Use the Archive Servers page on the Backup and Retention settings view to configure archive servers, which can then be selected to archive a backup file or assigned to an appliance to store its session recordings.
To configure an archive server
Navigate to Administrative Tools | Settings | Backup and Retention | Archive Servers.
Name |
Enter the display name for the archive server. Limit: 100 characters Required | ||
Description |
Enter information about the archive server. Limit: 255 characters | ||
Network Address |
Enter a network DNS name or the IP address used to connect to the server over the network. Limit: 255 characters Required | ||
Storage Path |
Enter the file path where you want to store backup files on the archive server. Limit: 255 characters Required | ||
Archive Method |
Choose a transfer protocol type:
Required | ||
Port |
The port used by SSH to log into the managed system.
| ||
Authentication Type |
Select the type of authentication to be used to access the archive server:
| ||
SSH Key Generation and Deployment Settings |
If SSH is selected as the authentication type, select one of the following settings:
| ||
Account Name |
If Password or SSH is selected as the authentication type, enter the service account name. | ||
Password |
If Password or SSH is selected as the authentication type, enter the service account password. | ||
Service Account |
If Directory Account is selected as the authentication type, click Select Account to chose the service account is be used to access the archive server. | ||
Auto Accept SSH Host Key |
Select this check box to have Safeguard for Privileged Passwords automatically accept the SSH host key when it creates the archive server. | ||
Test Connection |
Click this button to verify that the appliance can communicate with this archive server. For more information, see About Test Connection. |
Once you have configured your archive servers, you need to designate a target archive for both your backup files and session recordings.
Safeguard for Privileged Passwords allows you to define and schedule an audit log management task to purge audit logs from the Safeguard for Privileged Passwords Appliance and archive older audit logs to a designated archive server. Archiving audit logs allows you to keep critical and relevant data online and current while eliminating or archiving audit logs that are no longer required.
Navigate to Administrative Tools | Settings | Backup and Retention | Audit Log Management. Use the Audit Log Management page on the Backup and Retention settings view to define and schedule when to perform an audit log archival task.
It is the responsibility of the Appliance Administrator to manage Safeguard for Privileged Passwords backups.
|
NOTE: When a backup is created, the state of the sessions module is saved which can be either the embedded sessions module (SPP) or the joined sessions module (SPS). Restoring a backup restores the sessions module to the state when the backup was taken, regardless of the state when the restore was started. |
Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
The Safeguard for Privileged Passwords Backup and Restore page lists this information for the backups that are currently in the database.
Property | Description |
---|---|
Date | The date of the backup. |
Time | The time of the backup. |
Progress |
The status of the backup: Running or Complete. |
File Size (MB) | The size of the backup file in megabytes. |
Appliance Name | The name of the appliance. |
Appliance Version | The version of the Safeguard for Privileged Passwords Appliance. |
User |
The name of the user that created the backup. |
Last Archived Date | The date the selected backup ran. |
Archive Server Name | The name of the server on which the backup was archived. |
Use these toolbar buttons to manage Safeguard for Privileged Passwords backups.
Option | Description |
---|---|
Run Now |
Create a backup copy of the data that is currently on the appliance. |
Remove the selected backup file from the Backups page and the Safeguard for Privileged Passwords database. | |
Update the list of backup files on the Backups page. | |
Where you configure an automatic backup schedule. | |
Download |
Save the selected backup file in a location on your appliance. |
Upload |
Retrieve a backup file from a file location and add it to the Backups page list. |
Overwrite the current data and restore Safeguard for Privileged Passwords to the selected backup. | |
|
Store a backup file on an external archive server. For more information, see Archive backup. |
|
TIP: As a best practice, store backups on an archive server that is external from the appliance so that the backup image is available for restoration even if there is a catastrophic disk or hardware failure. Keep only a minimum number of backup files on the appliance. After you download or archive the backup files, use Delete to remove them from the desktop client application. You can set the maximum number of backup files you want Safeguard for Privileged Passwords to retain on the appliance in Backup and Retention settings. |
Safeguard for Privileged Passwords makes a copy of the current database.
|
Caution: If you restore a backup that is older than the Maximum Password Age set in the Login Control settings, all user accounts (including the bootstrap administrator) will be locked out and you will have to reset all of the user account passwords. To avoid this situation, you can reset the Maximum Password Age to zero before you perform the backup, then reset it after the restore. |
|
TIP: As a best practice, perform backups more frequently than the Maximum Password Age setting. |
|
Caution: Safeguard for Privileged Passwords can not restore any access request workflow events in process at the time of a backup. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy