Hi, List. I've faced with some questions connected with organization of DB maintenance. Here they are. 1. All SiteProtector (SP) configurations (i.e. Sensor Policies, other Sensors information, Hosts, Groups information, Responses, etc) are stored in DB. Most of SP problems, in my opinion, can be solved by Application Server reinstallation i.e. complete removing of all SP components, except DB and, may be, EventCollector (EC) and after AS reinstallation all configurations will be the same as before reinstallation. But some solutions need DB to be reinstalled as well; - I mean that I saw situations that were not corrected without DB reinstallation. So, the question is how I can backup only SP configurations (without Events data) to restore this backup on completely fresh installation of SP and all my Policies, Hosts, Groups, Responses, Incidents/Exceptions, etc. will appear on new SP installation as they were before?? This will, at first, save my time for configuration of just installed SP, and, the second, this can be useful in case of disaster recovery as configuration backup. I know about Database Schema from Appendix A in Technical reference Guide v. 2.0, SP5. What tables should I backup to save only SP configurations? How can I restore that backup into new SP installation? I think that if I'll try to restore that backup directly nothing will be working. 2. Imagine that there is the need to store events data for six months. In big distributed LAN the size of DB in this case can be more than 70Gb! It's not good idea to store all this data in online system i.e. there is no need to have ability to access all that 70Gb from SP console online. Reasoned solution I see in creating of two systems: online system and offline system. Online system is used for sensors management and contains the most recent events data, for example, current situation and data about last month. The older data is backed up to offline system which is used only for review of what had happened before. How can I organize this? May be there is special methods in MSSQL? Or, some recommendations from ISS? 3. And the last question is how to make clustered in SP? Now I have one AS and one DB. If something happen with DB, SP will not work at all. Is the only way - to use MSSQL with MS cluster or clustered features are planned in future SP releases?
Thank you. ANY feedback will be appreciated. --- Best regards, Sergey V. Soldatov. Information security department. tel/fax +7 095 745 89 50 (1613) _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
