screen. You can now perform the local registration tasks on the CDP appliance.
For more information on CDP registration, see the SonicWALL CDP Getting Started Guide for your CDP
appliance.
SonicWALL CDP 5.0 Administrator’s Guide
156
Adding a SonicWALL CDP Appliance to GMS
To perform local CDP registration tasks:
1.
In GMS, in the left pane, select the CDP unit.
2.
Navigate to Policies > General > Status.
3.
In the right pane, locate the Registration Code for use on the local CDP appliance.
4.
On the management system for the CDP appliance, launch the SonicWALL CDP Enterprise
Manager software from the Windows Start Menu: Programs > SonicWALL > SonicWALL
Continuous Data Protection > SonicWALL Enterprise Manager.
SonicWALL CDP 5.0 Administrator’s Guide
157
Adding a SonicWALL CDP Appliance to GMS
5.
In the SonicWALL CDP Enterprise Manager startup screen, click the Change Appliance button.
Select Unregistered CDP Appliance from the list and click Connect.
6.
Enter “password” in the Password field and click Login.
7.
The Appliance Registration Wizard Internet Connectivity page displays. Click Verify Appliance
Internet Connectivity.
8.
If your CDP appliance connection to the Internet is successful, you will see the message
“Connection succeeded. Click Next to continue.” Click Next.
SonicWALL CDP 5.0 Administrator’s Guide
158
Configuring Site-to-Site Backup and Recovery
9.
The Administrator Contact Info page displays. Enter the administrator contact information, create a
new password, and enter your Registration Code (obtained in GMS). Click Register to continue.
10. When you see the message “Appliance Registration Was Successful”, click Finish Registration.
Configuring Site-to-Site Backup and Recovery
This section describes how to implement and manage the CDP Site-to-Site feature.
This section contains the following sub-sections:
•
“CDP Site-to-Site Overview” section on page 159
•
“Setting up CDP Site-to-Site” section on page 163
•
“Using CDP Site-to-Site” section on page 170
CDP Site-to-Site Overview
This section provides an introduction to the CDP Site-to-Site feature. This section contains the following
subsections:
•
“What is CDP Site-to-Site Backup?” section on page 160
•
“Benefits” section on page 160
•
“How Does CDP Site-to-Site Work?” section on page 160
SonicWALL CDP 5.0 Administrator’s Guide
159
Configuring Site-to-Site Backup and Recovery
What is CDP Site-to-Site Backup?
The CDP Site-to-Site Backup feature provides a secure, reliable, and confidential method of backing up and
recovering data from one or more local CDP appliances to another local or offsite CDP appliance.
In a typical one-to-one configuration of CDP Site-to-Site, one local CDP appliance, or downstream
appliance, is used to backup local workstations. A second CDP appliance, or upstream appliance, is deployed
locally or at a remote location and is used to backup the downstream CDP appliance.
Note
You must purchase an 8x5 or 24x7 support contract and a 1, 3, 5, or 10 node Site-to-Site
license for the upstream CDP appliance.
The one-to-one CDP Site-to-Site configuration can be expanded to include multiple downstream CDP
appliances that back up to a single local or offsite upstream CDP appliance. The upstream appliance needs
to have sufficient Site-to-Site nodes licensed.
Note
Multiple downstream CDP appliances can backup to a single upstream CDP appliance.
Upstream CDP appliances can also backup local data to the SonicWALL Offsite Portal or to
yet another CDP appliance. However, this third appliance cannot send any data offsite.
In the event that a downstream CDP appliance is rendered unusable, the CDP Site-to-Site feature allows
you to recover your data, settings and configurations directly from the upstream CDP appliance. If the data
on the upstream CDP appliance is not the most recent, choose the option to only download settings and
configurations; the local agents will then back up the most recent data to the downstream CDP appliance
which will be sent to the upstream CDP appliance. If the upstream CDP appliance is rendered unusable, it
can easily be replaced with a new CDP appliance configured with the same IP address as the original
upstream CDP appliance.
Benefits
The benefits of the CDP Site-to-Site feature include:
•
Secure, confidential data backup and recovery
•
Additional protection against data loss
•
Easy deployment
•
Quick recovery of settings and configurations or complete recovery of data, settings, and
configurations.
How Does CDP Site-to-Site Work?
The CDP Site-to-Site feature requires a minimum of two CDP appliances to be deployed in a one-to-one
scenario, in which a single upstream CDP appliance is the backup method for a downstream CDP appliance.
The upstream CDP appliance can be deployed locally or offsite using a VPN or WAN connection, as
illustrated in Figure 29 and Figure 30. The downstream CDP appliance must be configured to backup to the
IP address of the upstream CDP appliance, and the upstream CDP appliance must be licensed for
Site-to-Site and have at least one node available.
Multiple downstream CDP appliances can be configured to backup to a single local or offsite upstream CDP
appliance in a many-to-one configuration. Upstream CDP appliances can also be used as a backup method
for local agents, and can back up the local agent data to the SonicWALL offsite portal or to another C DP.
SonicWALL CDP 5.0 Administrator’s Guide
160
Configuring Site-to-Site Backup and Recovery
Data, settings and configuration backed up from the downstream CDP appliance to the upstream CDP
appliance are 256-bit encrypted and compressed, and sent using port 2022. All other features, including
alerts, policies, and reports, can be configured on the upstream and downstream CDP appliances.
In the event of a disaster, data, settings, and configurations (or just settings and configurations) can be
recovered from the upstream CDP appliance to the downstream CDP appliance. If the data on the upstream
appliance is outdated, the option to recover only settings and configurations provides the ability to rapidly
set up the replacement CDP. The replacement will then recover the latest data directly from its local agents,
and then pass this data on to the upstream CDP appliance, thereby reinstating full backup protection.
If the downstream CDP appliance is rendered unusable, it is necessary to obtain a new downstream CDP
appliance to replace it. The upstream CDP appliance must be notified of the change and the new box must
be configured to backup to it prior to recovering data from the upstream CDP appliance.
Sample Setup Cases
The diagram in Figure 29 provides an example of a one-to-one CDP Site-to-Site deployment. Multiple
agents are configured to backup to the downstream CDP appliance (IP address 10.0.0.1). The downstream
CDP appliance is configured to backup to the local upstream CDP appliance (IP address 10.0.0.2).
Figure 29
CDP Site-to-Site: One to One Local Configuration
Upstream CDP Appliance
Downstream CDP Appliance
Local Network
The diagram in Figure 30 provides an example of a one-to-one offsite CDP Site-to-Site deployment.
Multiple agents are configured to backup to the downstream CDP appliance (IP address 10.0.0.1). The
downstream CDP appliance is configured to backup to the offsite upstream CDP appliance (IP address
10.1.1.2) using a VPN or WAN connection.
Figure 30
CDP Site-to-Site: One to One Offsite Configuration
Internet
Upstream (Remote)
CDP Appliance
Downstream (Local)
CDP Appliance
Remote Network
Local Network
Warning
An upstream appliance can not be backed up on a downstream appliance.
SonicWALL CDP 5.0 Administrator’s Guide
161
Configuring Site-to-Site Backup and Recovery
Figure 31 provides an example of a many-to-one CDP Site-to-Site deployment with multiple CDP
appliances (IP addresses 10.0.0.1 and 10.0.0.3) configured to backup to a single upstream CDP appliance
(IP address 10.1.1.2). The upstream CDP appliance can be used to backup local clients and backup this data
either to the offsite portal or to a final CDP.
Note
Only data being backed up by the upstream CDP’s local clients will be sent to the offsite
portal. If the data is sent to another CDP, this final CDP can not send any data offsite.
Figure 31
CDP Site-to-Site: Many to One Configuration; Single Destination Backup
Downstream (Local) CDP Appliance #1
Downstream (Local) CDP Appliance #2
Offsite Portal
Internet
(or CDP Appliance #4)
Upstream (Remote) CDP Appliance #3
SonicWALL CDP 5.0 Administrator’s Guide
162
Configuring Site-to-Site Backup and Recovery
Setting up CDP Site-to-Site
This section contains the following sub-sections:
•
“Administrator Prerequisites” section on page 163
•
“Administrator Configuration Tasks” section on page 163
Administrator Prerequisites
The following deployment prerequisites are required to use the CDP Site-to-Site feature:
Note
•
Two or more CDP appliances running 3.0 or higher firmware
•
8x5 or 24x7 support contract for the upstream CDP Appliance
•
Site-to-Site license for the upstream CDP appliance to accept downstream CDP appliance connections
•
IP address or Fully Qualified Domain Name for the Upstream CDP Appliance
•
In the case of an offsite Upstream Appliance, port 2022 must be open to receive incoming traffic within
firewall rules.
You must purchase an 8x5 or 24x7 support contract and a 1, 3, 5, or 10 node Site-to-Site
license for the upstream CDP appliance.
Administrator Configuration Tasks
To configure the CDP Site-to-Site feature, the upstream CDP appliance must be licensed with a support
contract and a sufficient Site-to-Site license. The downstream CDP appliance must be configured to back
up to the upstream CDP appliance. If both appliances are properly configured, they will link and backup
will begin immediately. The downstream CDP appliance quota can then be configured.
