FortiGate Plugin Update

The Restorepoint FortiGate plugin has been updated to support SCP for backup and restoration. Wherever possible, for security reasons SCP should be used to backup FortiGate devices; SCP also avoids TFTP back-connections for file transfers. Note that SCP may need to be enabled in the FortiGate UI or CLI.

The SCP restoration method differs slightly depending on the FortiOS version, but Restorepoint will use the appropriate method for each firmware version.
Restorepoint supports FortiOS 3, 4 and 5.
Please contact the Restorepoint Support Team for more information.
Advertisements

Updated Cisco ASA Plugin Allows Zero-Downtime Restore

The Cisco ASA plugin now gives you the option to restore a configuration directly to the running configuration. This removes the need for reloading the device and therefore keeps downtime to a minimum.

The previous behaviour (restoring to the startup configuration) is still available.

Please contact the Restorepoint Support Team for more information.

Restorepoint 4.3

Version 4.3 of Restorepoint will be released on the 5th of June.  This update will be delivered automatically to all customer appliances with a current license subscription.

In advance of the update we’d thought we’d highlight some of the new features:

  • Brand new backup scheduling engine, with more granular options and improved automatic scheduling
  • New configurable retry policies and alert options following backup failures
  • Compliance Rules for device firmware, enabling you to detect devices with firmware that does not meet your security or compliance standards.
  • Firmware versions now detected and recorded for each backup
  • Offline appliance updates for restricted network environments
  • Improved support for devices with multiple configurations (e.g. stacks, virtual systems, contexts)
  • SFTP support added to the Generic Push Plugin
  • Enhanced Multi-Domain Management (Enterprise Edition)

This update will be delivered automatically to all customer appliances with a current license subscription. Please contact us to discuss any of the features or to discuss the upgrade process.

7 New Device Plug-ins released enabling customers to automate more network infrastructure

Woking, UK – 13th December 2012
Restorepoint announces the release of new Device Plug-ins that enable organisations to Automate Configuration Backup, Recovery and Compliance for:

  • McAfee Firewall Enterprise (formerly Sidewinder)
  • PineApp Mail-SeCure
  • Radware Alteon
  • Radware LinkProof
  • SEPPmail – Email Security Appliances
  • Sonus Tenor DX VoIP Switches (formerly Quintum)
  • Trend Micro InterScan Web Security Virtual Appliance

“The release of these latest device plug-ins expands our capabilities once again, and therefore the support we offer to our customers.” said Michael Bell, Restorepoint’s Director of Sales Operations. “Saying you have a Resilient network is not proof that can actually recover following an outage. Restorepoint gives organisations that confidence by automating and centralising configuration backup and providing a unified 3-Click recovery process for over 40 vendors.”

These latest device plug-ins are free and immediately available to Restorepoint customers. Evaluation licenses of Restorepoint including these new plug-ins are available at: http://www.restorepoint.com/evaluate.

About Restorepoint
The Restorepoint platform is a cost effective solution that helps increase network availability, maintain network SLAs and compliance standards by simplifying and automating time consuming network operations.

Restorepoint is a brand name of TADASoft, the market leaders in network configuration management for complex multi-vendor networks. Restorepoint enables organisations to meet their business continuity and compliance requirements by automating time consuming processes such as network configuration backup, configuration change tracking, compliance monitoring and remediation. All of this is achieved using an intuitive, secure and vendor-independent platform, without the need for connecting to each device using proprietary command-line interfaces, vendor-specific consoles, or custom scripts.

Customers around the world trust in Restorepoint to reduce administration overheads, enhance security, enable compliance, and reduce the impact and cost of downtime.

For more information visit http://www.restorepoint.com.

Protecting your passwords

Background

All sensitive data held by Restorepoint is protected by encryption. Restorepoint transparently encrypts data when it is written to disk, and decrypts it when it is read. Clear-text data is always only held in volatile memory and therefore disappears when the appliance is shut down or rebooted, rendering data theft impossible without a valid encryption key. In order to make encryption less intrusive for the user, Restorepoint has two operational states:

  • Lock-down state: when the appliance is powered up and no encryption password has been entered by an administrator. In this state, Restorepoint cannot read its own database and therefore cannot perform any automatic operations. An administrator must log in and provide the encryption password.
  • Normal state: after an administrator has provided the encryption password at login. This is the normal operational mode, when all system functions are enabled. Subsequent administrator logins will not require an encryption password, until the appliance is rebooted again.

It is paramount that administrators memorise both user password and encryption password – without either, you will not be able to access your data.

User password and Encryption password

Passwords are configured during the initial configuration of the appliance, and can be modified in the Administration->Users tab. When you edit or create a user, you will also need to configure an email address and a password recovery question and answer, which are used to reset the passwords in case they are forgotten. It is important that you choose a question to which only you know the answer. Restorepoint will send you a password recovery token by email; therefore you should ensure that your SMTP settings and email address are entered correctly. You should keep the password recovery token safe.

Recovering passwords

If you have lost the passwords, and you are not able to log in using another administrator’s credential, you will need to follow the Forgotten Password link, which uses two-factor authentication: you will need to provide your password recovery token and your security question and answer; if the provided information is correct, you will be able to reset your passwords.

REMEMBER: if you have forgotten your password and the appliance is in lock-down state, unless you can provide the information required for the password recovery procedure above, you will not be able to access your data, and your only option may be a factory reset – which destroys all the data on the appliance.

For more information, please email our Technical Support Team.

Are you backing up Restorepoint?

Restorepoint is there for you when you need it the most – in a disaster recovery situation. Restorepoint appliances use high quality components and built-in redundancy; however, statistically, hardware failure is only a matter of time, and Restorepoint is no exception.

Restorepoint stores invaluable information about your network, so it is essential that all the data on the appliance is also backed up.

Restorepoint has an archiving features that effectively creates a snapshot of the appliance, which is copied to an external FTP server or Windows share. Archives can be restored when needed, on the same appliance or on a new one. Encryption ensures that archives not readable outside the appliance.

Archives are configured in the Administration->System->Archive page, where you can enter the detail of your server. We recommend a weekly or monthly archiving schedule. In Restorepoint version 4.2 and above you will be able to create multiple archive locations, and use SFTP/SCP in addition to CIFS and FTP.

Blue Coat ProxySG plug-in enhanced to backup encrypted keyring

Restorepoint now makes the process of restoring a Blue Coat ProxySG configuration easier than ever following a hardware failure or when migrating a configurations to a new appliance. The enhanced Blue Coat device plug-in is now able to also backup and recover the encrypted keyring (private key and certificate) which would otherwise be a manual and complex operation – check this Blue Coat Knowledge Base article to see all the additional steps required.

Even the Blue Coat Director does NOT back up the private key and certificate by default (see KB4067).

Restorepoint always backs up this information for you and allows you to restore a configuration in just a couple of clicks.

To ensure you are running the latest Blue Coat plugin, please check that your appliance is up to date (software version 4.0 build 20120815:145016 or later).