How to configure automatic backups in SecurePlatform
Table of Contents:
Backup and restore commands
SecurePlatform provides both command line, or WebUI, capability for conducting backups of your system settings and products configuration.
The backup utility can store backups either locally on the SecurePlatform machine hard drive or to an FTP server, TFTP server or SCP server. You can perform backups on request, or according to a predefined schedule.
Backup files are kept in tar GZIPed format (.tgz). Backup files, saved locally, are kept in /var/CPbackup/backups directory.
The 'restore' command line utility is used for restoring SecurePlatform settings, and/or Product configuration from backup files.
Note: only administrators with Expert permissions can directly access directories of a SecurePlatform system. You will need the Expert password to execute the 'restore' command.
The backup & restore commands are provided in SecurePlatform to provide a simple way to perform a complete backup of the Check Point configuration as well as the SecurePlatform OS settings. You can also copy backup files to a number of SCP and TFTP servers for improved robustness of backup. The 'backup' command, run by itself, without any additional flags, will use default backup settings and will perform a local backup.
Syntax
[Expert@HostName]# backup [-h] [-d] [-l] [--purge DAYS] [--sched [on hh:mm <-m DayOfMonth> | <-w DaysOfWeek>] | off] [--tftp <ServerIP> [-path <Path>] [<FileName>]] [--scp <ServerIP> <UserName> <Password> [-path <Path>] [<FileName>]] [--ftp <ServerIP> <UserName> <Password> [-path <Path>] [<FileName>]] [--file [-path <Path>] [<FileName>]]
Backup parameters
Note:
If a 'FileName' is not specified, a default name will be provided with the following format:
backup_hostname.domain-name_DD_MM_YYYY_HH_MM.tgz
Example: backup_gateway1.mydomain.com_13_11_2003_12_47.tgz
Examples:
Configuring automatic backups
For this tutorial we will use the following settings:
To list the active backup schedules:
- Login to the SecurePlatform machine in Expert Mode.
- Verify that there are no currently configured automatic backups that you could overwrite:
[Expert@HostName]# cat /var/CPbackup/conf/backup_sched.conf
If this command returns a "file not found" error, or if it returns back to the command prompt without showing any details, then there are no automatic backups currently configured.
Here we see that the backup configuration file has not yet been created, so we can move on to setting up the automatic backup.
To configure the automatic backup schedule:
- Using our example configuration, run the following command:
[Expert@HostName]# backup --sched on 01:00 -w 7 --ftp 10.22.2.99 mikem vpn123
- Check the backup configuration file:
[Expert@HostName]# cat /var/CPbackup/conf/backup_sched.conf
The configuration file has been created.
To list the scheduled jobs in crontab:
Note: Crontab is the process that handles running scheduled jobs.
[Expert@HostName]# crontab -l
You can see that:
- SecurePlatform backup is configured to run every Sunday at 01:00am and transfer the file to the FTP server we defined.
- The
backup_util sched is in the list of scheduled jobs.
SecurePlatform Administration Guide (R65, R70, R71, R75, R75.40, R75.40VS, R76, R77):
- Chapter 'Configuration Using the Web Interface' - Device - Backup
- Chapter 'SecurePlatform Shell' - System Commands - backup
- Chapter 'SecurePlatform Shell' - Snapshot Image Management