After the initial Site-to-Site configuration, data, settings, and configurations can be recovered from the
upstream CDP appliance.
Note
Your SonicWALL CDP appliances must be registered before they can be deployed for
Site-to-Site.
This section contains the following sub-sections:
•
“Purchasing Licenses and Support” section on page 164
•
“Configuring the Downstream CDP Appliance” section on page 166
•
“Configuring the Upstream CDP Appliance Quota” section on page 168
SonicWALL CDP 5.0 Administrator’s Guide
163
Configuring Site-to-Site Backup and Recovery
Purchasing Licenses and Support
You must purchase an 8x5 or 24x7 support contract and a 1, 3, 5, or 10 node Site-to-Site license for the
upstream CDP appliance. This can be done directly through mysonicwall.com or through your reseller.
To configure the upstream CDP appliance to accept backup data from the downstream CDP appliance,
perform the following steps:
Note
Your CDP appliances must be registered with mysonicwall.com before use. Refer to the SonicWALL
CDP Getting Started Guide for further information on registering your appliances.
Step 1
Open a Web browser on the computer you are using to manage the SonicWALL CDP appliance.
Step 2
Enter http://www.mysonicwall.com in the location or address field.
The mySonicWALL.com login page is displayed.
Step 3
Enter your mySonicWALL.com account username and password in the appropriate fields and click the
submit button.
Step 4
Navigate to My Products in the left-hand navigation bar
Step 5
Select the CDP appliance you wish to use as the Upstream backup.
SonicWALL CDP 5.0 Administrator’s Guide
164
Configuring Site-to-Site Backup and Recovery
Step 6
Register for a Dynamic Support license.
Step 7
Register for a Site-to-Site Node Support license.
Note
Site-to-Site Node licenses do not expire. You may add additional Node Licenses by
purchasing them from the mysonicwall.com Website.
Step 8
Login to your upstream CDP appliance’s Web management interface.
Step 9
Navigate to the Licenses page in the left-hand navigation bar.
Step 10 Click the Refresh button to have the CDP appliance update its license.
The appliance should now show the correct number of nodes licensed and is ready to backup a
downstream CDP appliance.
SonicWALL CDP 5.0 Administrator’s Guide
165
Configuring Site-to-Site Backup and Recovery
Configuring the Downstream CDP Appliance
To configure the downstream CDP appliance to back up to the upstream CDP appliance, perform the
following steps:
Step 1
Login to the downstream CDP appliance using the Enterprise Manager.
Step 2
From the Edit menu, select Set Offsite Location.
SonicWALL CDP 5.0 Administrator’s Guide
166
Configuring Site-to-Site Backup and Recovery
Step 3
Note
Uncheck the box next to Use SonicWALL Portal. Type the IP address or the FQDN (Fully Qualified
Domain Name) of the upstream CDP appliance in the field under Upstream appliance name or address.
It is important that the upstream and downstream appliances have different IP addresses. Refer to the
SonicWALL CDP Getting Started Guide for further information on configuring an appliance’s IP
address and domain name.
Step 4
Click Change.
Step 5
An alert displays. Click Yes to replace the existing appliance data with offsite data, or click No to purge the
offsite data and leave the existing appliance data.
SonicWALL CDP 5.0 Administrator’s Guide
167
Configuring Site-to-Site Backup and Recovery
Configuring the Upstream CDP Appliance Quota
The quota is the maximum amount of data that can be backed up. For information about editing the
default policy quota or creating a custom policy with a custom quota, refer to the “Managing the Default
Policy” section of the SonicWALL CDP Enterprise Manager Administrator’s Guide.
To apply a quota, the amount of data the upstream CDP appliance will accept from the downstream CDP
appliance, perform the following steps:
Step 1
Login to the upstream CDP appliance using the Enterprise Manager.
Step 2
Click the Agents tab.
SonicWALL CDP 5.0 Administrator’s Guide
168
Configuring Site-to-Site Backup and Recovery
Step 3
In the left pane, under the SonicWALL CDP Agents list, select the downstream CDP appliance.
Step 4
Click the Edit Policy tab in the right pane.
Step 5
From the Current Policy drop down menu, select the Default Policy, or, if you have configured one, a
custom policy.
Step 6
Click Update.
SonicWALL CDP 5.0 Administrator’s Guide
169
Configuring Site-to-Site Backup and Recovery
Using CDP Site-to-Site
This section covers disconnecting CDPs from a Site-to-Site backup, and using the Site-to-Site
connection to recover data in case of a downstream CDP failure. This section contains the following
subsections:
•
“Removing a Downstream CDP” section on page 170
•
“Selecting Files for Offsite Backup” section on page 172
•
“Recovering Data From the Upstream CDP Appliance” section on page 173
•
“CDP Site-to-Site Best Practices” section on page 179
Removing a Downstream CDP
To remove a downstream CDP and free up an upstream node, perform the following steps:
Step 1
Login to the downstream CDP appliance using the Enterprise Manager.
SonicWALL CDP 5.0 Administrator’s Guide
170
Configuring Site-to-Site Backup and Recovery
Step 2
From the Edit menu, select Set Offsite Location.
Step 3
Check the box next to Use SonicWALL Portal.
Step 4
Click Change.
Step 5
Login to the upstream CDP appliance using the Enterprise Manager
Step 6
Navigate to the Agent tab and select the unwanted downstream CDP.
SonicWALL CDP 5.0 Administrator’s Guide
171
Configuring Site-to-Site Backup and Recovery
Step 7
Click Remove Agent.
Step 8
An alert displays. Click Yes.
Removing a downstream CDP will delete all the relevant backup data from the upstream CDP appliance.
Selecting Files for Offsite Backup
Once properly configured, SonicWALL CDP Site-to-Site Backup is as simple to use as the basic CDP
backup.
Step 1
Login to the CDP Agent Tool.
Step 2
Navigate to the file you wish to backup.
Step 3
Select for offsite backup.
Step 4
Click the Backup Offsite button in the Dashboard.
SonicWALL CDP 5.0 Administrator’s Guide
172
Configuring Site-to-Site Backup and Recovery
Files selected for Offsite backup display their status using the following color code:
Offsite Status
Gray
Pending transfer; the file or folder is marked for offsite backup, but has not yet been
copied.
Blue
Parent folder marked for backup; this folder along with all subfolders and files will
be backed up.
Orange
Pending update with a newer copy; a version of the file or folder exists offsite, but
does not yet contain the latest changes.
Green
Totally synchronized; the latest version of the file on the CDP has been replicated
to the offsite storage.
Recovering Data From the Upstream CDP Appliance
If the downstream CDP is no longer accessible, a new CDP can take its place and recover data from the
upstream appliance. Required information before you begin:
•
Old CDP’s registration code (to identify the original CDP)
•
Old CDP’s encryption key
•
New CDP’s registration code
To recover data from the upstream CDP appliance, you must first configure the upstream appliance to
allow the new downstream appliance access to the old appliance’s data. Then the new appliance must be
setup to connect to the upstream CPD appliance.
Note
The data on the downstream appliance will be replaced with the data from the upstream appliance.
The data restore process cannot be canceled once it has started.
SonicWALL CDP 5.0 Administrator’s Guide
173
Configuring Site-to-Site Backup and Recovery
To update the upstream appliance, perform the following steps:
Step 1
Login to the upstream CDP appliance using the Enterprise Manager.
Step 2
Navigate to the Agents tab and select the old CDP that is being replaced.
SonicWALL CDP 5.0 Administrator’s Guide
174
Configuring Site-to-Site Backup and Recovery
Step 3
Click the Edit Name button.
Step 4
Replace the old CDP’s registration code with the new one and click Rename.
Step 5
Click the Reset Key button.
You must now configure the new downstream appliance to backup to the upstream CDP appliance.
Follow the directions in “Configuring the Downstream CDP Appliance” section on page 166 before
recovering data from the upstream CDP appliance.
Step 6
Login to the downstream CDP appliance using the Enterprise Manager.
SonicWALL CDP 5.0 Administrator’s Guide
175
Configuring Site-to-Site Backup and Recovery
Step 7
From the Edit menu, select Set Offsite Location.
Step 8
Uncheck the box next to Use SonicWALL Portal. Type the IP address or the FQDN (Fully Qualified
Domain Name) of the upstream CDP appliance in the field under Upstream appliance name or
address.
Note
Step 9
It is important that the upstream and downstream appliances have different IP addresses. Refer to the
SonicWALL CDP Getting Started Guide for further information on configuring an appliance’s IP
address and domain name.
Click Change.
Step 10 An alert displays. Click Yes to replace the existing appliance data with offsite data, or click No to purge
the offsite data and leave the existing appliance data.
SonicWALL CDP 5.0 Administrator’s Guide
176
Configuring Site-to-Site Backup and Recovery
Step 11 To restore settings and configurations only, select the radio button next to Download only
Settings/Configurations from parent location. To restore data, settings, and configurations, select the
radio button next to Download Settings/Configurations and Data from parent location.
Note
Once the old appliance’s settings and configurations are downloaded, the new appliance will begin
backing up the local agents immediately. It may not be necessary to download the old data from the
upstream appliance.
Step 12 If the Please Enter Your Encryption Key field is not populated, enter your encryption key. This is the
key of the old appliance.
Step 13 Click Test Key. If the key is correct, a success message will display. Click OK.
SonicWALL CDP 5.0 Administrator’s Guide
177
Configuring Site-to-Site Backup and Recovery
Step 14 Click Restore.
Step 15 A warning message displays. Click Yes to continue.
Note
The data on the downstream appliance will be replaced with the data from the upstream appliance.
Step 16 A second warning message displays. Click Yes to continue.
Note
The data restore process cannot be canceled once it has started.
SonicWALL CDP 5.0 Administrator’s Guide
178
Configuring Site-to-Site Backup and Recovery
The restore progress displays. Click Close to close the progress page.
Congratulations, you have completed a Site-to-Site restore and recovery.
CDP Site-to-Site Best Practices
For best performance, SonicWALL recommends you follow these practices:
•
Seed data to a second local CDP when dealing with large data sets.
•
Consider having a dedicated internet connection for many-to-one backup scenarios.
•
Separate out data being uploaded: Do not seed all machines at once. Do not seed all files from a
single large machine at one time.
•
No circular references of data. An upstream appliance can not backup to one of its downstream
appliances.
SonicWALL CDP 5.0 Administrator’s Guide
179
Configuring SonicWALL CDP Local Archiving
Configuring SonicWALL CDP Local Archiving
This section describes how to configure, implement, and manage a local archive for your CDP appliance.
Local archiving is a feature of the CDP Enterprise Manager that allows an administrator to copy some
or all of the contents of your CDP appliance onto a USB device. This feature can also be used to create
a portable backup that can be restored at another site that does not have a CDP appliance. Data can be
archived to the USB device in encrypted format.
SonicWALL CDP local archiving provides the following benefits:
•
Disaster-recovery—Local Archiving can be part of a flexible disaster-recovery program.
Administrators can configure local archiving to run automatically, and use USB devices to replace
tapes.
•
Offsite storage—For some organizations, physical offsite storage is a regulatory requirement.
Copying data to USB devices, which are then stored elsewhere, can fulfill regulatory requirements,
especially when the data is securely encrypted.
•
Backup—In companies with multiple locations, the distributed branch offices can back up to a
central location, which adds flexibility and redundancy.
•
Security—Encrypted USB storage devices are more secure than many other methods of offsite
storage.
See the following sections:
•
“How Does Local Archiving Work?” on page 180
•
“Prerequisites for Local Archiving” on page 181
•
“Local Archiving Configuration Overview” on page 181
•
“Creating a Local Archive” on page 182
•
“Ejecting the USB Device” on page 184
•
“Restoring Files, Folders, and Client Applications from a Local Archive” on page 184
•
“Restoring a Server Application from a Local Archive” on page 188
•
“Using the SonicWALL CDP Backup Restore Tool” on page 190
•
“Creating a Local Archive Task” on page 191
How Does Local Archiving Work?
An administrator plugs a USB device into a SonicWALL CDP appliance and then uses the SonicWALL
CDP Enterprise Manager to copy some or all of the contents of the CDP appliance to the USB device.
The administrator specifies a source and destination, and whether the data should be archived in an
encrypted format. The administrator then clicks Archive Now! to copy the data.
The administrator can also configure automated tasks to copy data from the SonicWALL CDP appliance
to a USB device. By default, archived files are stored on the USB device as compressed, unencrypted
files. Administrators can choose to add encryption to some or all of the archived files as they are stored
on the USB device.
SonicWALL CDP 5.0 Administrator’s Guide
180
Configuring SonicWALL CDP Local Archiving
Prerequisites for Local Archiving
Before configuring local archiving, make sure that the following requirements are met:
•
The SonicWALL CDP Enterprise Manager is configured and running properly.
•
The local archiving module is properly licensed. The license is available on MySonicWALL at no
additional charge.
•
A USB device of sufficient capacity for your needs is plugged into the SonicWALL CDP appliance.
SonicWALL recommends using NTFS on USB media. If you use FAT32, archiving is limited to files
less than 4 gigabytes.
Note
•
Local archiving requires a USB drive formatted for NTFS to archive files larger than
4 GB.
If you plan to use your own encryption key to safeguard your data, the key should be available.
Local Archiving Configuration Overview
The administrator can use local archiving manually or as part of an automated process. The
configuration of source and destination folders is the same for both processes. For automated local
archiving, the administrator must also create one or more tasks.
To set up a local archive, you must first choose a destination folder, and then the folder or folders you
want stored on the USB device. These source folders exist on the CDP appliance. The administrator can
also configure encryption for the folders. The administrator can set up recurring tasks that perform the
local archiving on a regular schedule.
Note
The time stamp of local archived files is in UTC time which may be different from the actual backup
time in the local time zone.
SonicWALL CDP 5.0 Administrator’s Guide
181
Configuring SonicWALL CDP Local Archiving
To access the local archiving administration screen, click Appliance Archive on the main Enterprise
Manager toolbar.
Creating a Local Archive
To create a local archive on your USB device:
Step 1
Connect your USB device directly to the SonicWALL CDP appliance.
Step 2
Log into SonicWALL CDP Enterprise Manager and click Appliance Archive on the main Enterprise
Manager toolbar.
Step 3
Set the destination by clicking the ... button next to the Folder field. You’ll see a list of all the USB
devices mounted to your CDP device.
Step 4
Choose the USB device to which you want to copy your data. You can choose an existing folder on the
USB device, or create a new one by clicking Make New Folder.
Step 5
Click OK. In the destination section, you will see the folder you selected, and the space available on the
USB device.
Step 6
In the Appliance Archive pane, choose the agent(s), applications, or folders you want to archive to the
USB device. Select an entry by selecting the checkbox next to it.
– If a node is marked with a check, all the files and folders below it will be included. If new files
or folders are added to this node, they will automatically be added.
– To select only some folders, check only the folders you want. The levels above this partial folder
are marked with a green block instead of a checkmark. If a node is in partial mode, folders added
to it will not automatically be added to the archived folders.
– To encrypt a folder as it is archived to the USB device, right-click its check box and choose
Encrypt. By default, all the folders and files under an encrypted node will also be encrypted.
SonicWALL CDP 5.0 Administrator’s Guide
182
Configuring SonicWALL CDP Local Archiving
– To store an initial full version of a folder, and then only the changes thereafter, select the folders
and then click Incremental at the top of the pane. The first time you archive this folder, all the
files will be archived; the next time the local archiving runs, only the changed files will be
archived.
Step 7
If you chose to encrypt any data, you must select an encryption key. Select the check box to use the
encryption key stored on your SonicWALL CDP appliance. Otherwise, you can supply your own key,
which can contain up to 32 alphanumeric characters.
Step 8
When you have configured local archiving, click Archive Now! Your data is archived to the USB device
in the location you selected.
Step 9
You can stop the archiving at any time by clicking Stop Archiving.
Note
You can also use the button bar in the Local Archiving pane to configure an archiving task.
All of the buttons except Refresh work like the menu options described above. Click
Refresh to redraw the pane and be sure that you have the icons indicating the correct
settings.
Verifying Local Archiving Success
To verify that your files have archived successfully, click ... in the Destination section. Check that there
are new folders in the location you selected, with the name of the appliance, current date, and time.
At the bottom of the window, you will see a success message, detailing how many files were archived,
and if there were any failures.
Caution
You must eject the USB device before you unplug it. Failure to eject the device may cause data loss
on the USB drive. See “Ejecting the USB Device” on page 184.
SonicWALL CDP 5.0 Administrator’s Guide
183
Configuring SonicWALL CDP Local Archiving
Ejecting the USB Device
To properly eject the USB device after archiving data to it, perform the following steps:
Step 1
In SonicWALL CDP Enterprise Manager, click the Appliance Archive tab.
Step 2
In the left pane under Destination, click the ... button next to the Folder field.
Step 3
In the Select Archive Folder window, right-click the USB drive entry and select Eject.
Step 4
In the confirmation dialog, click Yes.
Step 5
In the Select Archive Folder window, click Cancel to close the window.
Restoring Files, Folders, and Client Applications from a
Local Archive
To restore files, folders, or client applications (Outlook and Outlook Express) from a local archive on
your USB device, open the SonicWALL CDP Local Archive Restoration tool. This tool is
automatically installed on your client during the initial SonicWALL CDP installation process. By
default, a shortcut is created for it on your desktop. Double-click the shortcut to launch the tool. If the
shortcut is not available, you can launch the tool by double-clicking the LocalArchiveAgent.exe file in
the SonicWALL CDP installation folder.
