Creating a Policy Enforcer Backup and Restoring Policy Enforcer from Backup

Policy Enforcer provides the option of backing-up all Policy Enforcer configuration and storing it as a .tar file. In the event of any unforeseen circumstances such as a malicious attack or system failure you can use the backup file to restore Policy Enforcer to a previously saved configuration. You can also take a backup before you change some configuration in Policy Enforcer, and revert to the backed up configuration, if needed. You can take multiple backups and choose to restore the Policy Enforcer configuration from any of these backup files.

Policy Enforcer backup includes Policy Enforcer configurations such as .yml files, databases or sequences, and device configurations. Policy Enforcer also talks to multiple components to obtain information, as shown in Figure 141.

Figure 141: Policy Enforcer Communication with Multiple Components

Policy
Enforcer Communication with Multiple Components

Policy Enforcer talks to:

Policy Enforcer backup includes the backup of all these configurations and dependencies. When you backup Policy Enforcer, both Policy Enforcer and Security Director configurations are backed up.

Note Policy Enforcer backup does not include data.

Before You Begin

Procedure

To take a backup of Policy Enforcer:

  1. Select Administration > Policy Enforcer > Backup and Restore.

    The Backup and Restore page appears.

  2. Click Backup on the top-right corner of the page.

    The Backup page appears.

  3. Complete the configuration using the information in Table 365.
  4. Click OK.

A job is created to execute the backup process. To see the progress of the backup, go to the Job Management page.

Note Policy Enforcer will be in maintenance mode and will be unavailable till the backup process is complete.

After the backup process is complete, the backup .tar file is listed on the Backup and Restore page.

Table 365: Fields on the Backup Page

 

Field

Description

Server Type

Select whether you want to save the backup .tar file to a local server or to a remote server.

  • Local—Saves the backup .tar file locally in the /opt/policyEnforcer/feeder/backup folder.

  • Remote—Saves the backup .tar file in the device that you specify in the IP Address field.

Description

Enter a description; maximum length is 1024 characters. Make this description as useful as possible for everyone.

Username

Enter the username of the remote server where you want to save the backup .tar file.

Password

Enter the password for the selected remote server.

IP Address

Enter the IPv4 or IPv6 address of the remote server where you want to save the backup .tar file.

Directory

Enter the filepath and folder name on the remote server where you want to save the backup .tar file.

Schedule Backup

Use the following procedure to select a schedule for the backup.

  1. Click Add Schedule.

    The Backup Schedule page opens.

    In the Type field:

    • Select Run now to start the backup immediately.

    • Select Schedule at a later time and select the date and time of the backup.

  2. Click OK.

    The Backup page appears with the schedule details.

You can also edit or delete the backup schedule by clicking Edit or Delete, respectively.

Restoring Policy Enforcer from a Backup File

Procedure

To restore Policy Enforcer from a backup file:

  1. Select Administration > Policy Enforcer > Backup and Restore.

    The Backup and Restore page appears.

  2. Select the backup file from which you want restore Policy Enforcer configurations and click Restore on the top-right corner of the page.

    A pop-up page appears asking for confirmation to restore Policy Enforcer from the backup file.

  3. Click Restore to start the restore process.

Note Policy Enforcer will be in maintenance mode and will be unavailable till the restore process is complete.