Chapter 11 Miscellaneous Administrative Tasks

Backing Up and Restoring the System

Backing Up and Restoring the System

Working policies are extremely valuable documents, often the result of many hours of planning and configuration. They also contain important and sensitive information about your network. You should treat them with the same care that you use with any other sensitive, mission-critical data, including having a backup and disaster recovery plan.

There are two approaches to backing up a system:

By archiving individual policies and storing them offline. This captures policy changes made in the Manager interface, but excludes configuration settings made on the appliance directly.

By backing up the state of the appliance with the backup command. This produces an archive file that contains the system state of the appliance, including configuration settings, policy, log files, and so on.

Most people will choose to do both, storing individual policies as needed, and maintaining a regular schedule of system backups. Archiving individual policies can be accomplished from the ACE XML Manager web console. (For instructions on doing so, see the chapter “Exporting a Policy to a File” in the Cisco ACE XML Gateway User Guide.) This section describes how to back up the entire system.

To back up a system or restore an appliance based on a previously saved backup, use the backup command on the appliance. The backup command is available on both Gateway systems and the Manager.

When you run the command, it examines the files on the appliance for any differences to the original state, excluding those that are runtime-process-oriented. This information is written to an archive file, which you can move to an appropriate storage medium for backup or recovery purposes.

Backing Up a System

The backup utility makes it possible to restore a system to a previously captured state. It saves the state of an appliance by recognizing changes that have been made to the system from its initial state and saving those changes to an archive. When that backup is restored on an appliance, the system is restored to the saved state.

Note Restoration from a backup file is intended to occur only on an ACE XML appliance with an empty configuration. Restoration may not work on an appliance that is not in that state.

System features saved by the backup utility include the policy state, the system’s network configuration, and log information—essentially, any file created or modified since system installation, including scripts or data files.

There are some types of system changes or features that are not backed up by the backup/restore utility. For instance, it does not incorporate information that is specifically runtime-oriented, such as active process information. It also excludes certain types of system changes, such as software updates, hotfixes, or certified extensions installed by RPM. (Note that SDK extensions you have created and installed yourself are backed up.) You will need to restore these items separately, before using the backup and restore process.

The result of the backup operation is an archive file that contains new or changed files. Note that if you do not remove this archive file, it will be included in the next backup operation. It is therefore advised that after saving the backup file to a storage medium you remove the original from the appliance filesystem.

 

 

Cisco ACE XML Gateway Administration Guide

 

 

 

 

 

 

OL-13877-01

 

 

11-61

 

 

 

 

 

Page 3
Image 3
Cisco Systems OL-13877-01 manual Backing Up and Restoring the System, Backing Up a System, 11-61