SonicWALL CDP 5.0 Administrator’s Guide
184
Configuring SonicWALL CDP Local Archiving
To restore server applications (Active Directory, Exchange InfoStore, SQL) from a local archive, follow
the procedure described in “Restoring a Server Application from a Local Archive” on page 188.
To restore files, folders, or client applications from a local archive:
Step 1
Connect your USB device to the computer to which you want to restore the data. This may not be the
same computer on which you run the CDP Enterprise Manager.
Step 2
Launch the SonicWALL CDP Local Archive Restoration tool and click the Browse button next to the
Source Folder field.
SonicWALL CDP 5.0 Administrator’s Guide
185
Configuring SonicWALL CDP Local Archiving
Step 3
In the Browse for Folder dialog box, navigate to the USB drive and select the desired archive and then
click OK. If the USB device contains multiple archives, they can be distinguished by the date in the file
names.
Step 4
Click the Browse button next to the Destination Folder field.
Step 5
In the Browse for Folder dialog box, select a destination folder or click Make New Folder to create a
folder for the restored data on your computer and then click OK.
SonicWALL CDP 5.0 Administrator’s Guide
186
Configuring SonicWALL CDP Local Archiving
Step 6
In the Files in Archive text field, expand the Agent name and then choose the folder, subfolder, and
version you wish to restore.
Step 7
When you select a file, click the Select Version button to choose the version of the file you wish to
restore.
– Each archiving session creates its own folder, which is named using the following format:
<Appliance Name>-<date>-<time>
Each agent has a subfolder that is named using this format:
<Agent Name>[-<postfix>]
The postfix indicates whether this is a full or incremental backup.
– There is also an index file for each agent that has a .cdp extension. Full backups include all the
selected files. Incremental backups have an initial full backup, plus an archive of any files that
have changed since the last backup.
– Before encrypted files can be restored, type the key (in clear text) with which they were
encrypted into the Encryption Key field. If you used the encryption from the CDP appliance,
it must be available before you can decrypt the document.
Step 8
Click Extract to begin restoring data. A progress bar indicates how your restore is progressing. When
finished, a status message is displayed at the bottom of the window.
SonicWALL CDP 5.0 Administrator’s Guide
187
Configuring SonicWALL CDP Local Archiving
Restoring a Server Application from a Local Archive
To restore server applications from a local archive, use SonicWALL CDP Enterprise Manager instead of
the SonicWALL CDP Local Archive Restoration tool.
To restore files, folders, or client applications (Outlook and Outlook Express) from a local archive on
your USB device, follow the procedure described in “Restoring Files, Folders, and Client Applications
from a Local Archive” on page 184.
To restore server applications from a local archive, perform the following steps:
Step 1
Launch SonicWALL CDP Enterprise Manager and click Restore From Local Archive. If Enterprise
Manager is already running, close it and then launch it again to view this selection. Note that you do not
enter the appliance password when restoring from a local archive.
SonicWALL CDP 5.0 Administrator’s Guide
188
Configuring SonicWALL CDP Local Archiving
Step 2
In the Open dialog box, select the desired archive to restore and then click Open.
Step 3
In the Enterprise Manager window, click Applications on the main Enterprise Manager toolbar.
Step 4
In the left pane, expand Server Applications and the folders under it to view the application files
available in the local archive.
Step 5
Select the archive file to restore and then click one of the following buttons in the right pane, depending
on the application you are restoring:
•
Restore Storage Group for an Exchange server application
•
Restore Database for an SQL Server application
•
Restore Active Directory for an Active Directory server application
SonicWALL CDP 5.0 Administrator’s Guide
189
Configuring SonicWALL CDP Local Archiving
Step 6
Select either Restore to Application to restore the data directly to the server application, or Restore to
Disk to restore the data to a location on your computer. See the SonicWALL CDP Administrator’s Guide
for more information.
For Microsoft Exchange applications, after restoring to disk you can use the SonicWALL CDP Backup
Restore tool (MSExchangeRestore.exe) to restore the data to the application. See “Using the
SonicWALL CDP Backup Restore Tool” on page 190. For SQL server applications, use SQL Server
Management Studio, which is included with your SQL installation. This function is not supported for
Active Directory.
Using the SonicWALL CDP Backup Restore Tool
The SonicWALL CDP Backup Restore tool is included with the SonicWALL CDP client installation.
The executable file is located in the CDP installation folder with a file name of
MSExchangeRestore.exe.
This tool is used only when you have restored a Microsoft Exchange server application using the Restore
to Disk option, and now you want to restore that data to the application. The Restore CDP Active
Directory Backup portion of the interface is not currently supported.
To restore to application with the SonicWALL CDP Backup Restore tool:
Step 1
Launch the SonicWALL CDP Backup Restore tool by double-clicking MSExchangeRestore.exe in the
SonicWALL CDP installation folder.
Step 2
Click Add.
SonicWALL CDP 5.0 Administrator’s Guide
190
Configuring SonicWALL CDP Local Archiving
Step 3
In the Open dialog box, browse to the folder containing the XML file that you restored to disk, select
the file and then click Open.
Step 4
In the CDP Backup Restore Tool window, click Restore.
Creating a Local Archive Task
You can configure the Local Archiving feature to automatically run at set intervals. Each task can run at
only one interval, but you can set up multiple tasks on the same group of files. For instance, you could
set up one task to run a full backup of a folder on Sunday, and then add a second task to do incremental
backups the rest of the week. Tasks are stored on the CDP appliance.
Follow this procedure to manually configure Local Archiving:
Step 1
In the Auto Start section, choose a period (or interval) and time.
Step 2
If you want email notification (success or failure), specify when you want the message to be sent.
Step 3
In the Task field, enter the name for this task.
Step 4
Click Save Task.
Step 5
To add another task, click Add Task and configure it with a different period and time.
Step 6
To remove or rename a task, select it from the drop-down list, and then click the appropriate button.
SonicWALL CDP 5.0 Administrator’s Guide
191
Troubleshooting SonicWALL CDP
Troubleshooting SonicWALL CDP
This section contains troubleshooting information for the SonicWALL CDP. This section contains the
following subsections:
•
“SonicWALL CDP Appliance Troubleshooting” section on page 192
•
“SonicWALL CDP Software Troubleshooting” section on page 192
•
“Backup and Recovery Troubleshooting” section on page 193
SonicWALL CDP Appliance Troubleshooting
This section contains troubleshooting that relates to the SonicWALL CDP appliance.
Symptom: Cannot connect to CDP Appliance
•
Verify that your workstation/server has network level connectivity to the CDP appliance by
attempting to ping the CDP appliance at its configured address.
•
If you are on a separate subnet, you many enter the appliance IP address manually
– Select CDP Manual Connection
– Type in the CDP appliance IP address.
•
Ensure that an agent firewall is not blocking the CDP Agent Tool from connecting to the SonicWall
CDP appliance.
– Enable firewall exceptions for Lasso.Client.exe, CDPAutoUpdate.exe and CDPAgent.exe.
SonicWALL CDP Software Troubleshooting
This section contains troubleshooting that relates to the SonicWALL CDP software.
Symptom: Agent will not update
•
Updates to the agent and appliance are downloaded and installed automatically in a process that is
transparent to the user.
– If there is no new update available during a manual update, no update will be made.
•
Verify the current version of your product by navigating to the to the System tab in the SonicWALL
CDP Agent Tool.
Configuring SonicWALL CDP to Use a Public Server Instead of Windows Workgroups
Administrators using a Windows Workgroup may notice that their computer can access the network, but
the CDP device cannot. This is because the CDP appliance is not compatible with Windows Workgroups.
Since certain networks demand that you join a Workgroup, the CDP administrator may not be able to
upgrade the firmware.
As a solution, the administrator must configure the CDP device with a public server, rather than a private
server.
SonicWALL CDP 5.0 Administrator’s Guide
192
Troubleshooting SonicWALL CDP
To use a public server you need to configure the CDP Web management interface network settings. To
do this, complete the following steps:
Step 1
On your Windows machine, navigate to Network Connections.
Step 2
Right-click Local Area Connections.
Step 3
Select Properties.
Step 4
Select TCP/IP Properties.
Step 5
Configure a Public IP, such as: 10.50.158.52.
Step 6
Click OK in each dialog box.
Symptom: Cannot open Enterprise Manager.
•
Verify that CDP Agent Tool is not running.
– The Enterprise Manager and the Agent Tool cannot be open simultaneously on the same PC.
Backup and Recovery Troubleshooting
This section contains troubleshooting that relates to the SonicWALL CDP backup and recovery process.
Symptom: Initial backup seems slow
•
Because SonicWall CDP performs file compression and intelligent file management, the initial
backup of files and folders may take some time depending on folder volume and size.
– For example, if you are trying to backup 100,000 files averaging 200 KB, it could take up to 24
hours to complete.
Symptom: Files do not appear to be backing up
•
Verify that SonicWALL CDP has access to the folders that you are trying to backup.
– Verify that SonicWALL CDP Agent Tool is started in the services tab.
– By default, SonicWall CDP uses the System account to access to the folders that are selected
for backup.
