Manager Replication

Overview

Automatically backup your Manager's configuration information and event data to another network accessible MetaDefender NDR Manager at a recurring time interval. Manager Backup will involve all local Policies and Configuration settings being written to a remote "Backup" manager which will result in the backup manager's policies and configuration settings be overwritten.

Device Configuration Backup

MetaDefender NDR supports exporting a current device configuration into a restoration file that can be used as a base to configure a new MetaDefender NDR device.

The user can click on "Configuration Backup and Download" to generate an archive of the current device and all of its settings. Depending on the age of the system this can take just a few seconds to a few minutes. The resulting ZIP file can be stored and moved to another device for quick setup.

Note: This archive only exports configuration settings - it will not export any data in the system relating to sessions, threats, or malware. If this archive is used to restore a running device, ALL DATA WILL BE LOST.

Device Configuration Restore From File

To import device configuration settings, click the "Choose File" button under the "Configuration Restore From File" section. Select the ZIP file that was previously downloaded, and then click "Restore". The file will be uploaded to the device and will be scheduled to be restored. The upload time will depend on the size of the export, and your upload speed.

Once the file is uploaded, it will be imported within five minutes. During this time the system will enter Maintenance Mode, and the import may take a few minutes. The system will exit Maintenance Mode once the import is finished.

Note: Once the import is completed, the system will be wiped clean and reset to the configuration settings in the export. ALL DATA WILL BE LOST, so please be aware that any session information, including threats, will be completely removed. The device restore should only be used against a new manager, with no collectors attached

Scheduled Manager Backup

Regular backups can be scheduled to be run at user-specified intervals through the UI. The manager backup tool requires admin access to both the primary manager and a second "Backup" manager to which the backup will be applied. In addition, the primary manager and backup manager must also have identical hostnames and codepack version numbers. The backup manager will automatically update itself after a backup is successfully completed, essentially becoming a clone of the primary manager.

Setup Backup Key through Admin Shell

Before a backup can be run, the user needs to generate a backup key on the backup manager, and add that key to the primary manager.

  • Log in to the backup manager through the admin shell
  • Run the generate __backup token command
  • Copy the backup key that is displayed to the console
  • Log in to the primary manager through the admin shell
  • Run add_backup_key
  • Enter the backup key
  • Exit with Ctrl+D

Scheduled Backup with UI

  • Log in to the UI of the primary manager as an admin user
  • Navigate to the Administration page using the menu bar on the left side of the page
  • Under the Manager Backup section, enter the backup manager IP address and schedule frequency

While in backup mode, the backup manager UI will display the following screen:

Manual Backup with Admin CLI

  • Log in to the admin CLI on the primary manager
  • Use the "manager_backup" command to initialize the backup
  • Usage: manager_backup <backup manager ip>
  • Example: manager_backup 192.168.201.150

Automatic Failover

After successfully running at least one backup, the user can enable automatic failover so that in the event that the primary manager becomes unavailable, the backup manager will automatically take over.

To enable automatic failover:

  • Log in to the backup manager through the admin CLI
  • Run the "enable_backup_automatic_failover" command
  • This can be disabled by running the "disable_backup_automatic_failover" command

Replacing the Main Manager

To fully replace a manager with a backup:

  • Shut down the primary manager
  • Log into the admin CLI for the backup manager
  • Use command "manager_restore" to change the IP address of the backup manager to the main managers IP address
  • Wait a few minutes for the IP address to transfer and the new manager will replace the old one.

The collectors previously bound to the primary manager will automatically connect to the backup manager, and the backup manager should function as if it were the primary manager.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Config Import / Export
On This Page
Manager ReplicationOverviewDevice Configuration BackupDevice Configuration Restore From FileScheduled Manager BackupSetup Backup Key through Admin ShellScheduled Backup with UIManual Backup with Admin CLIAutomatic FailoverReplacing the Main Manager