– The System account will need to be added to the security settings of any directory that you want
to backup.
SonicWALL CDP 5.0 Administrator’s Guide
193
Technical Frequently Asked Questions
Technical Frequently Asked Questions
This section contains a list of technical FAQs documented by SonicWALL technical support engineers
to address common deployment questions. Table 18 lists the technical FAQs in this section.
Table 18
Technical FAQs
FAQ
“Q: How do I backup mapped drives?” section on page 194
“Q: How do I back up SQL database in mixed mode?” section on page 194
Q: How do I backup mapped drives?
A: SonicWall CDP cannot backup mapped drives. Agent Tool software must be installed on the computer
where the data for backup resides. If you want to backup data stored on a server that has a mapped drive,
you will still need to have the CDP Agent Tool software installed and configured on the server.
Q: How do I back up SQL database in mixed mode?
A: To back up the SQL data base in mixed mode, the SQL server must be configured for mixed mode
authentication. In addition, the SQL account must be part of SQL system administrators, and must have
DBO access to the master database and all other application databases that are marked for backup. These
settings can be configured using SQL Enterprise Manager.
To configure the SQL server for mixed mode authentication, perform the following steps:
Step 1
Launch SQL Server Enterprise Manager.
Step 2
Right click on the SQL server instance and choose Properties. This will launch the SQL server
properties screen.
Step 3
Click the Security tab.
Step 4
Select SQL Server and Windows
To set the SQL account as part of SQL system administrators, perform the following steps:
Step 1
Expand Security tab under SQL server instance.
Step 2
Click on Logins.
Step 3
Highlight the SQL account on the right side of the screen and double click.
Step 4
Click the Server Roles tab.
Step 5
Select System Administrators.
SonicWALL CDP 5.0 Administrator’s Guide
194
Command Line Interface Reference
To verify that the SQL account has DBO access to master database and all other application databases
that are marked for backup, perform the following steps:
Step 1
Expand security tab under SQL server instance.
Step 2
Click on Logins.
Step 3
Highlight the SQL account on the right side of the screen and double click.
Step 4
Click the Database tab.
Step 5
Verify that the account has db_owner selected for all databases intended for backup.
Command Line Interface Reference
This section describes each SonicWALL CDP Command Line Interface (CLI) command. There are two
types of commands: executables and system variables. Typing in a system variable by itself will return
the current value of the variable. To update a variable, type it in followed with a proper value. Some
executable commands take an argument, but most do not.
date
SNWLCLI> date
This variable controls the date on the appliance.
Arguments: none
Type: System Variable
Defaults: none
Related Commands: time
dig
SNWLCLI> dig [@global-server] [domain] [q-type] [q-class] {q-opt} {global-d-opt} host
[@local-server] {local-d-opt} [ host [@local-server] {local-d-opt}]
This is the standard dig command from the bind-tools package. Use this command to troubleshoot
DNS related issues, such as:
– Connectivity to DNS server
– Outbound emails being queued
– DNS does not resolve into an IP address to connect
Arguments:
q-class: one of in,hs,ch
q-type: one of a,any,mx,ns,soa,hinfo,axfr,txt (Use ixfr=version for type ixfr)
q-opt
is one of:
-x dot-notation: shortcut for in-addr lookups
-i: IP6.INT reverse IPv6 lookups
-f filename: batch mode
-b address[#port]: bind to source address/port
-p port: specify port number
SonicWALL CDP 5.0 Administrator’s Guide
195
Command Line Interface Reference
-t type: specify query type
-c class: specify query class
-k keyfile: specify tsig key file
-y name key: specify named base64 tsig key
-4: use IPv4 query transport only
-6: use IPv6 query transport only
d-opt is of the form +keyword[=value], where keyword is:
+[no]vc: TCP mode
+[no]tcp: TCP mode, alternate syntax
+time=###: Set query timeout [5]
+tries=###: Set number of UDP attempts [3]
+retry=###: Set number of UDP retries [2]
+domain=###: Set default domainname
+bufsize=###: Set EDNS0 Max UDP packet size
+ndots=###: Set NDOTS value
+[no]search: Set whether to use searchlist
+[no]defname: Ditto
+[no]recurse: Recursive mode
+[no]ignore: Don't revert to TCP for TC responses
+[no]fail: Don't try next server on SERVFAIL
+[no]besteffort: Try to parse even illegal messages
+[no]aaonly: Set AA flag in query (+[no]aaflag)
+[no]adflag: Set AD flag in query
+[no]cdflag: Set CD flag in query
+[no]cl: Control display of class in records
+[no]cmd: Control display of command line
+[no]comments: Control display of comment lines
+[no]question: Control display of question
+[no]answer: Control display of answer
+[no]authority: Control display of authority
+[no]additional: Control display of additional
+[no]stats: Control display of statistics
+[no]short: Disable everything except shortform of answer
+[no]ttlid: Control display of ttls in records
+[no]all: Set or clear all display flags
+[no]qr: Print question before sending
+[no]nssearch: Search all authoritative nameservers
+[no]identify: ID responders in short answers
SonicWALL CDP 5.0 Administrator’s Guide
196
Command Line Interface Reference
+[no]trace: Trace delegation down from root
+[no]dnssec: Request DNSSEC records
+[no]multiline: Print records in an expanded format
global d-opts and servers (before host name) affect all queries.
local d-opts and servers (after host name) affect only that lookup.
Type: Executable
Defaults:
q-class: in
q-type: a
dns
SNWLCLI> dns [--nameserver <ip>]... [--search <domain>]...
This variable controls the DNS configuration settings on an appliance. Called with no arguments it
will return the current configuration.
Arguments:
<ip>: IP address to be assigned to the server
<domain>: Domain name to be searched for
Type: System Variable
Defaults: q-class
drives
SNWLCLI> drives
This function outputs a list of drives registered with the system. Three types of drives are:
– System: Default data storage with operating system installed on it
– Internal: Additional internal device
– Temporary: Temporary external device, such as a USB drive
Arguments: none
Type: System Variable
Defaults: none
Related Commands: time
exit
SNWLCLI> exit
This function will exit out of the CLI.
Arguments: none
Type: Executable
Defaults: none
SonicWALL CDP 5.0 Administrator’s Guide
197
Command Line Interface Reference
fetchurl
SNWLCLI> fetchurl [-q] <URL>
This function sends an HTTP request and dumps it to standard output.
Arguments:
<URL>: The URL being requested.
-q: quiet
-S: dump header in addition to response body
Type: Executable
Defaults: none
get
SNWLCLI> get <arg> [arg]
This function will retrieve configuration parameters.
Arguments: [arg]: Valid arguments that can be retrieved: ntp, ntpservers, syslogservers, tz
Type: Executable
Defaults: none
gms
SNWLCLI> gms <interval> [<server>…]
This variable stores the interval time between SonicWALL GMS heartbeat messages. Heartbeat
messages allow SonicWALL GMS to monitor the SonicWALL CDP appliance.
Arguments:
<interval>: time in seconds between SonicWALL GMS heartbeat messages, set to 0 to disable
<server>:
Type: System Variable
Defaults: none
help
SNWLCLI> help <command>
This function will print help messages describing available commands from the CLI. Calling it with
no arguments will print out a list of available commands. It can take a command name as an
argument and will print out more detailed explanation of the given command.
Arguments:
<command>: name of a valid CLI command
Type: Executable
Defaults: all available commands
hostname
SNWLCLI> hostname <fqdn>
This function will display or set current host name. Calling it with no argument will display the
current hostname.
SonicWALL CDP 5.0 Administrator’s Guide
198
Command Line Interface Reference
Arguments:
<fqdn>: fully qualified domain name
Type: Executable
Defaults: snwl.example.com
interface
SNWLCLI> interface <ifname <ip / bits | ip netmask>>
This variable controls the configuration of interfaces. With no arguments, it will return the
configuration of all available interfaces. Passing it an interface name as an argument will return all
data related to the given interface. Passing it an interface name and an IP address will overwrite the
current configuration of the interface.
Arguments:
<ifname>: name of interface to be configured
<ip>: new IP address to be assigned to interface
<bits>: bit rate to be assigned to interface
<netmask>: netmask to be assigned to interface
Type: System Variable
Defaults: current configuration
Example:
SNWLCLI> interface eth0 192.168.168.169/24
SNWLCLI> interface eth0 192.168.168.169 255.255.255.0
Example Use Case:
Problem: You have lost the password and IP address for your SonicWALL CDP appliance.
Solution: First, reset the password to the default, and then determine the IP address of the
SonicWALL CDP appliance. Connect a USB keyboard and monitor to your SonicWALL CDP
appliance and perform the following steps:
a. Reboot the SonicWALL CDP appliance, and interrupt the boot process by tapping the ESC key
on the keyboard as the boot process progresses, until you are in the GRUB bootloader screen.
You will see a variety of options. Select the Authentication Reset option.
Your SonicWALL CDP will appear to partially reboot, and will perform an additional full
reboot once more. Your username/password is reset to admin and the generic password,
password.
b. Use the keyboard and monitor to log into the appliance using the admin user name and the
current CDP password.
The SNWLCLI> prompt is displayed.
c. Type the following command to determine the IP address of the appliance:
SNWLCLI> interface eth0
The output will look similar to the following example:
eth0: 192.168.181.10 255.255.0.0
Media: Auto-detected
SonicWALL CDP 5.0 Administrator’s Guide
199
Command Line Interface Reference
where 192.168.181.10 is the current IP address and 255.255.0.0 is the current subnet mask for
the SonicWALL CDP default network adaptor.
d. If that IP address is not routable in your network (for example, it was set incorrectly or with a
typo during setup), you can change the IP address on a laptop or another computer to an IP
address on the same (incorrect) subnet, allowing you to gain access to the SonicWALL CDP
web management interface to change the CDP IP address. Be sure to reset your laptop IP
address to its previous setting after updating the IP address on the SonicWALL CDP.
iostat
SNWLCLI> iostat [options...] [<interval>[<count>]]
This is the standard input/output statistics utility.
Arguments:
[options]: see manual for details
<interval>: see manual for details
<count>: see manual for details
Type: Executable
Defaults: none
ntp
SNWLCLI> ntp <on|off> [<default servers | <server> [<server>]...>]
This variable controls the NTP (Network Time Protocol) on an appliance. With no arguments, it will
print out the current NTP configuration. In order to change NTP configuration, pass “on” or “off”
as a first argument followed by a list of NTP servers to use. Use this command to synchronize the
time with a NTP server.
Arguments:
<on>: Enables NTP using currently configured NTP servers
<off>: Turn off NTP
<default servers>: Enables NTP and resets list of servers to the built-in defaults
<server>: specifies a server to be set in NTP list
Type: System Variable
Defaults: Current configuration
ping
SNWLCLI> ping [-c COUNT] [-s SIZE] [-q] host
This function is the standard ping function. Use this control to test connectivity. It also tests the
appliance’s DNS lookup values.
Arguments:
host: target of ping
-c COUNT: send only COUNT pings
-s SIZE: Send SIZE date bytes in packets
-q: quite mode, only displays output at start and when finished
SonicWALL CDP 5.0 Administrator’s Guide
200
Command Line Interface Reference
Type: Executable
Defaults: Sent SIZE data bytes in packets = 56
quit
SNWLCLI> quit
Exits out of the CLI.
Arguments: none
Type: Executable
Defaults: none
raidadd
SNWLCLI> raidadd
This function adds a new drive to the RAID array.
Arguments: none
Type: Executable
Defaults: none
Related Commands: raidinfo, raidrebuild, raidremove, raidstatus, raidverify
raidinfo
SNWLCLI> raidinfo
This function outputs information about the RAID devices in the box.
Arguments: none
Type: Executable
Defaults: none
Related Commands: raidadd, raidrebuild, raidremove, raidstatus,raidverify
raidrebuild
SNWLCLI> raidrebuild <controller> <array> [--drive <drive>]
This function will rebuild a drive within the raid array. With no arguments, it will display the rebuild
status and scheduled jobs. With <controller> and <array> arguments, it rebuilds the array using an
optional specified drive or the first available spare drive. Scheduling rebuilding operations is
recommended as rebuilding an array can take a long time. SonicWALL recommends allowing a full
night for the rebuilding process.
Arguments:
<controller>, <array>: rebuilds using an optional specified drive or a first available spare
<drive>: drive used to rebuild the array
Type: Executable
Defaults: none
Related Commands: raidadd, raidinfo, raidremove, raidstatus,raidverify
SonicWALL CDP 5.0 Administrator’s Guide
201
Command Line Interface Reference
Example Use Case:
Problem: A SonicWALL CDP appliance has a degraded RAID array and displays the following
information:
SNWLCLI> raidinfo
Controller: 2
Manufacturer: 3ware
Model: 9650SE-4LPML
Serial: L222008A8110095
Firmware: FE9X 4.06.00.004
Driver: 2.26.08.004-2.6.23
Array Status
Size
Type
---------------0
DEGRADED 2249961567683
RAID-5
Port Status
--------0
UNKNOWN
1
OK
2
OK
3
OK
Size
Model
Serial
------------N/A
N/A
N/A
750156374016 WDC WD7502ABYS-01A6B0 WD-WMATW0008111
750156374016 WDC WD7502ABYS-01A6B0 WD-WMATW0015222
750156374016 WDC WD7502ABYS-01A6B0 WD-WMATW0008333
SNWLCLI> raidstatus
Controller Array 0
----------------2
DEGRADED
Solution: Rebuild the RAID drive in the array with valid arguments, by performing the following
steps:
a. In the CLI, execute raidremove 2 0, where the controller number is 2 and the drive port is 0.
This command should not generate any verbose output.
b. Execute raidinfo to check the status.
The status of port 0 should change to NOT-PRESENT.
c. Remove the bad disk and insert a new disk.
d. Execute raidadd.
e. Run raidinfo to check the status.
In the status output under Array, you will see two entries: 0 and 1:
Array
----0
1
Status
-----DEGRADED
OK
Size
Type
------2249961567683 RAID-5
750147176759
SPARE
f. Execute raidrebuild 2 0 –drive 0, to rebuild array 0.
SonicWALL CDP 5.0 Administrator’s Guide
202
Command Line Interface Reference
You will see the following or similar output:
Controller
---------2
Array 0
-------0%
g. Run raidinfo to check status after starting the rebuild.
The status of the array will show as REBUILDING.
raidremove
SNWLCLI> raidremove <controller>, <port>
This function removes a defective drive from the RAID array. It takes the name of the drive to be
removed as an argument.
The raidremove command must be executed before the bad disk is removed. Otherwise,
there will be an error output.
Note
Arguments:
<controller>:
<port>: removes the specified port
Type: Executable
Defaults: none
Related Commands: raidadd, raidinfo, raidrebuild, raidstatus,raidverify
raidstatus
SNWLCLI> raidstatus
This function prints out information about the status of the RAID arrays.
Arguments: none
Type: Executable
Defaults: none
Related Commands: raidadd, raidinfo, raidrebuild, raidremove, raidverify
raidverify
SNWLCLI> raidverify [{--start|--stop} c<controller>.a<array>=<m:h:D|now>|--remove <job>]
This function will verify the RAID array. With no arguments, it will display the verification status
and scheduled jobs. Scheduling verifying operations is recommended as they can take a long time.
SonicWALL recommends allowing a full night for RAID verification.
Arguments:
<m:h:D>: schedule is expressed as either "now" or m:h:D where m is the minute, h is the hour,
and D is the day of week 0-6 where 0 is Sunday, and * in any field means "every time"
<job>: rebuild job to be removed
--start: schedules verification start
--stop: schedules verification stop
--remove: removes verification job
SonicWALL CDP 5.0 Administrator’s Guide
203
Command Line Interface Reference
Type: Executable
Defaults: displays verification status and scheduled jobs
Related Commands: raidadd, raidinfo, raidrebuild, raidrebuild, raidstatus
reboot
SNWLCLI> reboot
This function will reboot the appliance.
Arguments: none
Type: Executable
Defaults: none
restart
SNWLCLI> restart <appservices | postgresql | stunnel | webui>
This function restarts running services. It takes a service name as an argument.
Arguments:
<service>: service to restart
Type: Executable
Defaults: none
Related Commands: stop, restart
route
SNWLCLI> route < --add <target> --destination <destination> | --remove <index>>
This function acts like a system variable. With no argument, it will display routes. It can add routes
if provided with an interface name or a gateway IP, or remove an existing route. Use this command
to troubleshoot routing problems.
Arguments:
<target>: an IP address, net as IP/CIDR, or ‘default’ to be added as a target to the new route
<destination>: an interface name or a gateway IP
<index>: index number of the route to be removed
Type: Executable
Defaults: Current routes
Example Use Case:
Problem: You want to replace the gateway IP for your network, and add a route for it.
Solution: Execute the following command, where the new gateway IP address is 10.10.100.1:
SNWLCLI> route --add 0.0.0.0/0 --destination 10.10.100.1
SonicWALL CDP 5.0 Administrator’s Guide
204
Command Line Interface Reference
snmp
SNWLCLI> snmp <on | off>
This variable holds the SNMP status. The current value will be displayed if the command is used
without an argument.
Arguments:
<on>: enables SNMP
<off>: disables SNMP
Type: System Variable
Defaults: Current configuration
sshd
SNWLCLI> sshd <on | off>
This variable holds the sshd status. The current value will be displayed if the command is used
without the argument.
Arguments:
<on>: enables sshd
<off>: disables sshd
Type: System Variable
Defaults: on
start
SNWLCLI> start <appservices | postgresq | stunnel | webui >
This function starts services. It takes a service name as an argument. The list of services is
application-specific.
Arguments:
<service>: service to start
Type: Executable
Defaults: none
Related Commands: stop, restart
stop
SNWLCLI> stop <appservices | postgresq | stunnel | webui >
This function stops running services. It takes a service name as an argument. The list of services is
application-specific.
Arguments:
<service>: service to stop
Type: Executable
Defaults: none
Related Commands: start, restart
SonicWALL CDP 5.0 Administrator’s Guide
205
Command Line Interface Reference
telnet
SNWLCLI> telnet <host> [<port>]
This functions just like the interactive network communication program with the same name. It
takes a host and a port as arguments. Use this tool to establish connectivity issues with a SMTP
server. It is also useful to check if outbound SMTP rules on a firewall are well configured
Arguments:
<host>: hostname of telnet target
<port>: port number
Type: Executable
Defaults: none
time
SNWLCLI> time [<YYYY/MM/DD hh:mm>][TZ <timezone>]
This function controls the date, time, and the time zone.
Arguments:
<YYYY>: year
<MM>: month
<DD>: day
<hh>: hours
<mm>: minutes
<timezone>: timezone
Type: System Variable
Defaults: Current configuration
tsr
SNWLCLI> tsr
This function outputs an internal system state report. It does not take any arguments.
Arguments: none
Type: Executable
Defaults: none
tzlist
SNWLCLI> tzlist
This function outputs a list of all available time zones.
Arguments: none
Type: Executable
Defaults: none
SonicWALL CDP 5.0 Administrator’s Guide
206
Glossary
Glossary
Active Directory: A centralized directory service system produced by Microsoft that automates network
management of user data, security and resources, and enables interoperation with other directories.
Active Directory is designed especially for distributed networking environments.
Advanced Encryption Standard (AES): A recent U.S. government encryption standard designed as the
replacement for the aging Data Encryption Standard (DES).
Agent: A server, laptop or PC to be backed up using SonicWALL CDP.
Agent Service: A SonicWALL CDP software installed automatically on agents with Agent Tool
software. Agent Service communicates with the SonicWALL CDP appliance.
Agent Tool: A SonicWALL CDP software installed on agents. Agent Tool is a user interface for users
of SonicWALL CDP agents that allows data backup and recovery configuration, as administered by the
SonicWALL CDP Enterprise Manager.
Domain Name System/Service (DNS): An Internet service that translates domain names into IP
addresses. Because domain names are alphabetic, they're easier to remember. The internet however, is
really based on IP addresses. Every time you use a domain, therefore, a DNS service must translate the
name into the corresponding IP addresses.
Downstream CDP appliance: A local CDP appliance on your LAN.
Dynamic Host Configuration Protocol (DHCP): A Protocol for assigning dynamic IP addresses to
devices on a network. With dynamic addressing, a device can have a different IP address every time it
connects to the network. In some systems, the device’s IP address can even change while it is still
connected. DHCP also supports a mix of static and dynamic IP addresses.
Dynamic addressing simplifies network administration because the software keeps track of IP addresses
rather than requiring an administrator to manage the task. This means that a new computer can be added
to a network without the hassle of manually assigning it a unique IP address. Many Internet Service
Providers (ISPs) use dynamic IP addressing for dial-up users.
Enterprise Manager: A SonicWALL CDP software installed on the SonicWALL CDP administrator’s
computer.
File Allocation Table (FAT): A table that the operating system uses to locate files on a disk. Due to
fragmentation a file may be divided into many sections that are scattered around the disk. The FAT keeps
track of all the pieces.
High Availability: The capability of a mission-critical device, such as a SonicWALL security gateway,
to automatically failover to a backup device in the event of a hardware failure on the primary unit.
Hyper Text Transfer Protocol (HTTP): The underlying protocol used by the World Wide Web. HTTP
defines how messages are formatted and transmitted, and what actions Web servers and browsers should
take in response to various commands.
IP address (Internet Protocol): An Identifier for a computer device on a TCP/IP network. Networks
using the TCP/IP protocol route message based on the IP address of the destination. The format of an IP
address is a 32-bit numeric address written as four numbers separated by periods. Each number can be
zero to 255. For example, 1.160.10.240 could be an IP address.
Local Area Network (LAN): A computer network that spans a relatively small area. Most LANs are
confined to a single building or group of buildings. However, one LAN can be connected to other LANs
over any distance using telephone lines and radio waves. A systems of LANs connected in this way is
called a wide-area network (WAN).
SonicWALL CDP 5.0 Administrator’s Guide
207
Glossary
Master Boot Record (MBR): A small program that is executed when a computer boots up. Typically,
the MBR resides on the first sector of the hard disk. The program begins the boot process by looking up
the partition table to determine which partition to use for booting. It then transfers program control to
the boot sector of that partition, which continues the boot process.
Policy: A set of rules administered from the SonicWALL CDP Enterprise Manager. Policies are assigned
directly to agents and define backup rights, quota, and other SonicWALL CDP capabilities.
Quota: The maximum size of data a SonicWALL CDP agent can back up to the Enterprise Manager.
Redundant Array of Independent Disks (RAID): A failover method used to protect against data loss
in the event of disk failure.
Static IP address: An IP address that is unique and unchanging. Unlike dynamic IP addresses, a static
IP address remains the same when you make a new Internet connection.
Upstream CDP appliance: An offsite CDP appliance on your WAN that is used for secure backup and
recovery.
User Datagram Protocol (UDP): A connectionless protocol that sends and receive datagrams over an
internet protocol (IP) network.
Universal Serial Bus (USB): An external bus standard that supports data transfer rates of 12Mbps. A
single USB port can be used to connect up to 127 peripheral devices, such as mice, modems, and
keyboard. USB also supports Plug-and-Play installation and hot plugging.
SonicWALL CDP 5.0 Administrator’s Guide
208
Related Documents
Related Documents
This section contains related documentation specific to SonicWALL CDP solutions.
User Guides
All online documentation for SonicWALL user’s guides is available on the SonicWALL Support Web
site at: http://www.sonicwall.com/us/support.html.
•
SonicWALL CDP 5.0 Agent Tool User’s Guide
•
SonicWALL CDP 110/210 Getting Started Guide
•
SonicWALL CDP 5040 Getting Started Guide
•
SonicWALL CDP 6080 Getting Started Guide
•
SonicWALL CDP 1440i/2440i Getting Started Guide
•
SonicWALL CDP 3440i/4440i Getting Started Guide
•
SonicWALL CDP 5.0 Microsoft Exchange User Mailbox Feature Module
•
SonicWALL CDP 5.0 Microsoft Exchange InfoStore Feature Module
•
SonicWALL CDP Site-to-Site Feature Module
•
SonicWALL CDP Local Archiving Feature Module
SonicWALL CDP 5.0 Administrator’s Guide
209
Contributors
Contributors
Jean-Marc Catalaa, SonicWALL Curriculum Developer, holds a B.S. in Electrical Engineering from
San Jose State University. Jean-Marc has written numerous technical documents and developed
curriculum based on topics including multi-processor architecture, networking and wireless
communications. He has taught over 40 classes about wireless communication in English, Spanish,
Portuguese and Italian, adjusting training style for worldwide audiences and emphasizing hands-on
learning.
Krystle Katen is a SonicWALL Technical Writer. She has contributed her graphical design knowledge
to many published SonicWALL network diagrams and graphics. Krystle has also edited, illustrated, and
published over a hundred technotes to the SonicWALL Knowledge Base.
Patrick Lydon has over five years of experience as a SonicWALL Senior Technical Writer. He has
authored over 20 technical guides on UTM, secure remote access solutions, Virtual Access Points,
wireless site surveying, and RF monitoring. Patrick has also received an International Photography
Award for Fine Art Portraiture. Patrick holds a B.A. degree in Design Studies with concentration in
Graphic Design from San Jose State University.
Angela Mendoza is a Technical Writer with SonicWALL. She is currently completing a B.A. in English
Literature, with an emphasis in Creative Writing, and a minor in Music from San Jose State University.
Angela has earned distinction with several 2008 Phelan Awards in the genres of Best Short Story and
Best Metrical Poetry from San Jose State University.
Dave Parry is SonicWALL’s Director of Platform Usability. Dave is one of SonicWALL's lead feature
developers and is also the keeper of nearly a decade of SonicWALL institutional knowledge. Dave has
designed and deployed networks for more than 100 companies worldwide, including a number of
SonicWALL's most advanced and complicated customer networks. He has authored over one hundred
SonicOS technotes for the SonicWALL Knowledge Base. Dave has also been instrumental in network
troubleshooting and design, interoperability testing, lab maintenance, and performance testing. Dave
designed and maintains the SonicWALL Live Demo site: http://livedemo.sonicwall.com/
Khai Tran has more than ten years of experience in networking documentation and works in Sunnyvale,
California, as technical documentation manager for SonicWALL. He leads SonicWALL’s technical
documentation teams, which have received numerous 5-star reviews in 2008 from the industry’s leading
publications and reviewers. Khai was a lead author of Cisco IOS NetFlow Services Integrated Solutions
Guide, and a contributing author to Cisco IOS Switching Services Configuration Guide. He has also
authored enterprise and service provider network solution guides for Boeing Aerospace and Electronic
Arts. He holds a B.A. degree in English Modern Literature from U.C. Santa Cruz, a certificate in
Technical Communications, and a Bilingual Teaching Credential from San Jose State University.
Susan Weigand has over five years of network security documentation experience. Prior to becoming a
SonicWALL Senior Technical Writer, she worked for over ten years as a UNIX developer, and spent
three years as a QA engineer at Cisco Systems and Symantec. At Symantec, Susan authored the
Symantec Network Security 7100 Series Implementation Guide and contributed to other endpoint
security and network security documents. She is the lead author of the SonicWALL Global Management
System Administrator Guide, SonicWALL ViewPoint Administrator Guide, and a technical guide on
Application Firewall. Susan holds two B.A. degrees in Computer Science and History, both with honors,
and a Certificate in Internet Programming from the University of California at Santa Cruz.
SonicWALL CDP 5.0 Administrator’s Guide
210
Index
A
Active Directory 108
authoritative restore 133
redundant domain controllers 132
safe mode 131
server backup, configuring 108, 131
activity reports 24
administrative settings
Enterprise Manager 53
agent applications
searching within 84
Agent Tool 3, 8
default controls 45
applications 45
folders 45
search 45
status 45
overview 45
agents
adding 59
adding a common folder 64
adding a folder 64
application backup 67
configuration task list 57
editing name 60
editing names 60
editing policy 60
folders 63
management 59–63
overview 35
removing 62
reports 85
service 8
system requirements 11
alerts
agent quota warning 43
appliance full 43
appliance offline 43
appliance warning 43
archive created 43
email 86
offsite warning 43
overview 42
appliance archive 32
overview 43
Appliance Archive button 182
applications 67–69, 76, 81, 84, 110, 122
Active Directory 108
adding 83
backup 67
adding 68
removing 69
restoring 69
configuring 67
InfoStore 97
InfoStore restore 125
overview 36
predefined 76
removing from backup 69
restoring a version 70
restoring SQL 135
searching within 84
server backup
Active Directory 108, 131
Microsoft Exchange 87, 123
user mailbox 87, 123
viewing 69
authentication
SQL 115–116, 140
Windows 116
B
Backup Restore Tool 190
backups
Active Directory 108
Exchange 87
full, differential, log 110
intervals 112
offsite 10, 78
offsite storage group 104
SQL 109–110
Bare Metal Recovery 9
C
CDP
activity reports 24
agent service 4, 8
SonicWALL CDP 5.0 Administrator’s Guide
211
Agent Tool 8
appliance 3, 7
appliance, changing 54
Backup Restore tool 190
disaster recovery 122
Expansion pack 23
file recovery 122
firewall, configuring 145
firmware software 6
licenses 23
managing with GMS 24
overview 2
purging data 20, 143
RAID failure 122
RAID status 22
replacing a hard drive 23
resetting to defaults 21
software components 15
troubleshooting 192
upgrading firmware 21
checking for updates 56
circular logging 98
client applications
restoring from local archive 184
searching within 84
common folders 81
managing 75
Configuring 145
D
data
purging 20, 143
database
Active Directory 108
SQL 194
mixed mode 194
defaults
resetting to 21
diagnostics
system 19
disaster recovery 122
disk usage 34
DNS
configuring 51
domain controller
safe mode 131
SonicWALL CDP 5.0 Administrator’s Guide
212
drives
mapped 194
E
email
alerts 86
encryption 142
enabling 55
managing keys 55, 142
resetting key 55
Enterprise Manager 30, 33, 39, 70
administrative settings 53
administrator settings
confirm password 53
email address 53
first name 53
last name 53
password 53
server name 53
agents overview 35
alerts overview 42
appliance archive overview 43
applications overview 36
default policy 70
features 32
help overview 44
layout 31
managing agents 57
policies overview 37
reporting overview 40
restoring SQL 135
search overview 39
status 33
status overview 33
errors
database locked 141
SQL 120
troubleshooting 192
Exchange
backing up 87
circular logging 98
InfoStore Backup and Restore 97
recovering 123
restore Storage Group 125
user mailbox 87, 123
Expansion pack 23
F
factory defaults 21
FAQs 194
files
backup to offsite service 66
filtering 79
filtering extensions 74
folders
viewing properties 66
recovery 122
removing versions 65
restoring from local archive 184
restoring versions 64–65
retrieving folders to a location 66
searching 83
viewing versions 64–65
filters 34, 79
file extensions 74
firewall
McAfee 146
Norton Personal 148
Windows XP SP2 145
Zone Alarm 150
firmware
checking for updates 55
configuring local time zone 48
purging data 20, 143
upgrading 21
folders
adding 64
agent 63
common 64, 81
common, managing 75
predefined 76, 80
properties 66
restoring from local archive 184
G
gateway
default 51
glossary 207
GMS
adding an appliance 153
configuring GMS management 24
registering a CDP 155
H
handshake-password 58, 61
hard drive
replacing 23
help overview 44
I
InfoStore
backup and restore 97
restore 125
K
key 58, 61
keys
encryption 55, 142
L
licenses 23
licensing
site-to-site 164
local archiving
Appliance Archive 182
configuring 180
creating 182
ejecting USB 184
prerequisites 181
restoring client applications 184
restoring files and folders 184
restoring server applications 188
restoring to application 190
scheduling tasks 191
timestamps 181
verifying 183
local management
enabling 78
M
management
by GMS 24
common folders 75
local 78
predefined applications 81
reports 24
Web-based interface 16
master boot record 9
Microsoft Exchange 123
server backup, configuring 87, 123
Microsoft SQL 133
SonicWALL CDP 5.0 Administrator’s Guide
213
backing up 109
N
native SQL databases 118
network
deployment requirements 11
O
offsite
backups 72, 74, 78
policies 72, 74
service 3, 10
disaster recovery 142
recovering your data 14
settings 34
SQL backup 119
storage group backup 104
offsite backup
color code for status 173
offsite storage
local archiving 180
P
policies
adding 73, 145
applying 77
default 34, 70
editing 74, 77
local management 72, 74
managing 70
offsite backup 72, 74
overview 37
removing 82
policy
agent 60
predefined applications 76
purging data 20, 143
Q
quota 34, 72, 74, 78
R
RAID 22
recovering 144
recovering
Active Directory 131
data 122
Exchange 123
SonicWALL CDP 5.0 Administrator’s Guide
214
from offsite 142
site-to-site 173
SQL 135
SQL server 133
with Agent Tool 122
recovery
Bare Metal 9
registering
for GMS 155
removing
downstream CDP in site-to-site 170
file versions 65
InfoStore application 105
policies 82
reporting
agent summary 85
agents 85
agents by policy 85
disk space by agent 85
disk space by file type 85
executive summary 85
generating 85
offsite status 85
overview 40
policy summary 85
server application backup 85
types 85
restore
authoritative 133
Storage Group 125
restore to disk
Exchange 128
Exchange, from Enterprise Manager 123
SQL 135
SQL from Enterprise Manager 134
restoring
application 69
file versions 64
mirrored AD domain controllers 132
SQL to application 135
SQL to disk 136
to application from local archive 190
restoring to disk
Exchange server application 190
S
safe mode 131
search 84
agent applications 83
client applications 84
files 83
overview 39
server applications 83–84
security
AES 55
encryption 142
security key 58, 61
security services
configuring 152
server
system requirements 11
server applications
restoring from local archive 188
site-to-site
backup and recovery 159
configuration tasks 163
licensing 164
recovering data 173
sample use cases 161
selecting files 172
using 170
software
Enterprise Manager 30
SQL 194
account 114
authentication 115–116, 140
backup 109
configuration levels 111
errors 120
native databases 118
offsite backup 119
recovering 133
recovering with Agent Tool 135
recovering with Enterprise Manager 135
restore to application 135
restore to disk 136
structure 137
versions 140
static IP 49
status
administrative settings 34
disk usage 34
in Enterprise Manager 33
offsite settings 34
overview 33
system 18
storage group
offsite backup 104
system reports 24
T
technical support
International contact information v
North America contact information v
website v
time settings 19
tools
change appliance 54
trouble shooting
appliance 192
backup and recovery 192
software 192
U
upgrading
firmware 21
USB
ejecting 184
for local archiving 180–181
user mailbox
backup and restore application 87, 123
V
versions
of files 64
of SQL 140
removing 65
W
Web-based management interface
configuring GMS management 24
overview 16
purging data 20
system diagnostics 19
system licenses 23
system RAID 22
system reporting 24
system reset to defaults 21
SonicWALL CDP 5.0 Administrator’s Guide
215
system status 18
system time 19
system upgrade 21
Windows
authentication 116
firewall 145
supported versions 11
SonicWALL CDP 5.0 Administrator’s Guide
216
SonicWALL, Inc.
1143 Borregas Avenue
T +1 408.745.9600
Sunnyvale CA 94089-1306
F +1 408.745.9300
www.sonicwall.com
PN: 232-001625-00 Rev B
©2009 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
Specifications and descriptions subject to change without notice.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement