Understanding Connected DataProtector

Transcription

1 Understanding Connected DataProtector Version 7.1 Includes Data Center Information

2 2003 Connected Corporation. All Rights Reserved. Connected, Connected DataProtector, Connected Optimizer, iroam, Delta Block, SendOnce, the Connected design, and the Connected logo are trademarks and/or registered marks of Connected Corporation. All other brand or product names are trademarks or registered trademarks of their respective owners. The information in this publication is subject to change without notice and should not be considered a commitment by Connected Corporation. While Connected has made every effort to ensure the accuracy and completeness of this publication, it assumes no responsibility for the consequences to users of any errors that may be contained herein. Connected Corporation 100 Pennsylvania Avenue Framingham, MA Main Voice Technical Support support@connected.com Understanding Connected DataProtector, 1st Edition Connected DataProtector Version 7.1 September 10, 2003 Printed in USA

3 TABLE OF CONTENTS About This Manual ix Overview of the Connected DataProtector Architecture x Related Documentation xii Part I: Data Center Chapter 1: Data Center Overview Data Center Server Hierarchical Storage Manager Support Center iroam Chapter 2: Data Center Configurations Standalone Server Mirrored Pair Cluster HSM Versus Disk-Only Chapter 3: Archive Sets The Agent s Role in Archiving What Happens to Archive Sets on the Data Center Naming and Identification Conventions Sizing and Splitting Archive Sets Structure and Contents of an Archive Set File Expiration Dates and Rebasing Chapter 4: Data Center Services BackupServer IndexServer ReplicationServer PoolServer HSMServer iii

4 Table of Contents Compactor Chapter 5: Hierarchical Storage Manager Migration and Purge Tape Groups and Tape Account Groups Tape Sets Multiple Tape Libraries Chapter 6: Compactor Check for Necessary Disk Space Select Accounts or a Tape Account Group Perform a System Analysis and Repair Mark Files as Expired Repackage Archive Sets Delete Archive Sets and Database Entries Migrate New Archive Sets to Tape Inform the Agent of Changes File Expiration Rules EMC Centera and Garbage Collection Chapter 7: Databases Directory Database Registry Database Asset Database Database Protection Chapter 8: Data Center and Enterprise Directory Validate Support Center Technicians Maintain End-User Personal Data Enterprise Directory Management Chapter 9: Licensing Chapter 10: Data Center Logging Event Logging Event Log Maintenance Trace Logging Chapter 11: Support Center Overview Support Center Uses Support Center Interface Support Center Access iv Connected Corporation

5 Table of Contents Chapter 12: Accounts and Communities Account Management Communities Chapter 13: Agent Configurations Configuration Components The Default Agent Configuration Updating Agents Automatically Using Central Administration Chapter 14: Technicians The Admin Account Access Permissions for Technicians Enterprise Directory with Technician Accounts Chapter 15: File Selection Rules Data and FSR Rules Base and User Rules How Rules Affect File Selection Types of Rules Rule Precedence Chapter 16: Support Center Reports Default Reports Create and View Reports Viewing and Displaying Charts Saving Report Results in XML Account Groups Chapter 17: iroam iroam User Interface File Retrieval Process Cleaning Files Off of the iroam Server Part II: Agent Chapter 18: Agent Overview Agent Interface Deployment Backup Retrieve Data Center Access Understanding Connected DataProtector v

6 Table of Contents Security Logging Linking to an External URL Chapter 19: Agent Deployment How the Agent is Created and Deployed Recovering Agent Accounts Chapter 20: Agent Interface Agent Tabs Hot Key Commands Command Line Interface Chapter 21: Storage and Optimization Standard Backup Optimized Backup Chapter 22: File Backup Scan of the Computer Hard Disk Analysis of Files Identified in the Scan Connection to the Data Center File Transmission Backup Results Backup Settings and Configurations Audit Chapter 23: File Retrieval Selecting Files Selecting a Destination Location Repackaging Files Downloading Files Optional Retrieve Features Chapter 24: Agent to Data Center Connections Agent Connection Properties Firewalls Network Interrupts Chapter 25: Heal Heal Requirements Using Heal Healing from CD vi Connected Corporation

7 Table of Contents Chapter 26: Agent Security Features Encryption Keys Account Password Access Control List Management Unauthorized Access Prevention Chapter 27: Agent Logs and Messages Viewing Agent Logs Creating Agent Messages Chapter 28: Agent Information Web Pages Agent Interface Links Agent Link Query Variables Part III: Data Center Tools Chapter 29: Data Center Tools Overview Data Center Management Console CD Maker Other Tools and Utilities Chapter 30: Data Center Management Console Starting the DCMC DCMC User Interface Chapter 31: CD Maker CD Maker Process Chapter 32: Other Tools and Utilities Data Center Toolkit DataCopier Remote Diagnostic Tool Compress DSPing Dump FileDater HostID ReplCheck Retrieve Tdate Converter HSM Disk Status Understanding Connected DataProtector vii

8 Table of Contents HSM Library Status Index viii Connected Corporation

9 ABOUT THIS MANUAL Your organization s data is your most critical asset. Connected DataProtector is a client-server solution for safeguarding the data on your organization's computers. As such, Connected DataProtector offers the following features: Data protection client software that automatically or manually backs up data on all computers on your network The ability to access and retrieve backed-up data from the actual computer or remotely from any computer via a Web interface System protection and repair of operating system state, registry key settings, and applications for damaged systems A migration feature for setting up an end user on a new computer by moving their data from the old system on to the new system The ability to audit the software that's installed on each computer in your network and the hardware on which it is running Other tools for managing and facilitating Data Center administration Additionally, Connected DataProtector with Connected Optimizer facilitates efficient backup and restoration of your organization s files. This introductory chapter offers a general overview of the Connected DataProtector solution. It provides a high-level look at the Connected DataProtector architecture, which will be expanded upon in later chapters. This chapter also acquaints you with the different components in a Connected DataProtector deployment and describes the basic processes during backup and restore operations. ix

10 About This Manual Overview of the Connected DataProtector Architecture The Connected DataProtector architecture includes several components. In the simplest terms, it is a client-server application. The client side software is called the Agent. The server side software, and the hardware on which it is installed, is called the Data Center. A Web interface, called Support Center, provides access to Agent management tools that you can use to create and deploy custom Agents to all of the end users in your organization. Connected DataProtector also includes other components, databases, and technologies that help you manage backups and restoration of critical data. The illustration below provides a diagram of Connected DataProtector s basic architecture. You might want to refer this illustration while reading the rest of this section. Data Center The Data Center provides the backbone operations for the Connected DataProtector system. The Data Center processes all requests (such as to back up or retrieve data) from all of your deployed Agents. x Connected Corporation

11 Overview of the Connected DataProtector Architecture Depending on your organization's preferences and the size of your deployment, your Data Center can have one of several different configurations ranging from one server to a cluster of many servers. The Data Center can also include Hierarchical Storage Manager (HSM) for migrating backed-up data to an archive storage device, such as a tape library or EMC Centera. HSM augments the Data Center by providing more storage space as backup data on your Data Center grows beyond your allocated disk storage capacity. It also provides extra protection by enabling you to create secondary sources of your backup data. Support Center Support Center, covered in Part I: Data Center, is a Web-based application that enables you to manage the Agents deployed throughout your organization. Through Support Center, you can create the Agent Setup program, modify the Agent configuration, view end-user account information, set up and print reports about your accounts and Data Center, and provide troubleshooting assistance to your end users. You can also use Support Center to manage communities, which are groups of user accounts that are related in some way, allowing for easier management of groups as a whole. For example, you might have a community for all user accounts that belong to people in your marketing department and another for all accounts within your finance department. Or you might have a community for all users who work with laptop computers (and are therefore not always connected to your network) and another for all users who work with desktop computers. Agent The Agent, covered in Part II: Agent, is deployed on all of the computers that you are protecting in your organization. It provides an interface for end users to work with the system as well as internal functionality to initiate contact with the Data Center server for such activities as backing up data, retrieving data, and performing a Heal on the client. For these activities, the Agent initiates all activity with the Data Center. The Data Center does not access the Agent unless first initiated by the Agent. When you first set up the Agent on a computer, the system creates a user account for that particular computer. The account is called a user account because the end user can transfer all of the data associated with the account to another computerin effect, staying with the end user. However, a user account can exist on only one computer at any given time. Understanding Connected DataProtector xi

12 About This Manual Other Tools Other tools, covered in Part III: Data Center Tools, are used to assist you with Data Center administration. These tools include: Data Center Management Console (DCMC), for you to monitor and control Data Center operations and settings The CD Maker application, for burning CDs of backed-up data for account archival or if end users need to retrieve data via a CD Other miscellaneous Data Center tools and utilities Related Documentation For detailed installation and configuration procedures, refer to the Setting Up Connected DataProtector manual. It contains information for both first-time installations and subsequent upgrades. The Maintaining Your Data Center manual contains recommended procedures and useful checklists that facilitate ongoing maintenance of your Data Center. xii Connected Corporation

13 PART I: DATA CENTER Chapter 1: Data Center Overview Chapter 2: Data Center Configurations Chapter 3: Archive Sets Chapter 4: Data Center Services Chapter 5: Hierarchical Storage Manager Chapter 6: Compactor Chapter 7: Databases Chapter 8: Data Center and Enterprise Directory Chapter 9: Licensing Chapter 10: Data Center Logging Chapter 11: Support Center Overview Chapter 12: Accounts and Communities Chapter 13: Agent Configurations Chapter 14: Technicians Chapter 15: File Selection Rules Chapter 16: Support Center Reports Chapter 17: iroam

14

15 1 DATA CENTER OVERVIEW The Data Center is comprised of several components. Each component plays a role in managing or storing the data backed up by your end users. The chapters that follow discuss each of the components in detail. The Data Center components include: Data Center Server Hierarchical Storage Manager (HSM) Support Center iroam Data Center Server The Data Center server processes all data backed up by Agents deployed to your organization. The Data Center server employs several services and processes to manage the data. A chapter follows on each of the following items to assist you in understanding the concepts behind each service and process: Data Center configurations Data Center services SQL databases Compactor Licensing Logging Enterprise Directory 3

16 Chapter 1 / Data Center Overview Hierarchical Storage Manager HSM is used by the Data Center as extended storage for data backed up by end users. HSM copies data to the archive storage device connected to the Data Center server. It uses three main components to perform most of its tasks. Refer to Chapter 4: Data Center Services, beginning on page 17 for more information on the HSM services. Refer to Chapter 5: Hierarchical Storage Manager, beginning on page 23 for more information on how HSM works. Support Center iroam Support Center is a Web-based application used to monitor and manage end-user accounts. A chapter follows on each of the following items to assist you in understanding the concepts and uses of Support Center: Accounts and communities Agent configurations Managing file selection rules Technicians Reports iroam is an optional Web-based application that your end users can use to retrieve files. Since iroam is Web-based, files are retrievable from any computer with a Web browser and an Internet connection. Refer to Chapter 17: iroam, beginning on page 87 for more information about using iroam. 4 Connected Corporation

17 2 DATA CENTER CONFIGURATIONS A Data Center is one or more servers running various software components to manage data. There are several types of server configurations, depending on the hardware available in the Data Center (these configurations are explained in more detail later in this chapter): A Data Center with only one server is said to have a standalone server. A mirrored pair is a pair of Data Center servers containing identical data. Having two identical servers protects against data loss in the event of a disaster to either mirrored server. It also enables Agents to access a secondary server in the event that the Agents primary server is not available. A clustered Data Center is composed of two or more pairs of mirrored servers. The servers in a clustered Data Center are referred to collectively as a cluster. Any of these configurations can use Hierarchical Storage Manager (HSM) for archive storage. An HSM configuration provides greater protection against data loss. A configuration without HSM is referred to as a disk-only configuration. The Data Center servers provide functionality for a registration server and a backup server (both of which are performed by the same Data Center server). The registration server processes requests for new accounts, while the Backup Server receives and stores backup data from Agents (end-users) and enables Agents to retrieve backed up data upon request. A Data Center also includes a Support Center server and an iroam server to run these two Web-based applications. Support Center is a Data Center management tool and iroam provides a Web interface for end users to retrieve files via the Web. 5

18 Chapter 2 / Data Center Configurations You can run these two applications on the same server or on separate servers, but run them on a Web server, as opposed to on your Data Center servers. These concepts are explained in more detail later in this manual. Standalone Server The standalone configuration consists of one Data Center server for accepting Agent backups and retrieve requests, a Web server to host Support Center and optionally iroam, and an optional archive storage device for HSM. Using HSM with a standalone Data Center is not required but it is highly recommended in case of disk failure. If a disk of a standalone Data Center fails, your end users data will be lost because there is no copy or secondary storage. A standalone Data Center has all of the same software and functionality as a mirrored Data Center but lacks fail-over security. The lack of fail-over redundancy effects the Data Center in the following ways: Potential loss of data Agent fail-over Data Center availability Data backed up to the Data Center server is stored on local disks. In a standalone configuration the data on the local disk is the only copy of the data. If a local disk fails, the data is lost. If you use HSM the data is moved to the archive storage device after a disk space threshold is reached. Even if you use HSM, the data on disk is vulnerable because the data is not immediately moved to the archive storage device. For this reason, using a Secondary Tape Set is highly recommended. A Secondary Tape Set provides a layer of security in that it holds a second copy of archive sets backed up by end users. You can remove this second set of tapes from the library and store them in a different location on a scheduled basis, or as they become full. For more information on Secondary Tapes Sets refer to Tape Sets, on page 25. Agent fail-over is another limitation of a standalone Data Center. If the Data Center server is unavailable for backups or retrieves, the Agent must wait for it to become available. In a mirrored Data Center configuration, if one server is unavailable the Agent automatically connects to the mirrored server. End-users are not aware of server downtime with a mirrored configuration. A service outage is necessary when performing maintenance on a standalone Data Center server that requires shut-down or restart. There is no disruption of service to the end-user during a shut-down or restart with a mirrored Data Center as discussed in the previous paragraph. 6 Connected Corporation

19 Mirrored Pair Mirrored Pair For maximum protection against data loss due to hardware or other failure, you can operate two identical Data Centers, ideally at physically separate sites. Each Data Center uses the same software, stores the same archive sets, and services the same user communities. For this reason, they are referred to as mirrored Data Centers. Mirrored Data Centers provide redundant storage of data and fail-safe availability of file backup and retrieval service. The two mirrors are redundant peers; neither is dominant over the other. Each is fully capable of performing any backup or retrieval operation. When a new user account is created, one of the mirrored Data Center servers is assigned as the primary Data Center for that account. When an Agent needs to contact a Data Center, it contacts its primary Data Center. However, if the primary Data Center is unavailable, the Agent contacts the mirror instead, and all operations proceed normally. The alternating assignment of Data Centers as primary to individual accounts accomplishes load balancing, so that an approximately equal number of sessions connect with each of the two Data Centers. Either Data Center can create new accounts or modify account information. Any change to the Registry database is dynamically replicated (that is, duplicated) across mirrored Data Centers so that the Registry databases on the two mirrors have identical content (for more information on the Registry database, as well as other Data Center databases, refer to Chapter 7: Databases, beginning on page 39). During a backup session, backed-up data is received at one Data Center, stored as an archive set on its disk, and recorded in its Directory database. To protect the data against failure of the Data Center's disk, the data is automatically replicated to the mirror server, and is recorded into the mirror's Directory database. This means that every archive set is stored redundantly on both Data Centers: initially on the disk and then migrated by the HSM to that server's archive storage device, if used. Therefore, either Data Center server can retrieve any file that was backed up, even if the backup was originally sent to the other Data Center server. It is possible that an archive set will be received at a Data Center when its mirror is down (or while communication between the mirrors is down) and it is not possible to immediately replicate the archive set. When this occurs, the replication is deferred, and Data Center software automatically performs all deferred replications when the mirror, or communication to it, is restored to operation. This process of reestablishing equivalency of data between the mirrors is called recovery of replication or resynchronization. Understanding Connected DataProtector 7

20 Chapter 2 / Data Center Configurations The following illustration shows Connected DataProtector configured at the highest level of data protection: a mirrored RAID disk with an attached archive storage device, and each side of the mirror located in a different locale. Cluster For Data Centers that serve a large number of users and/or receive a large amount of data, a simple mirrored setup (in which each site has a single server dedicated to receiving backups) might not have sufficient capacity to handle the load of backup and retrieval activity. In this situation, you might prefer to set up clusters at each site (not to be confused with Windows Clustering). In a clustered setup, each Data Center (physical location) has two or more Data Center servers. Each mirrored pair of Data Center servers provides backup services to a subset of the user community. The Data Center servers collectively are referred to as a cluster. They share the same Registry database in SQL, but each mirrored pair of servers has its own Directory database. 8 Connected Corporation

21 HSM Versus Disk-Only The following illustration shows a cluster: In this illustration, Data Center servers A1 and B1 form a mirrored pair. They share the same set of users and maintain identical Directory databases. The same is true of Data Center servers A2 and B2, which are mirrors of each other. Servers A1 and A2 serve the entire user community. The same is true of servers B1 and B2. Servers A2 and B2 use the Registry databases that reside on A1 and B1 respectively. In this configuration, each individual user account is assigned to a server pair at the time the account is created. Thereafter, the end user can perform backups to, and retrieves from, the Data Center server on which the account was assigned or that server's mirror. For example, if an account is assigned to server A2, it can back up to A2 or B2, but never to A1 or B1. HSM Versus Disk-Only A Data Center that uses HSM has the advantage of archive storage off of the local disks. HSM provides an extra level of security in that the archive sets are not all in one location (on the server s local disk). Higher data loss is possible with a diskonly configuration in the event of local disk failure. The Data Center supports the use of multiple disk volumes for archive set storage. You can set up your Data Center to use multiple volumes to store archive sets during Data Center Setup. You can also add and manage disk volumes using the DCMC after the Data Center has been installed. Multiple volume support is available only to disk-only Data Centers. For more information on HSM refer to Chapter 5: Hierarchical Storage Manager, beginning on page 23. Understanding Connected DataProtector 9

22 Chapter 2 / Data Center Configurations 10 Connected Corporation

23 3 ARCHIVE SETS Optimal, reliable, and secure storage begins with consistent, efficient, and well ordered organization of backed-up data. Connected DataProtector employs a process for archiving files that greatly reduces the amount of overhead. Central to this is the process of combining new and modified client files into size-constrained archive sets. Archive sets are files that contain compressed and encrypted files transmitted from a client by the Agent. The size of Archive sets is generally limited to 5 MB in order to facilitate transmission and preservation of Data Center disk space. Archive sets are stored on the Data Center server. In mirrored or clustered Data Center environments, archive sets are replicated to each server s mirror. To help you understand how archive sets are created, stored, and managed, this chapter discusses the following: The role the Agent plays in compressing and securing data for storage on the Data Center What happens to the archive set in various types of Data Center configurations Conventions used to name, identify and store archive sets Sizing strategies used to regulate the size of archive sets How archive sets are structured The effects of aging and expiration rules on an archive set 11

24 Chapter 3 / Archive Sets The Agent s Role in Archiving The Agent is responsible for determining which files to back up, preparing the file data for transmission and transmitting the file data to the Data Center. Preparing the files for transmission is a two step process that involves compressing and encrypting the client s file data. Each Agent represents a single account, or client computer. All of the data in a single archive set originates from one client, and its account number is included in the archive set s header for identification. The term account is frequently used throughout this manual to refer to an end-user computer or laptop. Account data is used to describe the body of data that originated from a specific end-user account. The Agent relies on a set of rules that defines which types of files to include and exclude from backups. When a backup session begins, the Agent scans the client hard drive to identify new and modified files that are eligible for backup. For the first system backup, the Agent sends entire files to establish a base for each file. For subsequent backups, it sends just the changes that have been made to the file since the last good backup. This change is called a delta. After scanning the client s hard drive, the Agent determines which files to send and begins processing them for transmission to the Data Center. Prior to transmission, the Agent compresses each file using the ZLIB compression library. ZLIB is a compression algorithm that significantly reduces the size of a file. The Agent also encrypts each compressed file using one of several levels of encryption available in Connected DataProtector, ranging from no encryption, to the 128-bit Advanced Encryption Standard (AES), the strongest level of encryption available today. Using the Agent Configuration Editor (ACE) in Support Center, you can configure the level of encryption that the Agent uses, ranging from no encryption, 40-bit DES, 56-bit DES, 112-bit DES to 128-bit AES. Refer to Support Center Help for more information about configuring Agent security settings. The Agent transmits the compressed, encrypted files to the Agent s designated primary server on the Data Center using TCP/IP protocol via a local area network (LAN), wide area network (WAN), or a dial-up modem. In response, the Data Center creates a new empty file called an archive set and begins receiving the files from the Agent. 12 Connected Corporation

25 What Happens to Archive Sets on the Data Center What Happens to Archive Sets on the Data Center The life cycle of an archive set varies depending on the configuration of the Data Center on which it resides. From the first transmission of account data to the Data Center, the life cycle of an archive set proceeds as follows: 1. The Data Center BackupServer service apportions the client data into one or more archive sets on the volume with the highest amount of available disk space. 2. The Data Center IndexServer service indexes the archive sets and their individual contents in the Directory database to keep track of each revision of each backed up file. 3. In mirrored or clustered Data Centers, the ReplicationServer service replicates the archive sets to the mirror (if applicable). 4. In Data Centers with an optional auxiliary storage device, such as a tape library, the HSMServer service migrates archive sets from the server to the auxiliary device. 5. The Compactor service routinely checks each account s archive sets for any expired revisions, and freshens (repackages) the archive sets as needed. The Data Center services that are responsible for archiving, indexing and (where applicable) replicating data to a mirror, and the individual roles they play, are described in further detail in Chapter 4: Data Center Services, beginning on page 17. Naming and Identification Conventions Archive set files have.arc file extensions and are written to a Customers directory on one of the Data Center server volumes. The contents of a single archive set always originate from the same user account. In disk-only Data Centers that contain multiple volumes, archive sets from one account may reside on different volumes. Writing archive sets to the volume with the most available free space facilitates even distribution of disk load. Never delete.arc files. This will result in a permanent loss of data and will make it impossible to restore the deleted information to the affected client. Understanding Connected DataProtector 13

26 Chapter 3 / Archive Sets Sizing and Splitting Archive Sets When an Agent transmits account data to the Data Center, the BackupServer service is responsible for grouping it into archive sets. As it does so, BackupServer regulates the size of the archive sets and creates new archive sets for the client data, if necessary. A new archive set is automatically created under the following conditions: The archive set reaches 5 MB in size. The number of files in the archive set totals 2,000. The next file en route from the client is greater than 50 MB. The BackupServer service creates new archive sets as needed to efficiently group the data into the smallest possible units. For example, if files A, B, and C together represent 3 MB, but file D equals 60 MB, then A, B, and C are combined together in one archive set and a new archive set is created for file D. Archive sets can include information from many individual files. Baselines of new files and deltas of older files can reside together in the same archive set. However, multiple versions of a single file exist in multiple archive sets. This is because new archive sets of account data are created during every backup session. A large file of 10 MB that undergoes significant revisions between each of five backup sessions will span five archive sets. For example, the baseline of one file is written to one archive set, and each of its deltas to additional archive sets for a total of five sets. All of the data contained in a single archive set comes from one backup session from a single account. Structure and Contents of an Archive Set Archive sets are structured to contain three basic elements: An archive header File headers File data The archive header contains information about the archive file itself, including its name, the account from which the data originated, and the current version of the Agent in use when the archive set was created. 14 Connected Corporation

27 File Expiration Dates and Rebasing The file header or headers contain detailed information about the files in the archive set. Specifically it identifies whether the file is a baseline or delta, the current revision level (if it is a delta), and its path and filenames among other details. When a file has been deleted from the client, or has been excluded from the backup list, the Agent transmits just a file header that signals to the Data Center that the file has been deleted or excluded. The third element is the file data itself in its compressed and encrypted form. It is possible for an archive set to contain only file headers and no file data if many files are deleted or excluded from backup between backup sessions. File Expiration Dates and Rebasing As files are backed up, the Agent maintains a complete copy of the base file, and then captures the changes that occur between backups in delta files. The delta files are not complete pictures of the original file. They are only the changes that have occurred to the file since its last backup. After some time and several backups, that one file may have accumulated many delta files, and reconstitution of that file for a retrieval request requires the Agent to get the baseline and all the accumulated deltas. At some point, the original base file and some of its deltas expire, depending on the expiration settings set for the Data Center (for example, some organizations, such as lawyers or medical offices, might turn off expiration rules for legal reasons). Compactor searches for expired files. All the base and delta files are contained in multiple archive sets. Compactor evaluates each file and, when it determines that the base file or the base file and several delta files are expired, it creates a new baseline or rebases the file. Rebasing is simply the process of rolling up the original base file and any expired deltas to create a new base. Compactor must rebase a file before its expired base and deltas can be deleted. It extracts the base file and deltas from the archive set or sets and rolls them up into a new file. After creating the new base file, Compactor deletes the expired files and then repackages the remaining unexpired files into one or more new archive sets. Understanding Connected DataProtector 15

28 Chapter 3 / Archive Sets For example, a new file is created and backed up from the account on 3/17. Subsequent modifications and backups occur over the next two days and then cease for that file. archive set1 base1 created and backed up on 3/17 archive set2 delta1 modifications backed up on 3/18 archive set3 delta2 modifications backed up on 3/19 The next time Compactor reviews this account, it rolls up the data in base1, delta1, and delta2 to create a new baseline, base2 : archive set1 base1 expired on 5/17 archive set2 delta1 expired on 5/18 archive set3 delta2 expired on 5/19 archive set6 base2 rolled up file created and archived on 5/31 For more information about Compactor, refer to Chapter 6: Compactor, beginning on page Connected Corporation

29 4 DATA CENTER SERVICES The Data Center is comprised of several services to perform the necessary tasks of running the Data Center server. The following services are included in the Data Center and are discussed in detail in the following sections: BackupServer IndexServer ReplicationServer PoolServer HSMServer Compactor BackupServer BackupServer is the Data Center service that processes requests from the Agent for data backup and retrieval. BackupServer gathers together all of the backed-up data into an archive set. The archive set is a file stored on the Data Center server s disk in a directory called Customers. It contains file backup data transmitted from a client during a single backup session. 1 For more information on archive sets, refer to Chapter 3: Archive Sets, beginning on page 11. When the Agent requests BackupServer to retrieve a file to a client, BackupServer must find the first backup of the file (called the baseline) and all of that file s changes (called deltas) necessary to recreate the specific version of the file that the end user has requested. 1. If the backup data from a single backup session is large, the BackupServer service uses more than one archive set, each representing a portion of the backup session. This helps to optimize data recovery performance. 17

30 Chapter 4 / Data Center Services For example, if the end user has requested to retrieve the third backed-up version of a file, BackupServer must retrieve the baseline (version 1), the delta that represents the differences between version 1 and version 2, and the delta that represents the differences between version 2 and version 3. Since the baseline and the deltas were backed up in different backup sessions, they are in different archive sets. Therefore, BackupServer typically uses multiple archive sets in order to retrieve a file. In addition to processing requests for data backup and retrieval, the BackupServer service manages the list of authorized user accounts and registers new accounts. There is one user account for each client that is being backed up. Backed-up archive sets are stored on the Data Center server in a folder called Customers. Archive sets are saved as files with the extension.arc. Under no circumstances should you ever delete an.arc file from the Customers directory. Doing so would mean deleting end users data and rendering it unrecoverable. IndexServer BackupServer starts automatically with Windows Server. Status and statistics for BackupServer are found in the DCMC. To view the service in the DCMC, expand the Data Center server name and click BackupServer. IndexServer is the Data Center service that indexes file and archive set information to database tables. As end users backup archive sets to the Data Center server, information about each file within the archive set must be stored in the Directory database. The IndexServer writes this information to the Directory database once the archive set is fully written to the Data Center server from the Agent. When the indexing process is finished, the archive set is queued for replication to the mirrored server, if a mirrored configuration is used. If the Data Center is mirrored or clustered, the IndexServer writes information to the database for all archive sets that have been replicated from the mirrored server. IndexServer starts automatically with Windows Server. Status and statistics for IndexServer are found in DCMC. To view the service in the DCMC, expand the Data Center server name and click IndexServer. 18 Connected Corporation

31 ReplicationServer ReplicationServer PoolServer The ReplicationServer service only runs on mirrored and clustered configurations. This service replicates the following content between the servers in a mirrored pair: Archive sets Database table rows Agent configurations After an archive set has been backed up by the Agent to the Data Center server and indexed to the database, it is put into a queue to be replicated to the mirror. The archive set is replicated as a whole to the mirror rather than bit by bit as it is backed up by the Agent. Most, but not all, of the database table rows in the schema are replicated between the servers in a mirrored pair. When a row is either inserted, deleted, or modified, it is queued for replication between the mirrored servers. When you use either Support Center or Agent Configuration Editor (ACE) to create files to be downloaded to Agents, the files created must be replicated between the mirrored servers. ReplicationServer queues both the Agent configuration file(s) and the corresponding database table rows for replication to the mirror. In order for file downloads to Agents to be successful, the files and database rows must be on both servers because Agents can connect to either Data Center server. The server they connect to first is dependent on which server they are configured to contact first. Therefore, it is necessary for Agent configuration files to be available on all servers in the Data Center. ReplicationServer starts automatically with Windows Server. Archive sets and database entries are replicated continuously when ReplicationServer is running. If it becomes necessary to pause or stop replication, you can pause or stop the service in the DCMC. You can view the status and progress of the replication service in the DCMC by expanding the Data Center server name and clicking ReplicationServer. PoolServer is the Data Center service that maintains the shared file pool used to implement Connected SendOnce technology. SendOnce provides a method for identical files from multiple Agents to be backed up once. This method reduces the storage needed on the Data Center server since multiple copies of the same file are not stored on the server. Understanding Connected DataProtector 19

32 Chapter 4 / Data Center Services HSMServer Application, operating system, and common organizational files take the greatest advantage of this feature. The PoolServer service performs a process called Copy On Reference and cleans the pool of uncommon files. The Copy On Reference process makes copies of files that have been backed up by more than one Agent. When an identical file is backed up by two Agents, SendOnce places it in a queue for Copy On Reference. Copy On Reference makes a copy of the file and places it in a special account known as the Pool Account, account number Any Agent that backs up the same file references the copy instead of sending another full copy of the file to the server. Also, any Agent that has backed up the file that now wants to retrieve the file retrieves the copy from the Pool Account. PoolServer cleans the pool of uncommon files every 14 days. An uncommon file is a file that has not been backed up by another account within 14 days. These files are removed to keep the Directory database from growing too large and to keep the performance of the SendOnce operation as efficient as possible. You can change the number of days uncommon files are kept in the pool in the DCMC. PoolServer starts automatically with Windows Server. Use the DCMC to view the status and statistics of the PoolServer. In the DCMC, expand the Data Center server name and click PoolServer. HSMServer is the Data Center service that processes the copying of archive sets between the local server s disk and the archive storage device. There are three components to HSMServer: HSMClient BackupHSM HSMPurge HSMClient is invoked by BackupServer to pass archive set copy requests to the BackupHSM service. The HSMClient monitors the processing of the requests and mediates between BackupServer (the Windows service) and BackupHSM. BackupHSM handles the operations for archive storage devices. HSMServer supports tape libraries and EMC Centera archive storage devices. It is not recommended that you pause the BackupHSM service. When BackupHSM is paused you cannot cancel requests or view the status in DCMC. You can unmount a tape manually from a tape library while BackupHSM is paused. 20 Connected Corporation

33 Compactor Compactor The library audits its contents and then BackupHSM audits the library. If it is necessary to stop HSM activities stopping BackupHSM alerts the service to complete the current request and then stop. It is the job of HSMPurge to migrate (copy) archive sets from the disk to the archive storage device and, when necessary, purge (delete) archive sets from the disk in order to create free disk space. When the end user wants to retrieve files, BackupServer sends a request to HSMClient to retrieve the appropriate archive set(s). BackupHSM copies the archive sets from the archive storage device back onto the server s disk where BackupServer can process them. Refer to Chapter 5: Hierarchical Storage Manager, beginning on page 23 for further information on HSM. The Compactor service works to clean old data off of the Data Center. Compactor checks for synchronization between mirrored servers, applies expiration rules to backed up data and deletes data that is deemed expired. The goal of Compactor is to speed up the end-user retrieve process and to reduce the amount of data stored long term on the Data Center. For more details about the Compactor process refer to Chapter 6: Compactor, beginning on page 33. Understanding Connected DataProtector 21

34 Chapter 4 / Data Center Services 22 Connected Corporation

35 5 HIERARCHICAL STORAGE MANAGER Over time, the Agents on many computers perform many backups, and the number of archive sets on the Data Center server s disk grows. When free space on the disk drops below a preconfigured threshold, BackupServer requests Hierarchical Storage Manager (HSM) to migrate archive sets from disk to the archive storage device, if one has been installed. If no archive storage device is installed, archive sets are kept only on the Data Center server s disks. The Compactor service, discussed in Chapter 6: Compactor, beginning on page 33, removes old data and recycles disk space as needed. Connected DataProtector supports the following types of archive storage devices: Tape libraries (SCSI and DAS) EMC Centera Visit the Resource Center for an updated list of hardware solutions that are currently supported. This chapter discusses the following concepts to help you understand overall archive set storage and management on the Data Center: Migration and purge Tape Groups and Tape Account Groups Tape sets Multiple tape libraries 23

36 Chapter 5 / Hierarchical Storage Manager Migration and Purge If your Data Center is configured with HSM, the HSMPurge service migrates archive sets from disk to an archive storage device when free disk space is reduced to a preset threshold. Upon reaching another free disk space threshold, the migrated archive sets are purged from disk, freeing disk space for newer backups. You can see the process graphically through the DCMC. For more information refer to Chapter 30: Data Center Management Console, beginning on page 153. If there are unmigrated archive sets and the free space drops below a specified percentage of disk space, HSMPurge begins migrating the archive sets, while keeping the original archive sets on disk. As archive sets are continually backed up to the server and occupy more disk space, free disk space continues to drop. When free disk space drops to a second specified percentage, HSMPurge starts purging migrated archive sets from disk. The purging continues until free disk space grows to a third specified percentage. You can specify the disk space percentages for the migration and purge processes in the DCMC. Archive sets are not immediately purged from disk after migration to the archive storage device. The reason for this is to keep as many archive sets as possible available on disk for possible file retrieval requests. Tape Groups and Tape Account Groups Tape Groups provide a method of keeping data from different communities on separate tapes. A community is the basic organizational unit for accounts on the Data Center server. You might find Tape Groups useful if you have a community whose data you want to keep on separate tapes in the tape library. Tape Group 0 (zero) is the default Tape Group created by Data Center Setup. The default community is assigned to Tape Group 0. Unless specified in Support Center, all new communities are also assigned to Tape Group 0. Tape Account Groups provide a way for HSM to group accounts together for assignment to tape. Tape Account Groups are groupings of accounts within a Tape Group. The purpose of Tape Account Groups is to fully utilize tape space. Tape Account Groups have a predetermined maximum number of accounts and quantity of data that are assigned. HSM creates a new Tape Account Group when the current Tape Account Group s limits are reached. The Primary Tape Set is organized using Tape Groups and Tape Account Groups by default. The Secondary Tape Set is not organized using these groupings. Refer to Tape Sets, on page 25 for more information about Primary and Secondary Tape Sets. 24 Connected Corporation

37 Tape Sets Tape Sets The Data Center software offers a feature that provides redundant protection of backed up data in both a standalone server and mirrored environment. This includes creating additional copies of archive sets, referred to as Secondary Tape Sets, and taking them off-site as needed. If you install Secondary Tape Sets, there are some concepts that you must understand in order to maintain this setup. This section explains the Secondary Tape Set basic functionality and how to best take advantage of this feature. This feature is also available to Data Centers with EMC Centera. In this situation, a tape library is attached to the server for the purpose of creating and using the Secondary Tape Set. Overview With a standalone Data Center configuration and in a mirrored server environment, there is an amount of risk of losing backed-up data due to various kinds of failures, such as: Disk failure on a standalone Data Center or on one of the servers of a mirrored pair Loss of tape cartridge Total system loss due to fire or similar disaster The amount of risk decreases in a mirrored server environment, where all backedup data is stored redundantly on two identical Data Centers, so that if one Data Center of a mirrored pair experiences some technical problems, data is still available on its mirror. Unlike a mirrored pair, a standalone Data Center only stores a single copy of data on disk or archive storage device (if applicable). In the event of hardware or software malfunction, service outage, a fire, or similar disaster, backed-up data, both on disk and on the archive storage device, will be completely lost if no extra protective measures have been taken. To take such protective measures, you can configure your Data Center to use one or more additional tape sets (refer to the Setting Up Connected DataProtector manual for installation information). During the migration process, HSM copies data from disk to tapes that belong to the tape sets referred to as the Primary and Secondary Tape Sets. The Primary and Secondary Tape Sets serve different functions within the Data Center. Therefore, the methods by which they are created differ as well. Understanding Connected DataProtector 25

38 Chapter 5 / Hierarchical Storage Manager Primary Tape Set There is only one Primary Tape Set in the tape library, and tapes that belong to it remain permanently in the library to ensure prompt recovery of archive sets at the end user s request. The main purpose of the Primary Tape Set is to optimize the recovery process for end users if they must retrieve some or all of their data. To maximize the speed and efficiency of file retrieval, data for each individual account is kept together in a Tape Account Group (refer to Tape Groups and Tape Account Groups, on page 24 for more information). In order to enable maximum amounts of data to accumulate on disk before each migration, data is migrated to tape infrequently. When the Data Center disk space usage parameters have been reached, HSMPurge migrates data to the Primary Tape Set with the goal of consolidating data for each account. In order for an account to be assigned to a particular tape, the amount of data that is already on that tape must be under a specific threshold. Imposing a data threshold provides space for future migrations for accounts that have already been assigned to the tape. Therefore, when an end user initiates a retrieve, the requested data is quickly located on the tape the account is assigned to and copied back to disk. Data is migrated from the Data Center disk to the Primary Tape Set as needed, based on registry settings. If the archive disk is properly sized, migration should occur once a week. Secondary Tape Sets The purpose of Secondary Tape Sets is to create and maintain a valid copy of all backed-up data in restorable form so that, if a major data loss occurs at the Data Center, archive sets are still recoverable using disaster recovery tools and procedures. Therefore, instead of consolidating data for each account on a particular tape, HSM tries to migrate archive sets to the Secondary Tape Set tapes as quickly as possible. There are two kinds of Secondary Tape Sets: The SendOnce account tape set stores a backup of the SendOnce account (you can create only one copy of a SendOnce account tape set). This tape set usually remains on-site and is especially helpful in a standalone Data Center configuration, enabling fast recovery of backed up data, lost due to a bad tape or a disk failure. When the SendOnce account tape set tape becomes full, you can remove it from the library and store it on the shelf at the same location. 26 Connected Corporation

39 Tape Sets Off-site Secondary Tape Sets contain a complete copy, with the exception of the SendOnce account, of archive sets and are intended for off-site storage. Depending on your organization s needs, you can set up the system to create one or more off-site Secondary Tape Sets. For maximum data protection, tapes in these tape sets are filled and removed from the library as often as possible. Once removed from the library, they must be stored in a safe location, preferably in a different building. Therefore, in the event of full-system crash, the most recent users data would still be available on the off-site Secondary Tape Set tapes. Deciding to Use Secondary Tape Sets In order to decide whether or not to use Secondary Tape Sets, you should consider the following: The amount of risk involved in your Data Center operations If you are running a standalone Data Center, the risk of losing some or all of your backed up data is much higher than in a mirrored environment. If you run a mirrored Data Center, data is still at risk if one of the mirrors is completely destroyed. The advantages and disadvantages of this setup and how it can affect your Data Center operations The primary advantage of having Secondary Tape Sets is in having an ultimate degree of protection against loss or damage of backup data. It is particularly valuable in a standalone server environment, where the risk of losing data due to a disk or tape failure is especially high. In the event of an entire system crash, the off-site tapes from the Secondary Tape Set remain the only source of end-user data, which would otherwise be lost forever. Although a mirrored server configuration provides an extra degree of data protection against all possible failures by storing data redundantly at the two identical Data Centers, Secondary Tape Sets are still very helpful in the following situations: You must quickly restore archive sets that are lost or damaged due to a tape failure. One of the servers of a mirrored pair is completely destroyed, and you must quickly move backed-up data to a new mirror. Understanding Connected DataProtector 27

40 Chapter 5 / Hierarchical Storage Manager The primary disadvantage of using Secondary Tape Sets is the increasing cost of media (you must provide additional tapes to maintain this setup) and operation maintenance. Your decision is therefore a trade-off of cost against the level of risk you are ready to accept. Taking Secondary Tape Set Tapes Off-Site To minimize the vulnerability of data in case of disk failure, fire, or other disaster, two schedules have been defined for the Secondary Tape Sets: the migration schedule and the extraction schedule. Frequency of data migration to the Secondary Tape Set is determined by the migration schedule. In a single server environment, the risk of losing data due to disk failure is much higher than in a mirrored server configuration. To reduce this risk, data must be migrated to the Secondary Tape Set as frequently as possible. Instead of being demand driven, migration is scheduled to run daily or several times per day using the daily automatic procedure. The greater the frequency of migration, the less the data loss if the disk were to fail. Migration to the Secondary Tape Set can also be performed with the DCMC. To ensure data safety in case of fire or other disaster that might result in loss of the entire Data Center, Secondary Tape Set tapes must be removed from the library and taken off-site as often as possible. The extraction schedule defines how often the Secondary Tape Set tapes are removed from the library. The frequency of tape extraction is determined by the following factors: The amount of data that the Data Center receives daily (if the Data Center has a large user community, tape removal should be performed more frequently) The number of blank tapes that the user provides to support the Secondary Tape Set configuration You can set the extraction interval to less than, equal to, or greater than a day. You should remove Secondary Tape Set tapes from the library every other day or as soon as the tape gets full (waiting until the tape gets full reduces the cost of media, but increases the risk of losing backed-up data due to complete disk loss). Once removed, the tapes should be stored in a safe location, preferably in a different building. Therefore, in the event of full system crash, the most recent data can still be retrieved from the off-site Secondary Tape Sets. If you host your own Data Center and would like details on how to remove Secondary Tape Set tapes from a tape library using the DCMC, refer to the Maintaining Your Data Center manual. 28 Connected Corporation

41 Multiple Tape Libraries Multiple Tape Libraries The Data Center is capable of running with two tape libraries attached to each server. You might use multiple tape libraries for any of the following situations: You have an existing tape library and would like to replace it by transitioning to a new tape library (for example, if you are replacing an older tape library with one that uses newer technology). You want to keep your existing tape library, but you must use an additional reliever library temporarily until you can free up tape space on the original library. You want to permanently use multiple tape libraries to expand your total available tape capacity. Each of these situations poses its own unique considerations and procedures. For information on installing two tape libraries on your Data Center or adding a second tape library refer to the Setting Up Connected DataProtector manual. Transition to a New Tape Library If you want to replace your original tape library with a new one, you must make the transition over a period of time during which you copy the data from the old library to the new library. A likely example of this situation is if you are replacing an older tape library with one that uses newer technology. When you replace a library, your goal is to stop using the old tape library, start using the new library, and copy the data from the tapes in the old library to the tapes in the new library. Refer to the Setting Up Connected DataProtector manual for a procedure to transition to a new library. Temporary Reliever Library There might be times when you must use an additional tape library for temporary extended storage until Compactor is able to free sufficient space in your original library. Your original library would remain your permanent library, and the additional temporary library would remain in use only for as long as needed. In this situation, you would simply connect the additional library and let the Compactor service run until it has freed up enough tape space to warrant removing the additional library. Understanding Connected DataProtector 29

42 Chapter 5 / Hierarchical Storage Manager The previous process requires you to transfer tapes back and forth between tape libraries. Therefore, the two libraries must be of compatible tape and barcode technologies. Permanent Expansion Library If you are using multiple tape libraries because you want to permanently expand your available tape capacity, then you must plan to keep the multiple libraries in use for an indefinite amount of time. Unlike the previous situations, your goal in this situation is not to work toward using only one library again. Instead your goal is to continually use the multiple libraries as efficiently as possible. Doing so means balancing tape utilization among all libraries in use. To balance tape utilization, you should understand the following concepts: How tape utilization works in HSM How to balance tape utilization across multiple libraries How to work with libraries of different technologies Understanding Tape Utilization in HSM When HSM migrates data to tape, it accesses the tapes in the alphabetical and numerical order of their labels. Regardless of where or when the tapes are inserted, HSM looks for the next tape labeled alphabetically (or numerically) when the previous tape is full. For example, assume you have multiple tape libraries with 100 tapes that are labeled ABK001, ABK002,..., ABK100 (you could have inserted these tapes at any time, in any order, or in any library). When ABK001 is full, HSM then migrates data to ABK002. When ABK002 is full, HSM migrates data to ABK003, and so forth. It does not matter which library the tapes are in. If you have more than one Tape Group, you can split the tapes for the Tape Group between the two libraries. This is not a concern if the libraries and tapes are of the same technology. The same holds true for Tape Account Groups. It is not a concern if a Tape Account Group is split across two libraries. For more information on Tape Groups and Tape Account Groups refer to Tape Groups and Tape Account Groups on page Connected Corporation

43 Multiple Tape Libraries Balancing Tape Utilization To balance the workload across tape libraries, you should insert the tapes into the tape libraries so that their labels span the libraries evenly. For example, assume you have two libraries, each with a 50-tape capacity (a total of 100 tapes). Assume the barcode labels that you attached to the tapes are ABK001, ABK002,..., ABK100. When you insert the tapes into the two libraries, you should insert ABK001 into the first library, ABK002 into the second library, ABK003 into the first library, ABK004 into the second library, and so forth. Then, when one tape is full and HSM accesses the next tape, it alternates between each tape library. Working with Libraries of Different Technologies Balancing tape utilization is easy if you use libraries that are of compatible tape and barcode technologies because you can simply move tapes between the libraries to get the order that yields optimum load balancing. However, this process is not as easy if you use libraries of different tape and barcode technologies because you cannot simply move tapes between such libraries. If you use libraries of different tape and barcode technologies, you must prepare in advance of setting up the new tapes. When you order barcode labels for new tapes, order labels with the same barcode labels as your other libraries. For example, if one library uses ABK001-ABK200, order labels with ABK001-ABK200 for the additional library. That way you can attach the barcodes, alternating numbers for each library. For example, use the ABK001 label for the first library, the ABK002 label for the second library, the ABK003 label for the first library, the ABK004 label for the second library, and so forth. Then HSM alternates libraries when migrating data to a new tape. Understanding Connected DataProtector 31

44 Chapter 5 / Hierarchical Storage Manager 32 Connected Corporation

45 6 COMPACTOR Compactor is one of the Data Center services. As a service, Compactor runs automatically and continuously based on Data Center activity. Compactor has several purposes: Reduce overall storage requirement for the Data Center. Improve Agent file retrieval performance. Limit the number of tapes needed for account recovery. Free tape and disk space by removing expired data. Reduce the size of the databases. Improve data integrity. Compactor runs on all Data Center configurations but runs differently on a standalone server than it does in a mirrored configuration. It also works differently with HSM as opposed to a disk-only configuration. For mirrored Data Centers, the Compactor service runs on both servers but only one of the servers in the pair controls the workload of the compaction process. This server is referred to as the primary server. If you are running a clustered Data Center, there is one primary server for every mirrored pair in the cluster. For example, a clustered Data Center with three mirrored pairs has three primary servers. You can check the status of the primary server(s) in the Compactor view of the DCMC. The Compactor service removes older, unnecessary data from the Data Center. It accomplishes this task through the following process: 1. Check for necessary disk space. 2. Select accounts or a Tape Account Group. 33

46 Chapter 6 / Compactor 3. Perform a system analysis and repair. 4. Mark files as expired. 5. Repackage archive sets. 6. Delete expired archive sets and database entries. 7. Migrate new archive sets to tape. 8. Inform the Agent of changes. These steps represent a standard compaction cycle on a mirrored Data Center using HSM. Some steps are different or excluded for other configurations as noted in the descriptions below. Check for Necessary Disk Space Before Compactor begins processing accounts, it checks for necessary disk space on all servers where HSM is installed. It compares the DiskCache value in the Windows registry to the sum of free disk space on the archive partitions and the amount of space taken up by customer archive sets. If there is available space, the compaction process proceeds. If there is not enough available space, Compactor writes an error message to the Application log and then stops. A certain amount of disk space is necessary because all archive sets for an account must be on disk for Compactor to process the account. Compactor also checks for available disk space before each account is processed. On disk-only Data Centers all of the account's archive sets are already on disk, therefore the disk cache check is not necessary. If the free disk space on a disk-only Data Center server drops below 10% of the total disk space, Compactor attempts to compact all accounts on the server to free up disk space. Select Accounts or a Tape Account Group Compactor must determine which accounts to work on per session. For a Data Center using a tape library, Compactor selects the oldest Tape Account Group that has not been compacted in a set number of days. The default number of days is 90, but you can adjust this number in the DCMC. For more information on Tape Account Groups refer to Tape Groups and Tape Account Groups, on page 24. If a Data Center does not use a tape library for the Primary Tape Set (if it is diskonly or uses Centera), Compactor begins working on accounts that have not been compacted in a set number of days. The default number of days is 30, but you can adjust this number in the DCMC. 34 Connected Corporation

47 Perform a System Analysis and Repair Normally Compactor runs continuously, but you can start the Compactor service by specifying an account, tape, or Tape Account Group. You can also run compaction on cancelled accounts only. Details on starting Compactor with switches is found in DCMC Help. Perform a System Analysis and Repair On mirrored and clustered Data Centers, Compactor begins processing an account by first locking the account from all other processes. A check for synchronicity of the account s archive sets and database information on the local server and then between the two servers of a mirrored pair is performed. If inconsistencies are found, Compactor attempts to correct them. Once the corrections are made Compactor checks the account again for synchronicity. If it finds that the account is synchronous, the compaction process continues. If the account still has inconsistencies, then the Compactor service does not continue processing the account and instead generates an error message in the DCMaint event log. Mark Files as Expired Compactor uses rules created during Data Center installation to expire files. These rules include how long a cancelled account s data are kept, how long files deleted from the Agent computer are kept, how long files excluded from the Agent backup list are kept, and how many versions of a file are kept and for how long. For more specific information on the expiration rules refer to File Expiration Rules, on page 37. You can view and change the expiration rules within the DCMC. Setting any of the values to -1 turns off the rule. Compactor runs through every version of every file for the selected account and marks files as expired if a rule applies. Since the expiration process is run on an account approximately every 90 days, there are times when there are more versions of a file available than the rules would imply. In configurations using HSM, when the expiration process is complete, archive sets are copied from tape to disk. Archive sets for accounts that are canceled and ready to be compacted are not copied to disk. These accounts are processed first. Repackage Archive Sets Once files have been marked as expired, Compactor is able to determine which files to delete and which archive sets to repackage for efficiency. Understanding Connected DataProtector 35

48 Chapter 6 / Compactor If a failure to retrieve the archive set from tape or disk occurs, Compactor attempts to retrieve the archive set from the server s mirror. When working with files in an archive set, Compactor either copies or rebases the file. Rebasing takes the original base of a file (the first backed up version) and combines it with its deltas (subsequent changes to backed-up files) to create a new base. The expired base and deltas are no longer needed and are deleted. Compactor copies files to new archive sets when a file is not expired but is in an archive set with other files that require rebasing or deletion. After the repackaging process, Compactor performs additional checks of data integrity on the new archive sets. Delete Archive Sets and Database Entries Once all archive sets have been repackaged, Compactor deletes all of the old archive sets from disk. During this process it also deletes the appropriate database rows for these files and archive sets. Compactor does not delete archive sets from tape but does delete information regarding the archive set s location on tape from the database. This action renders the archive sets irretrievable and the tape space expired. When this step is complete the account is unlocked, allowing access to all processes. Migrate New Archive Sets to Tape In configurations using HSM, Compactor migrates new archive sets to the archive storage device. If using a tape library, Compactor checks to see if there are four blank tapes in the library before beginning migration. recommends four tapes because Tape Account Groups by default use four tapes. If four blank tapes are not available in the library, Compactor writes an error message to the DCMaint log and the service is paused. Inform the Agent of Changes When archive sets have been repackaged or deleted, the BackupServer service must notify the Agent of the change. The next time the Agent connects to the Data Center server, its file list is updated with the new information from the compaction process. Files that have been deleted by the Compactor service are no longer restorable by the Agent. Therefore, the Agent must update its list of files available for retrieval. Once all new archive sets are migrated, the process begins again with the check for available disk cache and selection of the next account or Tape Account Group to be compacted. 36 Connected Corporation

49 File Expiration Rules For assistance in administering Compactor, use the DCMC to: Start, stop, or pause the Compactor service. Specify startup parameters. Monitor Compactor progress for the current session. View recyclable tapes for reuse or removal from the library. Monitor disk space. Monitor Compactor progress for the past 90 days. You can access DCMC Help from within the DCMC for more information on these topics. File Expiration Rules In order to reuse disk and archive storage space, old data is deleted using a process during the Compactor process called expiration. During setup, you are asked to establish parameters that define when data is old and can be deleted. The file expiration rules are set to reasonable defaults by Data Center Setup, so you can safely accept the defaults if you are not sure of the parameters you need. Entering -1 for any of the values turns off the expiration rule. On a disk-only configuration, file expiration rules are used to keep from running out of disk storage. On a server using an HSM archive storage device, file expiration rules are only used to minimize growth of data in storage; the disk is kept at an acceptable free space level by data migration. Consequently, you should monitor a disk-only configuration closely in the weeks after startup, and decrease the file expiration rules if disk space is being filled too quickly. On both disk-only and HSM configurations, if space is tightly limited, more aggressive file expiration rules are necessary. File expiration rules are changed using the DCMC. The rules and their default settings are detailed as follows: Canceled specifies the minimum number of days after an account is canceled until its backed-up data is deleted. The default number of days until deletion is 60. Deleted specifies the minimum number of days that a file is retained after it has been deleted from the Agent that backed it up. If a file is backed up and later deleted, it is normally retrievable via the Agent. However, if the file has been expired and compacted from the Data Center it cannot be retrieved. The default value is 90 days for disk-only configurations and 180 days for HSM configurations. Understanding Connected DataProtector 37

50 Chapter 6 / Compactor Excluded specifies the number of days that a file is retained after the enduser has excluded it from the backup list on the Agent. If a file is backed up and then later excluded from the Agent backup list, it is expired and deleted the next time Compactor runs on the account. The default value is zero days for disk-only and HSM configurations. RecentVersions and OldVersions are used together to specify the number of versions of a file that are retained. For example, if RecentVersions = 9 (versions) and OldVersions = 30 (days), then old versions of a file are deleted if they are more than 30 days old or there are 9 more recent versions. The most recent backed-up version of a file is not expired using these parameters. The default value for RecentVersions is 10 versions for disk-only configurations and 20 versions for HSM configurations. The default value for OldVersions is 45 days for disk-only configurations and 90 days for HSM configurations. EMC Centera and Garbage Collection You can use EMC Centera as an archive storage device with HSM on the Data Center. Early versions of the Centera software did not include a full garbage collection feature. Garbage collection is the process that deletes expired data from Centera s disk and recovers the disk space for reuse. The latest version of Centera includes the garbage collection feature. Refer to the Setting Up Connected DataProtector manual for more information on enabling garbage collection on Centera. 38 Connected Corporation

51 7 DATABASES The Data Center software creates and uses three SQL databases. These databases include: Registry database Directory database Asset database The databases are created when you install the Data Center software. The Asset database, which is used for the optional Audit feature, is installed whether or not your organization is licensed for the Audit feature. If you are running a mirrored or clustered Data Center, extra database protection is offered. This concept is discussed in more detail in this chapter. Directory Database The Data Center uses the Directory database to store information about: Which archive sets have been generated Which end user files are represented in a given archive set Where each archive set is found on disk or on an archive storage device The Directory database makes possible the retrieval of backed-up data when an end user initiates a retrieve operation. Other types of information stored in the Directory database include information for replication, Compactor, and tape data. 39

52 Chapter 7 / Databases Registry Database The BackupServer service manages the Registry database. This database stores information about each user account that has been created. Whenever a new account is created or account information is changed, the BackupServer service or Support Center makes an appropriate entry in the Registry database. The Registry database is used to: Record account activity. Generate reports within Support Center. Store user information. Obtain information regarding the mirror (for mirrored configurations). Asset Database The Asset database is used by the Audit feature. This database is installed on the Data Center whether or not your organization is licensed for Audit. The Asset database stores information about the hardware and software in use by end users. Do not remove, add, or modify any data in any SQL database except under specific written instructions from Support. Manual changes to the database can irrecoverably destroy the ability to retrieve any or all backed-up data. An incorrect database change can appear to work at the time the change is made, yet produce severe problems at a future date. Database Protection If you host your own Data Center and you are running it as a standalone server, the databases are backed up during the daily and weekly automatic procedures. Refer to the Maintaining Your Data Center manual for more information regarding these procedures. In the event of a disaster, the Data Center is reconstructed using the backed-up database files and transaction logs. If you host your own Data Center and you are running it in a mirrored or clustered configuration, the databases are rebuilt from the mirror after any potential disaster. 40 Connected Corporation

53 Database Protection Visit the Resource Center to obtain a query that you can use to rebuild the databases. During the regular course of daily activity, all necessary database tables are replicated between the mirrored servers (for more information on the ReplicationServer service refer to ReplicationServer, on page 19). Several tables store unique information for each server. These tables are also replicated. For example, assume the LibraryTape table on Server A is replicated to a table named MirrorLibraryTape on Server B. If Server A were to experience a database failure, you could copy the needed database tables from Server B. This process is faster and more reliable than restoring from database backups. Understanding Connected DataProtector 41

54 Chapter 7 / Databases 42 Connected Corporation

55 8 DATA CENTER AND ENTERPRISE DIRECTORY Enterprise Directory uses Lightweight Directory Access Protocol (LDAP), a software protocol enabling you to store personal information for every individual in your organization. This directory of information enables other applications to read information from it for authentication and other purposes. Connected DataProtector supports the following Enterprise Directory servers: Novell edirectory version 8.6 Netscape iplanet Directory Server version 4.13 Sun ONE Directory Server version 5.1 Microsoft Active Directory If you have an existing Enterprise Directory server, you can map the directory to the Data Center s database using Support Center. Refer to Support Center Help for the procedure to map your Data Center to Enterprise Directory. You can use the Data Center with Enterprise Directory to: Validate Support Center technicians Maintain end-user personal data You can map your entire Data Center to Enterprise Directory, or you can map only specific communities. If you map a specific community to Enterprise Directory all of its subcommunities will use Enterprise Directory as well. It is important to map a community to Enterprise Directory before allowing Agents to register to the community. 43

56 Chapter 8 / Data Center and Enterprise Directory Validate Support Center Technicians Through Support Center, you can map the Data Center or specific communities to Enterprise Directory. Doing so forces Support Center technicians to use their Enterprise Directory logon ID and password to log on to Support Center. Maintain End-User Personal Data The Agent and the Data Center databases use Enterprise Directory to obtain personal information about the user. This relieves you of the need to enter information in multiple places. Additionally, you can use Enterprise Directory for security by specifying that the user s Enterprise Directory password must be used when retrieving files or performing a Heal with the Agent. Users of Enterprise Directory-enabled accounts cannot change their personal information within the Agent. This information can only be changed on the Enterprise Directory server. Enterprise Directory Management For communities that are Enterprise Directory-enabled, the Data Center synchronizes user information between the Enterprise Directory server and the Data Center databases. This synchronization process is performed by the LDAPSyncher application. It is run once daily using Windows Scheduled Tasks. If the Enterprise Directory server is not available, then Support Center technicians are unable to log on to Support Center, and new Agent registrations are unable to be registered. Retrieve and Heal functions are also disabled during this period, if your end users use account passwords. For information on setting up a new Data Center with Enterprise Directory, refer to the Setting Up Connected DataProtector manual. For information on converting an existing community to Enterprise Directory, refer to the Maintaining Your Data Center manual. 44 Connected Corporation

57 9 LICENSING Upon installing the Data Center, a license is needed in order to use the Data Center on an ongoing basis. The license controls, among other things, how many end user accounts your Data Center can manage and which optional features are enabled. During installation of the Data Center software, you are prompted for license information. If you do not have a license at that time, a temporary one is created. This temporary license lasts thirty days. You must obtain a permanent license before the thirty days are over. The license is associated with the network interface card (NIC) on the Data Center server where it is installed. The host ID associated with the NIC is written into the license file. Therefore, each license file is made specifically for one Data Center server. Every server in a mirrored or clustered Data Center must have the same license. That is, every server must be licensed for the same features and the same number of users. There are a number of reasons for obtaining a new Data Center license: You are performing a new installation of the Data Center software. You are deploying the Agent to additional end users. The NIC on the Data Center has changed. An additional NIC is being installed. The Connected features offered to end users have changed. In order to obtain a new permanent license, you must contact Connected s Software Fulfillment Coordinator at sfc@connected.com. He or she will ask for your host ID. The HostID utility helps you determine this information. 45

58 Chapter 9 / Licensing For more information on determining the host ID for your server s NIC card(s), refer to HostID, on page 170. If you host your own Data Center and would like more information on obtaining a Data Center license, refer to the Maintaining Your Data Center manual. Reading a License.dat You might find it necessary to open the temporary license.dat file to see when it expires. The license.dat file is located in the Data Center directory. You can open it in a text editor, but editing the license.dat file can cause it to not function properly. Also, an event log message is generated to inform you of how many days remain on the license. The following example shows a license.dat file contents: PACKAGE BackupServerPkg connectd DAFBB38279D \ COMPONENTS="BackupServer Heal iroam \ FEATURE BackupServerPkg connectd sep-2003 uncounted \ 50835B92EAAF VENDOR_STRING="50,License Example" \ HOSTID=004bb3a29000 START=16-Aug-2001 PACKAGE BackupHSMPkg connectd EC6317D78F99 \ COMPONENTS="BackupHSM " FEATURE BackupHSMPkg connectd sep-2001 uncounted \ C1BDDE02C44B VENDOR_STRING="50,License Example" \ HOSTID=004bb3a29000 START=16-Aug-2001 PACKAGE PartnerNamePkg connectd F715CF0 \ COMPONENTS="PartnerName Connected Internal" FEATURE PartnerNamePkg connectd sep-2001 uncounted \ 799F0CEE6532 VENDOR_STRING="50,License Example" \ HOSTID=004bb3a29000 START=16-Aug Connected Corporation

59 The first COMPONENTS section shows that this license supports the following features: BackupServer service, Heal, and iroam. This section also states that the license expires on September 15, The first value in the VENDOR_STRING section specifies how many seats this license is for, in this case 50. This section also states the name of the organization, License Example. Understanding Connected DataProtector 47

60 Chapter 9 / Licensing 48 Connected Corporation

61 10 DATA CENTER LOGGING The message logging feature is designed to allow for multiple Data Center components to follow the same standard for reporting event messages while providing the additional benefits of multiple levels of logging detail. The use of the logging system provides for: Multiple levels of logging detail with the addition of a Data Center Maintenance (DCMaint) log Fewer Application event log messages produced by the Data Center Assignment of a unique Event ID to all event messages so that they are easier to categorize, document, and use by automated alerting software By providing each event message with a unique Event ID, you can set external software to generate emergency notifications for very specific events, reducing the overall maintenance time required. The Event ID also allows for very specific documentation to be referenced, so that you can quickly and easily find the potential cause of an event and any action required for that event. Visit the Resource Center for a listing of event log messages by component. This chapter discusses several concepts to help you understand how the Data Center logs information. The concepts discussed in this chapter include: Event logging Event log maintenance Trace logging 49

62 Chapter 10 / Data Center Logging Event Logging The Data Center provides three levels of logging detail: The Application event log The custom DCMaint event log The Data Center component s trace log file By placing only the event messages intended for you to see and respond to into the Application event log, the amount of noise that must be sifted through while managing the Data Center is significantly reduced. This also allows you to know exactly when you should take action, and what type of action you should take. If there are no errors in the Application event log, no further action is required and there is no need to look through the more detailed DCMaint log. However, certain messages in the DCMaint log may be considered serious in some situations, so it is a good idea to periodically scan through the DCMaint log for error and warning messages. If there are errors in the Application log, it might be necessary to obtain more information surrounding the error. That information can be found in the DCMaint log. Placing more detailed and specific messages in the DCMaint log gives you and Support the tools for further diagnosing problems. The third level of message logging lies in the ability to generate trace log files. These files provide a deeper level of logging, thus allowing Support to adequately diagnose the potential problem. The trace logs are intended to be used only with the advice and assistance of a qualified Support representative. Event messages are generated in the following hierarchy: The Application event log contains only the event messages specifically designated for the Application event log. The DCMaint event log contains those event messages specifically designated for the DCMaint event log and repeats the event messages designated for the Application event log. If any trace flags are turned on for a Data Center component, the generated trace log file for that component contains the event messages specifically designated for the trace log and the event messages designated for the DCMaint event log for that component and the event messages designated for the Application event log for that component. 50 Connected Corporation

63 Event Log Maintenance Event Log Maintenance The Data Center automatically saves the event logs as described in this section, with the one noted exception of the Application log. If the addition of an entry to the Application event log is found to fill it beyond its limit (for example: 50 MB), a backup of the Application event log file will automatically be performed. The event log will then be cleared, and an Informational message will be generated by the system into the Application event log indicating that this event log has been backed up and cleared due to space limitations. The backup location is specified from the Windows registry setting as a string value (LogFileDir) under the key: \\LocalMachine\Software\Connected\BackupDataCenter. Each log file name will be generated as following: NTApp TimeStamp.evt. For example, NTApp evt. In order for the Application log to be automatically saved and cleared, the Data Center must be the source of the message that will cause the log to exceed capacity. In other words, if a different server component such as SQL Server fills the log, then the log will not automatically be saved and will have to be saved and cleared manually. If the DCMaint log becomes full, a backup of the log file is performed. The event log is cleared, and an informational message is generated by the system into the Application event log indicating that the DCMaint event log has been backed up and cleared due to space limitations. Saving the log is possible in all situations due to the fact that the DCMaint event log is only written to by the Data Center software. Other maintenance of the DCMaint log is performed by the system upon initialization. This includes comparison of the event log size and age to the Windows registry values MaxSize and LogFileTime. A backup and clear is performed if either value exceeds the defined limits. The backup location is specified in the Windows registry setting as a string value (LogFileDir) under the key: \\LocalMachine\Software\Connected\BackupDataCenter. Each log file name is generated as follows: DCMaint TimeStamp.evt (for example, DCMaint evt). Understanding Connected DataProtector 51

64 Chapter 10 / Data Center Logging Trace Logging Trace logging provides for additional event logging when high-level troubleshooting may be required. Trace logging is not intended to be used in normal circumstances and should typically be used under the advice and assistance of Support. In order to generate those event messages that are associated with a trace log, the corresponding trace flag values must be set for the Data Center component in the Windows registry. If you host your own Data Center, refer to the Maintaining Your Data Center manual for the procedure to turn on trace logging for a component. 52 Connected Corporation

65 11 SUPPORT CENTER OVERVIEW Support Center is a Web-based application, therefore you can use it from any computer with Internet Explorer 5.5 or later and a network/internet connection. This flexibility enables you and your staff to monitor and manage your accounts with ease. This chapter discusses concepts to help you understand how Support Center is structured and used. The concepts discussed in this chapter include: Support Center uses Support Center interface Support Center access Support Center Uses Support Center enables you to manage Agent accounts deployed throughout your organization. You can use Support Center to perform the following tasks: Create and manage technicians. Manage communities and accounts. Create, manage, and download Agent configurations. Edit and download file selection rules for Agent backups. Create and run reports. 53

66 Chapter 11 / Support Center Overview Technician Management Technicians are the users of Support Center. This group can include the Data Center Administrator, IT, Technical Support, or other individuals who support your end-user community. Support Center enables you to create technician accounts with as many or as little permissions as you like. This enables you to delegate different tasks to different groups of supporting personnel. Refer to Chapter 14: Technicians, beginning on page 71 for a more detailed discussion on Support Center technicians. Community and Account Management Each Agent deployed to an end user is represented on the Data Center as an account. A community is a group of accounts with a common element. You can create communities based on organizational department, office location, Agent configuration, or any other element that helps you to manage your accounts efficiently. Refer to Chapter 12: Accounts and Communities, beginning on page 59 for a more detailed discussion on managing your accounts and communities. Agent Configuration Management You can configure the Agent software to meet your organization s needs in terms of registration, backup schedule, security, features, and a host of other options. Support Center contains a tool, Agent Configuration Editor (ACE), for this purpose. Support Center can create Agent configurations for the following languages: English French German Japanese Spanish Once you have created an Agent configuration, Support Center can automatically download it to your end users. Refer to Chapter 13: Agent Configurations, beginning on page 67 for a more detailed discussion on creating and managing Agent configurations. 54 Connected Corporation

67 Support Center Interface File Selection Rules Management The Agent includes a set of file selection rules for backing up files. These rules determine which files get backed up to the Data Center. You can change these rules to meet your organization s needs. Support Center provides an interface under the Configurations node for editing file selection rules. Refer to Chapter 15: File Selection Rules, beginning on page 75 for a more detailed discussion on editing these rules. Report Management You can use Support Center to create and run reports on account status and usage. You can run these reports only once or on a regular basis. Reports can also contain charts and can be saved in XML format. Refer to Chapter 16: Support Center Reports, beginning on page 83 for a more detailed discussion on the use of Support Center reports. Support Center Interface The Support Center interface consists of a tri-pane window with a hierarchical tree in the left pane that represents the organization of accounts on your Data Center. The right pane displays information relevant to the node selected in the left pane. The tree is organized into the following nodes: Top-level node The top-level node displays the name of the Data Center server from which Support Center reads database information. It has the following subnodes: Accounts: This subnode enables you to search and view information about the user accounts in your Data Center. Technicians: This subnode enables you to create logon accounts for technicians who use Support Center. Configurations: This subnode enables you to create and edit Agent configurations. Report Templates: This subnode enables you to create report templates that you can use to generate reports that track account usage and other statistics. Reports: This subnode displays the results of reports generated using the Report Templates node. Understanding Connected DataProtector 55

68 Chapter 11 / Support Center Overview Communities Each community that you create to organize and manage accounts for your organization has a subnode. Each of these subnodes have their own Accounts, Technicians, Configurations, Report Templates, and Reports nodes. You can also add subcommunities, which are represented as their own node. In the following graphic, the top-level community is ABC Corporation and its subcommunities are Engineering, Finance, Marketing, Research and Sales. The community and subcommunities all have the nodes Accounts, Technicians, Report Templates, Reports, and Configurations. The following example shows the Support Center interface: For more information on working with the Support Center interface, refer to Support Center Help. Inheritance of Support Center Objects A Support Center object is a report, technician, or Agent configuration created for a community. A community s objects are available for use in all of that community s subcommunities. This inheritance enables you to use your top-level objects throughout all subcommunities. 56 Connected Corporation

69 Support Center Access Inherited objects are distinguished in the left pane using a font with a lighter pitch (bold font represents objects that are not inherited). Objects can only be edited within the community in which they were created. Support Center Access You can access Support Center from any computer with Internet Explorer 5.5 or later and a network/internet connection. To open Support Center, point your Web browser to one of the following URLs: If you have configured DNS or WINS to store the server names, use: name>/supportcenter/ where <server name> is the name of your Support Center server. If you host are not using DNS, use: where <ddd.ddd.ddd.ddd> is the IP address of your Support Center server. Understanding Connected DataProtector 57

70 Chapter 11 / Support Center Overview 58 Connected Corporation

71 12 ACCOUNTS AND COMMUNITIES Each instance of the Agent deployed in your organization has a corresponding account in the Data Center. Using Support Center s Accounts nodes, you can manage the Agents deployed in your organization to change their operational status, update their configurations and file selection rules, edit their security parameters, and track their usage through reports and information screens. If you are running a mirrored or clustered Data Center, you can also change which servers an account uses to back up and retrieve files. To simplify management tasks, you can use Support Center to organize Agent accounts into collective units called communities. Communities consist of accounts that share common characteristics, such as configuration settings or the geographical location of the clients. Using communities, you can run reports, edit settings, upgrade configurations, and perform other account management tasks for multiple Agents. This chapter helps you to understand accounts and communities by discussing the following concepts: Account management Communities Account Management You can access your accounts using the Accounts node in the left pane. Each community in your Data Center has its own Accounts node that enables you to search and manage the accounts assigned to that community. You can use Support Center to perform the following tasks: Change the account s status. 59

72 Chapter 12 / Accounts and Communities Manage general functions. Manage security settings. Change the Agent configuration. Assign an account to a new user (Enterprise Directory only). Each account is identified with a 10-digit account number. The account number is also displayed on the Agent s Home tab and should be recorded offline by the end user along with the Agent s encryption key and account password, if applicable. The easiest way to locate an account in Support Center is to search for the account number. If you are unable to obtain the account number, you can search for the account using the user s name, organization name, department, or other identifying criteria. For more information on accessing and managing accounts in Support Center, refer to Support Center Help. Changing Account Status An account s status determines whether the account is allowed to connect with the Data Center. By changing the account status, you can temporarily or permanently prevent an Agent from backing up or retrieving files. This enables you to block access to the Data Center from clients that have been stolen or that are no longer used. For example, when an end user leaves your organization, you can cancel the account so that the computer cannot be used by others to access the files that the end user previously backed up. Accounts have four status options: Active When an account has an Active status, it is able to access the Data Center and perform all backup and retrieve operations. On Hold When an account has an On Hold status, it is temporarily prevented from accessing the Data Center and performing backup and retrieve operations. For example, you can place an account on hold if the end user takes a long-term leave from your organization. When the person returns, you can change the status of the account back to active. When you put accounts on hold for security reasons, you should also deactivate iroam access. Refer to Activating and Deactivating iroam, on page 62 for more information. 60 Connected Corporation

73 Account Management Canceled When an account has a Canceled status, it is permanently prevented from accessing the Data Center and performing backup and retrieve operations. The Agent s backed-up information will be expired and removed from the server s disk by the Compactor service after the expiration period has passed. You can cancel a user s account, for example, if the person permanently leaves your organization. When you cancel accounts, you should also deactivate iroam access. Refer to Activating and Deactivating iroam, on page 62 for more information. Canceled and Data Deleted When an account has a Canceled and Data Deleted status, the compaction process has already run on the canceled account, and the account s information no longer exists on the Data Center. Managing General Functions You can use Support Center to manage general functions, including the following tasks: Updating account status automatically using Enterprise Directory. Changing an account s primary server. Activating and deactivating iroam. Ordering CDs for accounts. Updating Account Status Automatically Using Enterprise Directory If you use Enterprise Directory to store your users network passwords, you can use the Enterprise Directory database to verify whether or not your end users have valid accounts. If an end user no longer exists in, or cannot be validated against Enterprise Directory, Support Center automatically changes the account s status to Canceled or On Hold. To verify users through Enterprise Directory, you must first associate your Data Center or your communities to Enterprise Directory using Support Center. For more information, refer to Chapter 8: Data Center and Enterprise Directory, beginning on page 43. Understanding Connected DataProtector 61

74 Chapter 12 / Accounts and Communities Changing an Account s Primary Server Agents that connect to servers in a mirrored or clustered environment use one server as their primary server during backup or retrieval operations. The Agent always attempts to contact its designated primary server first. If the primary server is offline, the Agent connects to its mirror and finishes the requested operation. Support Center enables you to change the primary server used by Agents after they have been deployed. Activating and Deactivating iroam If your organization uses iroam, you can manage your end users access to it through Support Center. If you disable the service for an account, the user is unable to retrieve files using iroam. You should deactivate iroam for accounts that have recently been canceled or put on hold due to security concerns. Support Center only enables you to turn existing iroam service on and off. To add iroam to an existing account, you must configure the appropriate Agent settings using Agent Configuration Editor (ACE). Ordering CDs for Accounts If an account has lost its data and it is inconvenient to restore the data using a network connection, you can use Support Center to order a data CD set for the account. The CDs will contain all of the data that the account has backed up. The user can then use the CDs to restore their data. Managing Agent Security Every account has an encryption key that is created during Agent setup or configured through ACE. The encryption key is used to encrypt each file backed up by the Agent. Support Center enables you to access an account s encryption key. In addition to encryption keys, accounts can use an optional password. If the Agent is configured to allow a password, the end user can create a password either during or after Agent setup. The account password provides an extra layer of security for the end user during file retrieval procedures because it must be provided before files can be retrieved. Support Center enables you to change an account password if you suspect that it has been obtained by an unauthorized person or otherwise poses a security risk. 62 Connected Corporation

75 Account Management One final optional layer of security is in notifying the end user via if files are retrieved from their account. With this feature enabled, users can take appropriate action if an unauthorized person retrieves their files. Recovering Encryption Keys If a user must reinstall the Agent software on their computer, they must provide the account number and encryption key during reinstallation in order to recover their previous Agent account. While users are urged to record their account data offline in case they must reinstall the Agent later, they might lose this information and request it. You can view an account s encryption key using Support Center since the encryption keys are escrowed on the Data Center. An account s encryption key cannot be changed once it has been created during Agent setup. Assigning Account Passwords Agents with account passwords require users to type the password before retrieving files from the Data Center. This is an optional feature that is recommended for clients that are at risk of theft, such as laptops, or that share files with other accounts. Support Center allows you to change these passwords. You might want to change an account password if a client has been stolen to prevent unauthorized access to the account s files. If your organization uses Enterprise Directory to store your users network passwords, you can enable these passwords as your account passwords. This requires you to map your Data Center or its communities to Enterprise Directory. For more information about using Enterprise Directory with Support Center, refer to Chapter 8: Data Center and Enterprise Directory, beginning on page 43. Account passwords can only be created for Agents that have been configured through ACE to utilize account passwords. You cannot create an account password on an Agent that does not include this functionality in its Agent settings. Enabling Notification for File Retrievals You enable notification through Support Center at the Data Center, community, or subcommunity level (specific Agent configurations do not use e- mail notification; it is enabled for the entire Data Center or community). Refer to Support Center Help for instructions on enabling notification. Understanding Connected DataProtector 63

76 Chapter 12 / Accounts and Communities Changing an Agent s Configuration Support Center enables you to change the configuration used with an individual account. The Agent s configuration determines the Agent s file selection rules, security settings, language version, and interface controls. If you use multiple configurations within one community, you can change the configuration assigned to an Agent within the community. The next time the Agent connects to the Data Center, the new configuration is downloaded and incorporated into the Agent. Refer to Chapter 13: Agent Configurations, beginning on page 67 for a more detailed discussion on Agent configurations. Assigning an Account to a New User Communities If your communities are mapped to Enterprise Directory, you can use Support Center to change the user associated with the account. This allows you to transfer access to an account s backed up files to a new user. For more information about mapping your communities to Enterprise Directory, refer to Chapter 8: Data Center and Enterprise Directory, beginning on page 43. Each community you create in Support Center is represented by a node in the left pane. Each community node has subnodes representing the accounts, technicians, configurations, reports, and subcommunities within the community. Each community inherits the objects contained in the Data Center (root level) node. For example, technicians whose permissions are defined in the root level can access all communities. The Agent configurations, reports, and other objects defined at the root level can be used in any community. This section discusses to following concepts relative to communities: The default community Creating new communities Assigning accounts to communities Using subcommunities 64 Connected Corporation

77 Communities The Default Community When you install Support Center, the installation procedure creates a community labeled Default. This community includes the Default Agent configuration, which is composed of default settings and rules. You can use this community to organize your own Agents, or use it as a model when constructing your own communities. Creating New Communities You can create as many communities as necessary to organize your accounts. All communities that you create automatically inherit the default Agent configuration defined in the root community. However, any new Agent configurations that you create in a new community are only available to that community and any of its subcommunities. Support Center Help contains instructions for creating new communities and Agent configurations. Assigning Accounts to Communities Every community, including the top-level Data Center community, has a distinct registration code and password assigned to it. When you create an Agent configuration, the registration code and password for the community is burned into the configuration. The registration code and password are sent to the Data Center when an end user installs and registers an Agent. The Data Center then automatically places the new account into the appropriate community based on the registration code and password. For more information about the registration process, refer to the Setting Up Connected DataProtector manual. Registering Accounts Using Tickets As an alternative to registration numbers and passwords, you can use tickets to register accounts to communities. Tickets enable you to control the number of accounts created and who creates them. Using tickets, you first define the account in Support Center. The Ticket Machine generates a ticket number for the account. You then provide this number with the Agent Setup application to the end user. When prompted, the user types the ticket number and the Agent is identified with the corresponding account. Understanding Connected DataProtector 65

78 Chapter 12 / Accounts and Communities Enabling and Disabling Registration for Communities After you have deployed the Agent throughout your organization, you can disable registration for communities. This prevents someone from later using a copy of Agent Setup to register an account that you did not intend to create on your Data Center. When you disable registration for a community, no one can register a new Agent account with the community, even if they possess the community s registration number and password. If you must add new accounts to the community or recover an account, you can re-enable registration for short time periods as needed. Subcommunities Each community can contain subcommunities. Agent accounts in the subcommunity share characteristics with the parent community but have distinct characteristics that set them apart. For example, you might create a single community to represent all of the Agents in your branch office. Within this parent community, you can create subcommunities to represent the departments within the branch office, such as Finance, Accounting, and Marketing. The Agents in each subcommunity inherit the versions, settings, and file selection rules defined for the parent community but can also have configurations that are unique to each subcommunity. For example, you might define common file selection rules at the community level for your entire organization. Then, for each group within your organization, you might have subcommunities for which you can define unique settings for accounts that will belong to those subcommunities. You can then create Agent configurations for each subcommunity using the common file selection rules and the Agent settings that were defined for each group. Moving Subcommunities Support Center enables you to reassociate a subcommunity with a different parent community. This can be useful if you want your communities to reflect changes in your organization. 66 Connected Corporation

79 13 AGENT CONFIGURATIONS An Agent configuration determines which features are available to deployed Agents. It also determines an Agent s software version, file selection rules, interface language, optional features, and operating parameters. You can access the configuration information for each community beneath the Configurations node in Support Center. This chapter discusses the following concepts relative to Agent configurations: Configuration components The default Agent configuration Updating the Agent automatically using central administration Configuration Components Support Center compiles Agent configurations from a set of subcomponents that each define a portion of the Agent s functionality. These configuration components include: Agent version Agent settings File selection rules 67

80 Chapter 13 / Agent Configurations Agent Versions Agent versions describe the version and language of the software used to create the Agent. When you create versions in Support Center, you should name the version to reflect the software version and language used in the Agent. This helps you to easily identify the Agent version based on the name. For example, if you create a German version you might name the version GermanCorporate 7.1. Agent Settings The Agent has an extensive list of optional features you can enable or disable if your Data Center is licensed for the feature. Agent settings determine which of these features are accessible to the user. The settings also contain parameters that govern the Agent s backup and retrieve operations, such as the backup schedule, file selection type, and retrieve options. Security features such as the account password and firewall settings are also enabled in the Agent settings. To create or edit Agent settings, use the Agent Configuration Editor (ACE). ACE is started automatically by Support Center when you edit Agent settings. Using ACE, you can accept the default settings or select new settings for your Agent s various features. For more information about using ACE, refer to ACE Help. File Selection Rules File selection rules provide information for the Agent to determine which files to include and exclude during a backup. You specify file selection rules through Support Center, but depending on how you configure the Agent, the end user might be able to modify your rules. File selection rules are discussed in detail in Chapter 15: File Selection Rules, beginning on page 75. The Default Agent Configuration During Support Center installation, a default Agent configuration (labeled Default) is automatically created. This configuration resides at the root level, making it available to all of your communities. The default configuration is composed of the default Agent version (English), the default Agent settings, and default file selection rules. In many cases, you might want to create your own configuration with its unique version, settings, and rules. 68 Connected Corporation

81 Updating Agents Automatically Using Central Administration However, you can use the default configuration as a reference when creating your own configurations. For more information about creating a new Agent configuration, refer to Support Center Help. Distributing Agents to Clients When you create a new Agent configuration, Support Center compiles these components into the Agent Setup application. Agent Setup installs the Agent on the client with all of the features and operating parameters specified in the configuration. Support Center then associates the Agent with the appropriate community when the Agent registers with the Data Center. For more information about Agent Setup, refer to the Setting Up Connected DataProtector manual. Updating Agents Automatically Using Central Administration After you have deployed Agents to computers in your organization, you can update the configuration of the Agents and download updates to your clients automatically using central administration. The next time the Agent connects to the Data Center, the latest changes to their Agent configuration will be downloaded and incorporated into the Agent. For example, if you change the Agent settings used by a configuration, all of the Agents that use that configuration will be automatically updated to use the new settings. Central administration is enabled at the community level. You can enable it for some communities while disabling it for others. If you do not use central administration for a community, you can still update the community s accounts by distributing a new Agent Setup application to the clients via your preferred method of distribution. Once you have enabled central administration for a community, you cannot defer the download of the updated Agent components to your Agents. Do not enable this feature until you are ready to upgrade your Agents. For additional information and instructions on enabling central administration, refer to Support Center Help. Understanding Connected DataProtector 69

82 Chapter 13 / Agent Configurations 70 Connected Corporation

83 14 TECHNICIANS Technicians are the Support Center users. Each technician has a unique ID that identifies the technician s account. You can configure technician accounts to restrict the technician s access to certain communities or features. This allows you to delegate Support Center tasks to subordinate employees without granting them access to communities or features that you prefer to reserve for employees with higher clearance levels. Each community in Support Center has a Technicians node that enables you to create and edit technician accounts for that community. Technicians whose accounts reside in the top-level Data Center node have access to all communities. This chapter discusses the following concepts relative to Support Center technicians: The admin account Configuring access permissions for technicians Using Enterprise Directory with technician accounts The Admin Account When you install Support Center, you create a technician account that has full access to all of Support Center s communities and features. (This account is labeled admin by default.) Use this account to log on to Support Center following installation and create new technician accounts for Support Center users. 71

84 Chapter 14 / Technicians Access Permissions for Technicians When you create a technician account, you can restrict the technician s access to particular communities and/or Support Center features, such as reporting and modifying configuration settings. All technicians have at minimum the ability to view account and configuration information in the communities they are permitted to access. Restricting Technician Access to Communities To restrict a technician s access to a specific community, create the technician s account in the community rather than in the top-level Data Center node. The technician can then only access resources within that community or within its subcommunities. Technician accounts cannot be transferred to new communities. After you have created a technician account, you can only grant access to higher-level communities by recreating the account at the higher level. Restricting Technician Access to Specific Support Center Features Most of Support Center s control screens are optional. Only technicians with the required permissions can access controls that allow them to change Agent configurations, update account status, and perform other management tasks. When you create a technician account, Support Center provides options for setting these permissions. You can also edit these permissions any time. Support Center Help provides information on each of the specific technician permissions. Password Expiration and Failed Password Attempts As an additional security precaution, you can configure technician passwords to expire. Once a password expires, the technician is prompted to provide a new password the next time the technician attempts to log on to Support Center. To set a password to expire, edit the following Windows registry setting on the Support Center server: HKEY_LOCAL_MACHINE\Software\Connected\SupportCenter\Expirati ondays. 72 Connected Corporation

85 Enterprise Directory with Technician Accounts The default value for the ExpirationDays setting is 365 days. Note that the same expiration period applies to all technicians on the Data Center. When you create a new technician in Support Center, that technician's password is set to expire on a date based on the ExpirationDays value as described above. If the ExpirationDays value is at the default of 365, the technician's password will expire one year from the day the technician is created. (If you upgraded your Data Center from a version prior to 7.0, each technician's expiration date will be set the first time he or she logs on to Support Center after the upgrade.) When the password expires, the next time the technician logs on, he or she will be prompted to enter a new password. At that time, the expiration date will be reinitialized based on the ExpirationDays value. If during a logon a technician types an invalid password, Support Center allows for a retry. However, if the technician types an invalid password three consecutive times, Support Center locks out their technician ID for 20 minutes. After this 20 minute lockout period, the technician can attempt to log on again. Enterprise Directory with Technician Accounts If the technician s community is using Enterprise Directory, then the technician must use their Enterprise Directory password to log on to Support Center. Refer to Chapter 8: Data Center and Enterprise Directory, beginning on page 43 for more information about using Enterprise Directory with your Data Center. For more information about mapping your Data Center and communities to Enterprise Directory, refer to Setting Up Connected DataProtector. Understanding Connected DataProtector 73

86 Chapter 14 / Technicians 74 Connected Corporation

87 15 FILE SELECTION RULES File selection rules (referred to as default rules or DefRules in previous versions) provide information for the Agent to determine which files to include and exclude during a backup. You specify file selection rules through Support Center, but depending on how you configure the Agent, the end user might be able to modify your rules. This chapter discusses the following concepts to help you understand file selection rules and how to use them: Data and full system recovery (FSR) rules Base and user rules How rules affect file selection Types of rules Rule precedence Data and FSR Rules There are two basic categories of rules that specify which files the Agent should select during a backup: data rules and FSR rules. The specific category that the Agent uses depends on the Agent s current file selection method (for more information on file selection methods, refer to File Selection, on page 123). The Agent follows data rules when it is configured for Automatic File Selection, which allows only data files to be backed up or retrieved. The Agent uses data rules to determine which types of files are considered data files and should therefore be included or excluded during a backup. 75

88 Chapter 15 / File Selection Rules The Agent follows FSR rules when it is configured for Full System File Selection, which allows almost all files on the client to be backed up or retrieved. Since there are some types of extraneous files, such as temporary or cache files, that you would not want to include, the Agent uses the FSR rules to exclude such files from a backup. The third file selection method, Manual File Selection, does not use file selection rules since all files are available to the end user for selection. Both data and FSR rules are broken down into the same specific types of rules (discussed in Types of Rules, on page 77). They also follow the same syntax conventions and have the same basic structure as one another. You edit file selection rules using Support Center (for more information on editing file selection rules in Support Center, refer to Support Center Help). Base and User Rules For both data rules and FSR rules, Support Center enables you to either use a default set of rules or customize your own. Base rules are the default rules used for an entire Data Center or community. These rules should be general in scope and apply to most of the Agents deployed within your Data Center or community. An initial default set of base rules is installed with Support Center. This initial default set of rules is based on the general requirements for most organizations. If you find that the default base rules installed with Support Center do not suit your organization s needs, then you can create your own set of base rules. Typically, however, the base rules are used in combination with user rules to define the rules for any given Agent configuration. User rules are customized rules that you create to suit specific Agent configurations. Support Center merges user rules with base rules and applies them to any Agent configuration that you specify. For example, Support Center s initial base rules ordinarily exclude MP3 files from the Agent s backups. Suppose, however, that you wanted to allow your end users to back up such files. You could define a user rule that includes MP3 files, which Support Center would merge with the base rules. Then your user rule to include MP3 files would override the base rule to exclude them (all other base rules would still apply unless you override them with other user rules as well). 76 Connected Corporation

89 How Rules Affect File Selection Base and user rules apply to both data rules and FSR rules. Therefore, in Support Center, you can work with any of the following sets of rules: Base data rules include the default set of data rules. User data rules include customized data rules. Base FSR rules include the default set of FSR rules. User FSR rules include customized FSR rules. When you create an Agent configuration, you have the option of selecting any combination of base rules and user rules (including none if you don t want to apply any given set of rules). How Rules Affect File Selection When you apply base and/or user rules to an Agent configuration, Support Center creates the appropriate rule files for distribution with the Agents. For new Agent installation files, these rule files are automatically included within the Setup program and get installed with the Agent. For existing Agents that are already deployed, changes you make to rules get built into new rule files that Support Center downloads to the appropriate Agents to update the rules that the specified Agents use. The Agent uses the rule files, along with any custom rules specified by the end user, to determine which files to select for backup. If you don t want end users to be able to modify file selection rules, then you can disable the feature by editing the Agent s backup settings in ACE (which you access through Support Center). For more information on editing the Agent s backup settings, refer to ACE Help. Keep in mind that, if you allow end users to modify file selection rules, they could apply rules that take precedence over some of your rules. Similarly, depending on the rules you define, your rules could take precedence over some end-user rules. If you download updated rules after an end user customizes their own rules, the end user could be confused if their rules no longer exist after the rule download. For more information on rule precedence, refer to Rule Precedence, on page 81. Types of Rules There are several types of file selection rules. Each type contains rules for including or excluding files based on the following properties: File extension Filename Understanding Connected DataProtector 77

90 Chapter 15 / File Selection Rules The disk drive on which the files reside The applications with which the files are associated These rules are listed line by line in each of the base data rules, user data rules, base FSR rules, and user FSR rules. The rules in each of these sets are identified within sections that define the specific file inclusion and exclusion rules. For example, rules that exclude files based on file extensions are grouped under a section identified by [Extensions] while rules that include files based on filenames are grouped under a section identified by [Files-Inc]. A section of the rules might look like the following sample: [Extensions] AVI=Video clip MP3=MP3 file TMP=Temporary file WAV=Sound file [Files-Inc] NAMES.NSF=Lotus Notes names file The Temp folder (as returned by the GetTempPath Windows API function) is excluded automatically, without any use of file extension rules. Support Center Help provides descriptions for specific rules, including the complete syntax for all of the rules discussed in this section. Rules that Apply to File Extensions You can specify rules that instruct the Agent to include or exclude files for selection based on their file extension. The example in Base and User Rules, on page 76 discusses how you could create a user rule to include MP3 files to override the base rule that excludes them. In this example, the user data rules have a rule that specifically includes files with the.mp3 file extension. When editing these types of rules in Support Center, place them under the following sections: [Extensions], for rules that exclude files by file extension [Extensions-Inc], for rules that include files by file extension 78 Connected Corporation

91 Types of Rules Be extremely careful when applying syntax to these types of rules. If you do not use the syntax correctly, your rule could end up including or excluding all files from backup, even if you only apply the rule to one type of file extension. Support Center Help provides the appropriate syntax to use when creating rules. Rules that Apply to Filenames You can specify rules that instruct the Agent to include or exclude files for selection based on their filename or any part of their filename. For example, if clients have a specialized executable file named personal.exe, and you want to include this file for backup while excluding all other executable files, you can create a user rule that specifically includes personal.exe. Assuming this user rule is used along with base rules that exclude all other files with the.exe extension, then the personal.exe file would be the only executable file being selected for backup. You can also apply inclusion and exclusion rules based on parts of filenames by using the asterisk (*) wildcard. For example, if you wanted to include files of all types named personal, you could create a user rule that includes personal.*. Then such files as personal.txt, personal.exe, and personal.tmp would be included for backup. You can also use the wildcard as any part of a filename. For example, an inclusion rule for the file my*.* would include such files as mydocument.txt, myfile.tmp, and mystic.exe. You should be careful when using wildcards since they can be quite powerful. For example, one simple rule that says to exclude *.* could result in excluding every file from backup. When editing these types of rules in Support Center, place them under the following sections: [Files], for rules that exclude files by filename [Files-Inc], for rules that include files by filename Understanding Connected DataProtector 79

92 Chapter 15 / File Selection Rules Be extremely careful when applying syntax to these types of rules. If you do not use the syntax correctly, your rule could end up including or excluding all files from backup, even if you only apply the rule to one specific filename. Support Center Help provides the appropriate syntax to use when creating rules. Rules that Apply to Files as They Are Stored on Disk Drives Rules that apply to files as they are stored on disk drives are primarily for systems that have more than one disk drive or disk partition, though these rules have the same effect for single disk systems as well. These rules specify folder and file names that you can include or exclude regardless of which drive (or drives) the folders and files reside on. This rule does not apply to network drives that end users have mapped on their systems. If you want to enable end users to back up network drives, you can change the appropriate backup setting in ACE. The Agent applies this rule only once per drive during the Agent s initial scan of that drive. Therefore, if the end user adds a new subfolder to an excluded folder after the rule was initially applied, the new subfolder would not be excluded even though the parent folder and its subfolders were marked for exclusion. When editing these types of rules in Support Center, place both inclusion and exclusion rules under the [PerDrive] section. Rules that Apply to Files Based on the Applications with Which They are Associated Rules that apply to files based on their associated applications determine the location of an application folder and specify the files from within that folder to include and exclude. For application rules you must provide a statement to identify the application folder along with subsequent statements to specify which files from within that folder to include or exclude. 80 Connected Corporation

93 Rule Precedence Application folders are determined by specifying file names that are known to be installed with the application. The rule then determines that a folder is a specific application folder if it contains all specified files. For example, an application rule might start with a statement that identifies a folder as a Microsoft Access 7.0 application folder if it contains the files msaccess.exe, wxmain70.mda, and msain300.dll. Subsequent statements would then specify whether to include or exclude specific files from within that application folder and/or any subfolders. When editing these types of rules in Support Center, place both inclusion and exclusion rules under the [Applications] section. Magic Date Rules If an Agent is configured for Automatic File Selection, then it automatically excludes all files from what it determines to be an application folder. To determine if a folder is an application folder, the Agent uses its own rules, called Magic Date rules. Magic Date rules automatically exclude certain files from any folder containing an.exe or other executable file as well as any folder containing a set of files with a date pattern that suggests the files were installed as part of an application installation. The files that are excluded are those that appear to have been installed when the application was installed. Files that appear to have been created after the application was installed are not excluded. There might be situations, when you want to override Magic Date rules to include folders that would otherwise be excluded. You can do so with rules that identify folder names to include for selection. These rules override only the application folders determined through the Magic Date rules used within the Agent. They do not apply to application rules that may have been created as base or user rules. When editing these types of rules in Support Center, place the inclusion rules under the [MagicDate-Inc] section. Rule Precedence When specifying user rules (or creating your own base rules), it is possible that some base and user rules could conflict with other base and user rules used for the same Agent configuration. For example, your user rules might have an [Extensions] rule that excludes files based on their file extension. However, your base rules might have a [Files-Inc] rule that includes a specific file that has a file extension excluded by the previous [Extensions] rule. Understanding Connected DataProtector 81

94 Chapter 15 / File Selection Rules If you applied both base and user rules to an Agent configuration, the rules would conflict with one another. For situations like this, you should be familiar with the precedence of file selection rules so that you know exactly which files your rules will and will not include. Generally speaking, a more specific rule has higher precedence than a less specific rule. When rules are the same in specificity, a rule that includes files has higher precedence than a rule that excludes files. Keep in mind that rules customized in the Agent by end users are included when determining precedence. If you have enabled end users to specify their own rules for file inclusion and exclusion, then they could specify a rule that might take higher precedence than a rule that you specify as part of your user rules. The best way to demonstrate this order of precedence is through a few examples: With all other factors being equal, a rule that includes a file has a higher precedence than a rule that excludes it. For example, if you have a user rule that excludes MyFile.txt but the Agent has a rule defined by the end user that includes MyFile.txt, then the file would be included since the same file name is specified and the inclusion rule has higher precedence. A rule that has a more explicit file name has a higher precedence than a rule that has a less explicit file name. For example, if you have a user rule that excludes MyFile.txt and a base rule that includes all text files by using a wildcard (*.txt) or by including the.txt extension, then MyFile.txt would be excluded since the exclude rule is more specific in naming the file. In this example, the include rule simply includes all text files, while the exclude rule specifically names a file to exclude. With all other factors being equal, a rule that applies to a specific disk or folder has a higher precedence than a rule that applies to all disks or folders. For example, if you have a [PerDrive] rule that excludes MyFile.txt and another rule includes C:\MyFile.txt, then C:\MyFile.txt would be included (while, in comparison, MyFile.txt on other disk drives would be excluded) since the include rule specifies a specific location (C:\). 82 Connected Corporation

95 16 SUPPORT CENTER REPORTS Support Center enables you to create and run reports on a number of elements related to the accounts on your Data Center. With Support Center reports you can: Run default reports installed with Support Center. Create and edit your own reports. View and display charts. Save and export reports in XML format. Create account groups. Default Reports Support Center is installed with a default set of report templates for creating reports. You can edit a default report template to meet your needs, but you should save an edited default report template as a new name. Doing so ensures that you do not to lose the original default configuration and that your customizations will not be overwritten by any future upgrade of Support Center (the default report templates in future versions of Support Center could be updated and therefore overwrite any changes you have made if you do not give your customized template a new name). The default report templates installed with Support Center include: Account List. Displays a list of accounts by community and sorted by account name. Account Size. Displays the amount of data stored on the Data Center by individual accounts. 83

96 Chapter 16 / Support Center Reports Accounts Not Backing Up. Displays a list of accounts that have not backed up for 10 days. Activity Trends. Displays a graph that shows the trends in the backup activity of accounts. The graph shows data in GB backed up per day. Backup Activity. Displays a list of accounts by community, and the amount of data backed up during the month to date. Configurations. Displays the assigned and actual Agent configurations for each account. Encryption Key Disclosure. Displays accounts whose encryption keys have been viewed by Support Center Technicians. File Types. Displays the top 50 backed-up file extensions by size. First Backup Size. Displays the amount of data backed up by a group of accounts during the first backup. Heavy Hitters. Displays the accounts backing up the most data in megabytes. Heavy Hitters Cumulative. Displays accounts with more than 20 GB of data stored on the Data Center. Restore Activity. Displays a list of accounts by community, and the amount of data restored by each account during the month to date. Restore activity includes Agent Retrieve, iroam, Heal, and Sharing. Create and View Reports There are two basic components used for creating reports. The report template contains the parameters used to generate a report. It does not contain actual data. A report can then be generated using a report template. A report contains the actual data, which is based on the parameters specified in the underlying report template. Areas that you can report on include, but are not limited to: Account information. Name and demographic information for a group of accounts. Account summary. Status, Agent version, Agent configuration, and last backup date for a group of accounts. Current data sizes. Total number and size of files stored on the Data Center for a group of accounts. 84 Connected Corporation

97 Viewing and Displaying Charts Account first backup sizes. Total number and size of files transferred by a group of accounts during their first backup. Activity types. Number of backups, restores, and CD orders performed within a given time frame. You can create a new report template by clicking the Report Templates node under the community on which you want to report. You can also include all subcommunities within the parent community. The first Create Report Templates screen enables you to select which accounts to report on. You then continue through subsequent screens where you select what information to display in the report and how the information should be sorted. Support Center Help offers specific steps for creating a report template. Once the report template is created, it is saved on the Support Center server for reuse and can be edited at any time. Once you have saved a report template, you can run the corresponding report either immediately or at a later time. You can also rerun the report in the future. Depending on the amount of data needed to compile the report, it can take minutes or hours for the report to be complete. When the report is complete the report name appears under the Reports node. Viewing and Displaying Charts You can display a chart with a report. Support Center uses Adobe SVG Viewer to display charts. You can download Adobe SVG Viewer through Support Center if your computer does not have it installed. You can display a chart for the following types of display fields: Number of accounts Account activity values Total account data size values Account first backup size values Saving Report Results in XML On the Reports screen, you can view reports in XML format. You can then export the XML code into another application that supports XML format. Understanding Connected DataProtector 85

98 Chapter 16 / Support Center Reports In order to be read correctly, some applications require that the XML file be modified such that the first line in the file is: <?xml version="1.0" encoding="utf-8"?> Account Groups You can also use the reports feature to create a grouping of accounts. You can then affect a change to each account in the group at one time. Changes you can make to an Account Group include: Changing the account status Enabling or disabling iroam Changing the Agent configuration Moving the accounts to a different community For example, you can create a report to find all accounts that have not performed a backup in the past 90 days. You can then use the list of accounts generated to change the status of the accounts to canceled or on hold. The account group is a temporary entity. Once the Support Center session is closed, either by timing out or closing the browser, the account group is deleted. 86 Connected Corporation

99 17 iroam iroam is an optional Web-based application that enables users to retrieve backedup files via the Web without requiring Agent software to be installed on the computer from which the users are retrieving files. The iroam software runs on a secure Web server, preferably separate from the Data Center servers. If you host your own Data Center and want to use iroam, you must install the iroam software in addition to the Data Center software (refer to the Setting Up Connected DataProtector manual for information on installing iroam). Because of the added workload associated with iroam activities and because of security considerations with a Web server, you should install iroam on a separate server from the Data Center server. Most organizations deploy iroam on the same server as Support Center. Users can then access iroam at the following URL: name>/iroam/ Regardless of where you host your Data Center, individual accounts must be enabled for iroam in order to use it. This means configuring iroam in ACE for your Agent deployment as well as ensuring it is turned on within the Agent for each account. You can access only files smaller than 2 gigabytes (GB) using iroam. iroam User Interface There are three basic screens through which you work with iroam: Logon screen 87

100 Chapter 17 / iroam Select Files screen Download Files screen Help is available from any of these screens to provide specific information on working with iroam. Logon Screen When you first access iroam, the logon screen appears. In order to gain access to your account, you must enter the following information: The account number or address for your account If you have two or more accounts that use that same address, then you cannot log on with an address. You must instead use the account number for the account you want to access. The password or encryption key for the account you are accessing If your account has a password (passwords are optional for accounts), you must type the password instead of the encryption key. Select Files Screen When you successfully log on to iroam, or when you access the Select Files tab after already being logged on to iroam, the Select Files screen appears. This screen contains three sections. From left to right, these sections are the control section, the file tree section, and the files available for restore section. The control section contains links to show either the most recent versions of files or to show all available versions of files. The earliest available version of a file is the same version that can be obtained directly through the Agent. When you click a folder in the file tree section, a list of the files in that folder appears in the files available for restore section. In this section you can select the files you want to retrieve and then prepare them for download. Download Files Screen When you access the Download Files tab, the Download Files screen appears. This screen contains the files that you select and prepare through the Select Files screen. For each file, iroam displays one of the following status messages: 88 Connected Corporation

101 File Retrieval Process Preparing File, Please Wait. While this status message appears, you can click your Web browser's refresh button until the status changes. The period of time that it takes to prepare a file depends on such factors as when the file was originally backed up or how busy the Data Center is processing other requests. Press Here for Download. When this status message appears, you can download the selected file by right-clicking the Here link and then selecting the download option on the pop-up menu (the specific pop-up menu item depends on your Web browser). Files selected for download remain available for a limited amount of time, as described in the section Cleaning Files Off of the iroam Server, on page 90. Keep in mind that the version of any file on the Download Files screen is based on which version you most recently selected on the Select Files screen. If a newer version of a file is backed up after you originally select the file for download, then you must return to the Select Files screen to select the file again in order to have iroam prepare the latest version of the file for download. File Retrieval Process When a user selects a file in iroam to prepare it for download, iroam sends the request to the Data Center server. Once the Data Center server receives the request, it rebuilds the selected file the same way as if the request came from the Agent (refer to Chapter 23: File Retrieval, beginning on page 127 for more information). To decrypt the appropriate archive, the Data Center uses the account s encryption key that is escrowed on the Data Center server. Once the Data Center server rebuilds the selected file, it sends the file, unencrypted and uncompressed, to the iroam server, where it remains for the user to download. Each retrieved file remains on the iroam server until cleaned off the server (discussed in the next section). Since the file is sent to the iroam server uncompressed (unlike with the Agent, for which the file is sent compressed), download times could possibly be relatively long, depending on the size of the file. Users should keep this factor in mind when selecting large files. Understanding Connected DataProtector 89

102 Chapter 17 / iroam Cleaning Files Off of the iroam Server So that files don t remain available for download for an unlimited amount of time on the iroam server, iroam uses a process called garbage collection to remove old files from the server. If you host your own Data Center, you can deploy iroam to use garbage collection in one of two ways: Clean files off of the server approximately every seven days. Clean files off of the server when a user terminates their iroam session. Garbage collection for iroam affects only the files prepared for download on the iroam server. It does not affect the backed up files on the Data Center server. Cleaning Files Approximately Every Seven Days By default, garbage collection runs daily on the iroam server. When it runs, it determines the last time each account logged on to iroam. If an account has not logged on to iroam for seven days or longer, garbage collection cleans all files for that account off of the iroam server. If an account has logged on to iroam within the past seven days, garbage collection leaves that account s files in place. The drawback with this method of garbage collection is that it is technically possible for some files to never get cleaned off of the server. If a user logs on to iroam more frequently than every seven days, then garbage collection would never delete that account s files. Cleaning Files When an iroam Session Terminates If you host your own Data Center, and you don t want to use the seven-day method for garbage collection, you can set up your iroam server to clean an account s files off of the iroam server when the iroam session for that account is terminated. Using this method, files are only available for the period of time that the user remains logged on to iroam. As soon as the iroam session is terminated, garbage collection cleans that account s files off of the iroam server. 90 Connected Corporation

103 Cleaning Files Off of the iroam Server A user remains logged on to iroam until their session terminates. A session terminates either when the user logs off or when their session times out because of inactivity. The default timeout for inactivity is 20 minutes, however you can change that value on the iroam server. For instructions on changing the timeout value, refer to the Setting Up Connected DataProtector manual. To use this method of garbage collection, you must manually add a Windows registry key to the iroam server. For instructions on creating this registry key, refer to Setting Up Connected DataProtector. Until you add this registry key to the server, iroam uses the seven-day method for garbage collection. The drawback to this method is that the file the user is trying to retrieve is only available during the current iroam session. If the user s session times out from inactivity, or if the user accidentally logs off from iroam, they would lose any files they prepared for download and would have to select and prepare them again for download. Understanding Connected DataProtector 91

104 Chapter 17 / iroam 92 Connected Corporation

105 PART II: AGENT Chapter 18: Agent Overview Chapter 19: Agent Deployment Chapter 20: Agent Interface Chapter 21: Storage and Optimization Chapter 22: File Backup Chapter 23: File Retrieval Chapter 24: Agent to Data Center Connections Chapter 25: Heal Chapter 26: Agent Security Features Chapter 27: Agent Logs and Messages Chapter 28: Agent Information Web Pages

106

107 18 AGENT OVERVIEW Part of rolling out the Connected DataProtector solution involves configuring and deploying the Agent on end-user computers and laptops within your organization. The Agent scans the computers hard drives for eligible files and contacts the Data Center to initiate a backup session. The Agent also prepares files for backup, and notifies the Data Center if previously backed-up files have been deleted by the user since the last backup session. When an end user wants to retrieve files, or if a complete Heal is required to restore a damaged system, the Agent enables users to issue requests to the Data Center and download the necessary files. The chapters in this section provide detailed discussions of Agent functionality, features, and concepts. Each chapter provides a conceptual overview plus tips for optimizing your organization s implementation of Connected DataProtector. This chapter discusses the following topics: Ways to interact with the Agent, including its user interface and command line syntax Deployment options and administration of deployed Agents Backup features and options Configurable Retrieve options and features Network and dial-up connection settings Security features and privileges Event and alert logs Configurable external URL feature 95

108 Chapter 18 / Agent Overview Agent Interface Deployment Backup Retrieve Depending on your organization s data protection polices, you might grant your end users none, some, or total control to alter their own Agent backup settings. In some situations, you might want to fully automate backup sessions and eliminate the need for any end-user involvement in daily backup sessions. Or, your organization might grant different communities of end users access to some or all of the configurable Agent settings in the Agent interface. Chapter 20: Agent Interface, beginning on page 103 discusses these options, plus the available command line syntax that you can use to interact with the Agent from a command prompt. The setup file used to install and register the Agent is created using Support Center. Once created, you can deploy the Agent using Support Center s central administration feature, file distribution software, or other methods that suit your needs. Refer to Chapter 19: Agent Deployment, beginning on page 99 for detailed information on creating and deploying the Agent. You can configure the Agent to back up all files or data files only. You can also configure the Agent to exclude specific files from the backup, backup automatically during a specific time frame, and backup if the computer has been disconnected from the network for a given length of time. Refer to Chapter 22: Backup Settings and Configurations, beginning on page 121 for more information how files are backed up and the options that are available. You can retrieve files several different ways using the Agent. Once files have been backed up, you can retrieve one file, retrieve all data files, or restore your entire system. You can retrieve files through a network connection or from a CD created for the account. Refer to Chapter 23: File Retrieval, beginning on page 127 for more information on how files are retrieved. 96 Connected Corporation

109 Data Center Access Data Center Access Security Logging The Agent can connect to the Data Center using an Internet or network connection. You can configure your firewall to allow the Agent access to the Data Center. The connection between the Agent and Data Center is always initiated by the Agent. The Data Center server never initiates a connection with the Agent. Refer to Chapter 24: Agent to Data Center Connections, beginning on page 131 for more information on how the Agent connects to the Data Center. The Agent uses several methods to secure the data that it is backing up. The Agent uses an encryption key to encrypt all files before transmission to the Data Center. You also have the option to implement a second password for extra security during file retrieval. Refer to Chapter 26: Agent Security Features, beginning on page 139 for more information on the Agent s security features. The Agent keeps a log of every connection (or connection attempt) to the Data Center. You can also create messages to send to the end user during a backup or file retrieval (for example, to inform them of server maintenance or changes to their Agent). Refer to Chapter 27: Agent Logs and Messages, beginning on page 143 for more information on the Agent logs and messages. Linking to an External URL You can display a link to an external URL from the Agent interface. The link can bring the end user to a Web site that you create with support information, downloads, or other useful information. Refer to Chapter 28: Agent Information Web Pages, beginning on page 145 for more information on displaying a link to an external URL. Chapter 17: iroam, beginning on page 87 Understanding Connected DataProtector 97

110 Chapter 18 / Agent Overview 98 Connected Corporation

111 19 AGENT DEPLOYMENT Thoughtful planning, creation, and deployment of Agents within your organization are critical to the present and future management of your Data Center. How you configure Agents results in significant implications for the amount of data stored on the Data Center, security issues, and network usage. The method of deployment you choose can have a great impact on how quickly and efficiently the Agent is deployed to and used by the end users in your organization. Understanding the role of the Agent, as well as its many configurable features enables you to select and deploy the appropriate level of permissions and options for your end users. You configure the Agents using Support Center. For detailed instructions on configuring the Agent, refer to Support Center Help. How the Agent is Created and Deployed This chapter discusses the steps involved in planning and executing a successful Agent deployment. First time Agent deployment begins with logical grouping of your user accounts into communities. You can then define Agents that have appropriate and specific permissions and features for each community. After you create or modify an Agent, you can use a variety of distribution methods to download Agent Setup to end-user clients for installation and registration. Hands-on instructions for performing Agent configuration and deployment tasks are provided in the Setting Up Connected DataProtector manual and in Support Center Help. 99

112 Chapter 19 / Agent Deployment Define Communities For maximum flexibility, Connected DataProtector offers you the ability to configure multiple Agents with different properties for deployment to different groups within your organization. Using the Agent Configuration Editor (ACE), which is accessible from Support Center, you can define communities by such factors as department, geographical location, or job function. Before creating new Agents, consider the different users within your organization and determine how they can most benefit from various Agent features. This enables you to create and deploy Agents that are specifically suited for each type of user. For example, laptop users frequently take their computers offline and travel with them. These computers require different network connection and security features than desktop computers that remain within your firewall and are connected directly to your network. Once you create a community and assign individual accounts to it, you can deploy an existing Agent to that community, or develop a new Agent with properties designed to meet that community s specific requirements. For more information about defining and managing communities, refer to Chapter 12: Accounts and Communities, beginning on page 59. Define Agent Properties and Settings All Agent configurations currently defined for your organization appear under the Configurations node in Support Center. To define a new Agent, you must define the following components: Agent version, which determines the software version and language used in the Agent s interface. Agent settings, which determine the settings and features that are available to end users. File selection rules, which determine which files are included and excluded for backup. Use ACE (from within Support Center) to select optional functionality for the Agent. For detailed instructions on creating Agent configurations using Support Center, refer to Support Center Help. For more information on Agent settings, Agent version and rules refer to Chapter 13: Agent Configurations, beginning on page Connected Corporation

113 How the Agent is Created and Deployed Registration Options When creating and configuring the Agent you must decide which registration method to employ. Two registration methods are offered. One uses a registration code and password, and the other uses a unique ticket for registering the Agent on the Data Center. If you use the registration code and password method, the same code and password is used for all Agents registering to one community. Each community has its own unique registration code and password. This method is easier to deploy because all Agents use the same code and password. The limitation with this method is a lack of control over how many accounts are created on the Data Center. If you use the ticket registration method, a unique ticket is created for each Agent that registers to the Data Center. This method requires more detailed management of Agent deployment, but it offers you control over exactly how many accounts are created on the Data Center. Distribute Agent Setup After you configure the Agent s features, Support Center compiles your selections into an Agent Setup application that installs the Agent on the client. By default, the Agent Setup application is named Setup.exe, but you can change the name to reflect your users Support Center communities. For example, you can name the Agent Setup application used for employees in the Sales department SetupSales.exe. You can distribute this executable to your computers using any file distribution method, including , downloads from Web sites, network shares, compact discs, or file distribution software such as Tivoli TME 10, Computer Associates TNG, and Microsoft Systems Management Server (SMS). Install and Register the Agent After Agent Setup is run on the client and the Agent files are installed, the Agent connects to the Data Center to register. Registration establishes on the Data Center an account that identifies the client to the server. The Data Center assigns a 10-digit account number to the Agent. This account number is used to label and organize all data backed up from the client. The Agent s account is specific to the client. You cannot use the same account number for more than one Agent installation. Understanding Connected DataProtector 101

114 Chapter 19 / Agent Deployment Like installation, the registration process can be controlled by the user using a wizard, or can be configured to run automatically without requiring the user to select options. The registration wizard requires users to provide any information essential for the Agent to connect and identify itself to the Data Center if this information was not pre-specified in Agent Setup using ACE. For example, if you do not configure Agent Setup with your organization s name and address, the registration wizard prompts the user to provide this information. The wizard can also prompt users to select optional security features, such as account passwords, if these features are enabled in the Agent configuration. Each Agent registered on the Data Center is tallied against the total number of permitted users according to your organization s license agreement. When that total is reached, the Data Center does not accept new registrations from Agents until more seats are purchased or unused accounts are cancelled. Recovering Agent Accounts It could become necessary to reestablish an Agent on a client if, for example, the end user is given a new computer or if the computer needs to be reformatted. This procedure is called account recovery. The purpose of an account recovery is to reinstall the Agent as well as reestablish the account information for that Agent. To perform an account recovery, you must provide the user s account number, encryption key, and account password (if applicable) during registration. If you do not have this information, you cannot recover the account. Users should be instructed to save this information offline in case the account must be recovered in the future. 102 Connected Corporation

115 20 AGENT INTERFACE Agent Tabs The Agent is usually configured to back up computer data automatically without requiring the user to start or manage the process. However, the Agent s interface enables end users to start backups manually rather than wait for scheduled backups to occur, and to retrieve files that were previously backed up. Also, you can set the Agent to allow users to access advanced features such as Heal, CD ordering, and Data Migration and to adjust their backup schedules and preferences. The controls available to users through the Agent vary depending on the Agent s configuration. The Heal View tab, for example, is not visible on Agents that do not include Heal functionality. This chapter provides a brief overview of the Agent s controls (for detailed instructions on using the Agent, refer to Agent Help). The controls discussed in this chapter include: Agent tabs Hot key commands Command line interface The Agent interface contains a tabbed view, with each tab providing different functions. Depending on the permissions granted in the Agent configuration, some functionality is hidden from the end user. Each tab displays different information and permits easy access to basic backup and retrieve functionality. The tabs are labeled Home, Backup View, Retrieve View, Heal Wizard, and Log. 103

116 Chapter 20 / Agent Interface Home The Home tab displays the name of the user, the account number, and the date, time and size of the most recent backup. If the last backup was not fully successful a warning is displayed. If the number of days since the last fully successful backup exceeds the preconfigured limit, a warning is displayed. This tab can also contain a link to a Web site that you create to display information about the account, such as usage rates and backup sizes. For more information on this feature, refer to Chapter 28: Agent Information Web Pages, beginning on page 145. Backup View The Backup View tab displays the files that need to be backed up and, with the proper setting, enables end users to include and exclude files from the backup. For information about the backup process, refer to Chapter 22: File Backup, beginning on page 117. Retrieve View The Retrieve View tab displays files that have been previously backed up and controls that allow you to retrieve these files or previous versions from the Data Center. For more information about retrieving files, refer to Chapter 23: File Retrieval, beginning on page 127. Heal Wizard Log The Heal Wizard tab is visible only to users who have been granted permission to use the Heal feature. Heal allows the end user to initiate and configure a Heal process. To learn more about Heal, refer to Chapter 25: Heal, beginning on page 135. The Log tab displays results for each backup, retrieve, Heal, Data Migration, or Audit scan. These logs can be used to determine if these events were successful and which files, if any, were not successfully backed up, retrieved, Healed, or migrated. To learn more about Agent logs, refer to Chapter 27: Agent Logs and Messages, beginning on page Connected Corporation

117 Hot Key Commands Hot Key Commands There are several hot keys (keyboard shortcuts) in the Agent user interface that enable you to use features that the end user is restricted from viewing. For example, you can configure the Agent to hide the Advanced Heal View tab and Advanced Heal menus from the user, but enable the hot key commands so you can initiate an Advanced Heal on the computer if necessary. You can enable or disable the following hotkeys in an Agent configuration using ACE. Hot Key [CTRL]-B [CTRL]-R [CTRL]-F [CTRL]-W [CTRL]-A [CTRL]-P Description Initiates a backup. Initiates Retrieve. Starts the Find feature that enables users to search files in the Backup View or Retrieve View tab to find particular file names or extensions. Starts the Heal Wizard, which performs basic Heal tasks. Starts the Advanced Heal feature. You can hide this feature and make it available only through this hot key. Starts a Heal operation. For more information about configuring Agent settings, refer to ACE Help. Command Line Interface You can run the Agent from a command line by invoking cobackup.exe and using the available switches to control the Agent and accomplish tasks such as backups and retrieves. To run the Agent with switches, open a command prompt and navigate to the Agent installation directory. Type the name of the Agent executable (cobackup) followed by the appropriate switch(es), and then press [Enter]. Understanding Connected DataProtector 105

118 Chapter 20 / Agent Interface The following table provides switches that you can use with the Agent:. Switch Description -b Performs a backup immediately Example: cobackup -b -be -be0 -be1 -be2 -bi Performs a backup and then exits the application. Example: cobackup -be Performs a backup and then logs off from Windows. Example: cobackup -be0 Performs a backup and then shuts down the computer. Example: cobackup -be1 Performs a backup and then reboots the computer. Example: cobackup -be2 Performs an invisible backup. Used when running an automatic (scheduled or opportunistic) backup while the user is not logged on. When started with this switch, the Agent does not prompt the user before proceeding with backup, regardless of whether or not it is configured to do so. This switch also causes the backup to run invisibly in that it runs minimized. Example: cobackup -bi 106 Connected Corporation

119 Command Line Interface Switch -bt Description Initiates a timed backup. Used when running an automatic (scheduled or opportunistic) backup while the user is logged on. The backup runs in invisible mode but prompts the user before beginning the backup if the Agent is configured to notify the user before initiating the backup. Example: cobackup -bt -m Indicates if a scheduled backup was missed. This switch is used with either the -bi switch or the -bt switch. Example: cobackup -bt -m Understanding Connected DataProtector 107

120 Chapter 20 / Agent Interface Switch -r: (name) (options) Description Restores the specified file or folder name. (name) represents the name of the file or directory you want to restore. (options) represent optional parameters to further define the file or folder you want to restore. The parameters can be: AD: YYYY-MM-DD HH:MM:SS Specifies the as of date and time for the file or folder being restored, where the date and time is specified in the format shown. SD Restores all subdirectories (as well as subdirectories subdirectories) if the value for (name) is a directory name as opposed to a file name. PW: (password) Specifies the account password to use if restoring for an account that has a password. (password) represents the account s password. IN: (file extensions) Restores only files with the specified file extension(s). (file extensions) represents each file extension to restore. For more than one file extension, separate each extension with a semicolon (;). ND: (path) Specifies a new directory name in which to restore files to avoid overwriting files that might still exist in the original directory. (path) represents the complete path, including drive letter, to the new directory. If you do not use this switch, and if a file is being restored to a drive that no longer exists, it is restored to C:\@drive_X\(original path and filename). 108 Connected Corporation

121 Command Line Interface Switch -r: (name) (options) continued -ra (account),(encryption), (password) -rd (path) Description Example: cobackup -r my documents SD IN: doc;txt ND: c:\retrievedfiles or cobackup -r meeting.doc PW: ABC123 Performs a silent account recovery. (account) represents the ten digit account number. (encryption) represents the account s encryption key. (password) represents an optional account password and is used only if the account uses one. If the account does not have a password then omit the password. Notice that, unlike some other switches, this switch does not use a colon (:) between the switch and parameters and the parameters are not placed in double quotes. Example: cobackup -ra ,encrpt Specifies a directory to which files will be retrieved. (path) represents the full path, including drive letter. Notice that, unlike some other switches, this switch does not use a colon (:) between the switch and parameter. Example: cobackup -rd c:\retrievedfiles Understanding Connected DataProtector 109

122 Chapter 20 / Agent Interface Switch -rl: (file list) (options) Description Restores files listed in the specified file list, which is represented by (file list). If you use the forward slash character (/) for (file list), then all data files in the backed-up file set are restored (this is Data Migration). (options) represent optional parameters to further define the files you want to restore. The parameters can be: AD: YYYY-MM-DD HH:MM:SS Specifies the as of date and time for the files being restored, where the date and time is specified in the format shown. PW: (password) Specifies the account password to use if restoring for an account that has a password. (password) represents the account s password. IN: (file extensions) Restores only files with the specified file extension(s). (file extensions) represents each file extension to restore. For more than one file extension, separate each extension with a semicolon (;). ND: (path) Specifies a new directory name in which to restore files to avoid overwriting files that might still exist in the original directory. (path) represents the complete path, including drive letter, to the new directory. If you do not use this switch, and if a file is being restored to a drive that no longer exists, it is restored to C:\@drive_X\(original path and filename). Example: cobackup -rl /PW: ABC Connected Corporation

123 Command Line Interface Switch -rt: (file list) Description Produces a list of directories that have been backed up and places the information in the specified file list, which is represented by (file list). The directory tree is produced in alphabetical order and is depth first (that is, all subdirectories of the first root-level directory are listed before subdirectories of the second root-level directory). The directories are listed with their full path and each full path exists on a single line of the file. Each line ends with a back slash character (\), as this indicates to the command-line file retrieval mechanism that the entry is a directory (as opposed to a file). -u (id) Used to provide an Enterprise Directory logon ID, which is represented by (id). Understanding Connected DataProtector 111

124 Chapter 20 / Agent Interface 112 Connected Corporation

125 21 STORAGE AND OPTIMIZATION This chapter describes the two different methods available for backing up Microsoft Outlook and Lotus Notes files. The standard method, which backs up an account s as a single file, and the optional Optimizer method, which enables the Agent to analyze individual messages and attachments, thereby making the most of Connected Delta Block and SendOnce technology. Optimizer is an optional feature available in Connected DataProtector. Standard Backup During a standard backup, the Agent treats the contents of an file (.pst for Microsoft Outlook or.nsf for Lotus Notes) as binary data, and backs it up as it would any other data file. During a first-time backup, the Agent compresses, encrypts, and sends the account s.pst or.nsf file to the Data Center. Active users on average can receive and send significant amounts of between backup sessions. During subsequent backups, the Agent backs up just deltas to the file, or the changes accrued from sent and received . Because the individual files and attachments are encapsulated in one file, the complete contents of any attachments received since the last backup are sent in their entirety. Furthermore, the Agent cannot determine if attached files are duplicates of attachments present in other accounts, and it cannot submit them to the SendOnce pool. As a result, one attached file that s been ed to twenty users can result in the creation of twenty copies on the Data Center, instead of just one copy that could be shared by all twenty accounts. This can result in a disproportionate amount of your Data Center disk space being consumed by duplicate files. 113

126 Chapter 21 / Storage and Optimization If Outlook is running during a standard backup session, the files for that account will not be backed up. To ensure that files are successfully backed up, schedule backups to occur at times when it is less likely that users will be using their computers. Optimizer enables your Agents to backup files at any time, even when Outlook is running. Optimized Backup Optimizer functionality enables the Agent to examine individual messages while applying SendOnce technology to attachments. By enabling Agents to submit attached files to the SendOnce pool, Optimizer greatly reduces the overhead potentially generated by files, which in turn reduces disk consumption on the Data Center. Keep in mind that the Agent only backs up locally stored e- mail messages. Messages that are kept on the mail server are not included in backups. By storing users locally and using Connected DataProtector, you can safely offload some of the burden on your mail servers while safeguarding your end-users . For example, suppose your training department ed a Microsoft PowerPoint slide presentation to several employees. When their next backups occur, the Agent detects that the PowerPoint attachment is an exact duplicate of the copy that training developed and backed up prior to sending it via . Instead of backing up multiple copies of the presentation, the Agent sends one copy to the SendOnce pool that all user accounts share. 114 Connected Corporation

127 Optimized Backup If Outlook files are password protected, the Agent cannot decompile the files for detailed analysis. In this case, the Agent backs up using standard backup, and is unable to make use of Optimizer technology. Optimizing Attachment Backups During analysis, the Agent determines if any message attachments are copies of files that already exist in the SendOnce pool, or if another copy of the attached file exists on the client. Attachments are handled in one of three ways: If the attachment is an original file, and no other copies of it exist on the client or the Data Center, the Agent backs up the entire file. If duplicate copies of the attached file exist on the client, the Agent records which files are exact duplicates, then sends one copy to the Data Center that serves as source copy for each duplicate. If the attached file already exists on the Data Center, the Agent creates a reference to the SendOnce copy on the Data Center. After transmission, the Agent deletes any copies of attachments created for analysis. Understanding Connected DataProtector 115

128 Chapter 21 / Storage and Optimization 116 Connected Corporation

129 22 FILE BACKUP Backup refers to the process the Agent uses to upload data from the client to the Data Center. During backup, the Agent scans the computer s hard disk and identifies files to back up. Files are included in backups if they have not previously been backed up or if the files have changed since the previous backup. The Agent then compresses and encrypts these files and uploads them to the Data Center. In the case of changed files, the Agent only backs up the changed portions of the files. The Agent can back up any file up to 3.6 gigabytes in size. During a backup, the Agent performs the following tasks: Scans the computer s hard disk Analyzes files identified in the scan Connects to the Data Center Transmits the files Records backup results This chapter discuss each of these tasks in further detail. It also provides information on backup settings, configurations, and the optional Audit feature. Scan of the Computer Hard Disk When the Agent initiates a backup, either in response to a user request or in accordance with its backup schedule, it scans all files stored on accessible disk drive volumes. This scan can include resources on removable, fixed, and network share drives. 117

130 Chapter 22 / File Backup The Agent makes a list of files that are eligible for backup, based on its file selection method. For information on how the file selection method impacts backup, refer to File Selection, on page 123. An Agent may have additional file selection rules that further restrict which files, file types, directories, and drives the Agent backs up. These rules are configured prior to Agent installation using Support Center but can be modified later using the Agent if the end user is granted access to the Rule Wizard and Advanced Backup Rules control screens. For more information about managing file selection rules, refer to Chapter 15: File Selection Rules, beginning on page 75. Analysis of Files Identified in the Scan During analysis, the Agent reviews the list of files it compiled during the scan and determines whether each file is new, modified, or an exact duplicate of another file on the computer. It also determines if any previously backed- up files have since been deleted by the user. From this analysis, the Agent then determines what needs to be done with each file and how to present them to the Data Center. For example: If the file is new, send the entire file and designate it as a base. If the file has been modified, determine which portions have changed and send that information as a delta. If the file is a duplicate of another file, designate a link to the duplicate copy and do not send another copy of the file contents. If a file that was previously backed up has since been deleted, send a file header that notifies the Data Center. Once the Agent analyzes a file, it can prepare files and file information for transmission to the Data Center. Identifying Modified Files The Agent only backs up newly created files and the portions of files that have changed since the last backup. This process ensures complete protection of the account s files while reducing disk space utilization on the Data Center. To determine if a file has changed since the last backup session, the Agent checks its modification date (MDATE), size, directory path, and security descriptors (for files on Windows NT/2000/XP file systems). 118 Connected Corporation

131 Analysis of Files Identified in the Scan The Agent determines which portions of the file have changed by comparing the file s digital signature with that of the version stored on the Data Center. The Agent only backs up the changed portions, or deltas, of these files. Microsoft Outlook and Lotus Notes store all of a users s messages in a single *.pst or *.nsf file. Because of this, during a standard backup, the Agent cannot analyze the contents of individual messages and file attachments to identify changes. Nor can it determine if the attached files already exist in the Data Center s SendOnce pool. As a result, any new attachments received since the last backup are sent, in their entirety, to the Data Center for backup. However, if you use the optional Optimizer feature, the Agent can decompile the mail files and then analyze and back up attachments separately. Optimizer makes it possible for the Agent to apply Delta Block and SendOnce technology to individual mail folders and attachment. This greatly reduces the amount of Data Center disk space consumed by multiple copies of duplicate attachments. For more information on Optimizer, refer to Chapter 21: Storage and Optimization, beginning on page 113. File Preparation The Agent compresses and encrypts file data before transmitting it to the Data Center. It uses the ZLIB compression library to compress both base and delta file data and then encrypts it using the encryption method specified for the Agent. Using the Agent Configuration Editor (ACE), you can configure the level of encryption used by an Agent. Refer to ACE help for information about modifying Agent security settings. Refer to Chapter 26: Agent Security Features, beginning on page 139 for more information on the encryption levels available for use in Agents. Understanding Connected DataProtector 119

132 Chapter 22 / File Backup Connection to the Data Center The Agent connects to the Data Center using its preconfigured network connection option. When the Agent contacts the Data Center, it uses the account number to identify itself. Once it authorizes the connection, the Data Center creates an empty archive set for the account and waits to receive files from the Agent. As it waits to receive files, the Data Center simultaneously downloads a list of expired files to the Agent. The Agent records these file expirations in its own local database on the client. The Agent also checks the Data Center to determine if any of the files that are ready to be backed up already exist in the SendOnce pool. If an exact copy already exists in the SendOnce pool, the Agent does not send the file s content, but it does send information about the file s name and location to the Data Center. The Agent and Data Center can use this information at a later time to retrieve the file content from the SendOnce pool to restore the client s copy of the file. The Agent initiates all connections between the client and the Data Center server. The Data Center never initiates contact with the client. Even when an Agent s configuration has been modified through Support Center, the changes are downloaded only when the Agent connects to the Data Center. File Transmission Once it has established a connection to the Data Center, the Agent initiates the backup session. The backup session itself is a multi-step process: 1. The Agent transmits the file s digital signature to the Data Center. The Data Center compares this signature with other files stored in its database. If an identical file exists in its database, the Data Center cancels the file backup and notes the file in the SendOnce pool. 2. If the file is not entered into the SendOnce pool, the Agent compresses the file using the ZLIB compression library. 3. The Agent encrypts the file using the Agent s encryption key. 4. The Agent transmits the compressed and encrypted file to the Data Center. 120 Connected Corporation

133 Backup Results Backup Results 5. As the Data Center receives the files, it packages them into archive sets. The Data Center transmits an acknowledgement (ACK) or non-acknowledgement (NACK) for each file it receives or fails to receive from the Agent. The Agent uses these receipts to update the Agent database. You can view the results of the backup using the Agent s logs on the client. There are times when the Agent is unable to back up a file because it is in use by another application at the time of backup. In this case, the Agent periodically attempts to create a snapshot (an encrypted, compressed file containing changed data) of the file. If the file is again in use by another application during the next backup, the Agent backs up the snapshot. There are a limited number of files that are not able to be backed up while in use by other applications. Backup Settings and Configurations Connected DataProtector offers flexible configuration options. You can deploy customized Agents for use by various types of communities within your organization, which enables you to offer appropriate levels of protection for each user. When you create or modify an Agent using Support Center, you should select backup settings that suit the unique needs of your users. Agent backup settings include: Backup schedules File selection method File selection rules Backup size limit When configuring these settings in Support Center and ACE, you can grant access to features in the Agent that allow the end users to edit their schedules, file selection method, file selection rules, and size limits. For information on how to access ACE and use it to configure these settings, refer to Support Center Help. Understanding Connected DataProtector 121

134 Chapter 22 / File Backup Backup Schedules By default, the Agent backs up files automatically according to a predetermined time schedule. You can configure your Agents to start a backup during the same time period each day. For example, the Agent can perform a backup each night between midnight and 6:00 A.M. Another option is for the Agent to initiate a backup whenever it detects a network connection, if a backup hasn t previously been performed within the predefined time period (for example, 36 hours). Or, you can configure the Agent to initiate a backup when it detects that Windows is shutting down. You can disable all scheduling options and give the users responsibility for starting their own backups at times of their choosing. You can also grant users access to control screens in the Agent that allow them to set their own backup schedules. All of these permissions and settings are configurable using ACE. Refer to Support Center Help for information on modifying or creating new Agent configurations. Backing Up According to a Fixed Schedule If the Agent resides on a computer that is regularly running and connected to your network, you can configure the Agent to initiate backups according to a regular time schedule. The Agent starts a backup on each day specified in its schedule, performing the backup during the defined time period. For example, you can configure your desktop computers to back up each night between midnight and 4:00A.M. You should define a time period of several hours rather than a specific time for each backup because the backups are scheduled for a random time within the specified period, thus reducing network traffic at any given time. Opportunistic Backups Not all computers are regularly connected to the network. Laptops, for example, are frequently disconnected. To suit these computers, you can schedule backups to occur when the Agent detects an active network connection. If the Agent hasn t performed a backup during a set period of time (for example, 36 hours), it performs one whenever it detects a connection. You can limit the connection type to direct connections such as local area networks if dial-up connections are too slow for the user. 122 Connected Corporation

135 Backup Settings and Configurations Backing Up Before Exiting Windows In addition to fixed schedule and opportunistic backups, the Agent can also start backups when it detects that Windows is shutting down. The shutdown process is halted while the Agent backs up and resumes once the backup is complete. You can configure the Agent to prompt the user for permission to halt the shutdown process or to cancel or defer the backup. File Selection The Agent s file selection method, in addition to file selection rules, determine which files the Agent includes in its backups. You can choose the file selection method in the Agent before deploying it to your end users, or you can allow users to choose it or themselves. If you decide to let users configure these options, you can limit their choices. For example, you can allow users to choose only Automatic or Manual File Selection. An Agent uses any one of three file selection options: Full System File Selection, Automatic File Selection, or Manual File Selection. Full System File Selection Full System File Selection configures the Agent to backup all files on the computer s drives except for those that are unnecessary, such as temporary or cache files. This option offers the highest level of backup protection for the end user but also potentially consumes a greater amount of disk space on the Data Center. Automatic File Selection Automatic File Selection configures the Agent to back up only data files. These files are created and used by applications but are not part of any application. For example,.doc files are data files used by Microsoft Word, but aren t an integral part of the Microsoft Word application. If you use this option, you must restore applications using their original source rather than retrieving them through the Agent. You might consider this option if you host your own Data Center and have limited space on its server(s). Manual File Selection When an Agent is configured for Manual File Selection, it only backs up files that are hand-selected by the user. This can be an appropriate level of protection for some users who need only preserve a small, relatively static number of data files. Understanding Connected DataProtector 123

136 Chapter 22 / File Backup File Selection Rules In addition to its file selection method, the Agent uses file selection rules to determine which files to include and exclude during the backup. You initially configure file selection rules in Support Center by defining two basic categories of rules, data and full system recovery (FSR) rules, and applying those rules to specific Agent configurations. For new Agent installations, these rules are automatically included within the Setup program and are installed with the Agent. For existing Agents that are already deployed, any file selection rule change is automatically downloaded to the Agents the next time they connect to the Data Center. Optionally, you can configure Agents to allow end users to customize their own file selection rules using the Rule Wizard and Advanced Backup Rules screens in the Agent. If end users customize these rules, the Agent merges them with the data and FSR rules you initially defined to deploy with the Agent. The Agent also considers these customized rules when it determines precedence between conflicting files. For more information on file selection rules and rules precedence, refer to Chapter 15: File Selection Rules, beginning on page 75. Agents using Manual File Selection do not use file selection rules since all files are available to the end-user for selection. File Selection Limits You can configure the Agent to restrict the volume of files selected for backup. If the Agent finds the total volume of files eligible for backup exceeds the file selection limit, the end user is asked to deselect files or is directed to a Web site that you can create for upgrade information. File selection limits are useful if your Data Center has limited storage capacity or if your network has limited bandwidth. Refer to ACE help for more information about setting a file selection limit. For more information on setting up an Agent information Web site, refer to Chapter 28: Agent Information Web Pages, beginning on page Connected Corporation

137 Audit Audit The optional Audit feature allows you to back up information about the client s hardware and software. Audit preserves information about the client s hardware devices, installed software, hardware and software upgrades, and the location of *.exe and *.dll files. The Agent automatically performs Audit at the end of the backup process. For the Audit feature to properly display software assets, the Agent must perform backups using Full System File Selection. Once the backup is completed, the Agent transmits the version information for each backed-up.exe and.dll file to the server. Audit Requirements The Agent collects Audit information using either the Desktop Management Interface (DMI) or the System Management Basic Input/Output System (SMBIOS). Both DMI and SMBIOS provide information about computer hardware that is required for Audit to function. The client must have one or the other installed if you plan to use the Audit feature. DMI defines components that collect and store information about components such as the microprocessor, various drives, network adapters, memory, and a number of other hardware-related components. Audit communicates with the DMI to obtain information about the hardware and software installed on the client and stores that information in the Asset database. DMI manages a Management Information Format (MIF) database on the local computer. When a new component is installed, an appropriate MIF file is added to the MIF database, including the component in the computer's inventory properties. When an Audit session is started at the end of a backup session, the Agent first tries to determine whether the DMI service layer is running on the client. If it is running, Audit queries DMI for all hardware information. The acquired hardware asset information is transmitted to the Data Center, which writes it to the HardwareAsset table of the Asset database. If DMI is not available, SMBIOS, can also provide the necessary hardware asset information to the Agent. Understanding Connected DataProtector 125

138 Chapter 22 / File Backup 126 Connected Corporation

139 23 FILE RETRIEVAL The Agent s retrieve functionality enables end users to download backed-up files from the Data Center to restore files that have been lost or corrupted on their computers. The Retrieve View tab in the Agent user interface displays a list of retrievable files. This chapter discusses the following processes involved in the typical Retrieve session: End user selects file to retrieve and initiate the download. End user specifies a destination location. Data Center collects and repackages the requested files. Agent downloads the repackaged files, uncompresses and decrypts them, and saves them to the computer. This chapter also discusses optional Retrieve features. Selecting Files By default, the Agent s Retrieve View tab lists the most recent versions of files created during the Agent s last backup. However, you can change the options to display all versions of all files or to show the files that were backed up on or before a specified date. This enables you to retrieve earlier versions of files and not just the most recent. For convenience, you can display only data files or both data and application files. To start a Retrieve, you simply select the versions of the files that you want and click a button to begin downloading. If the account is password protected, you are prompted to enter the password to authorize the file retrieval. 127

140 Chapter 23 / File Retrieval Selecting a Destination Location When retrieving files, you have several options for avoiding file name conflicts. You can retrieve the files to their original location using conflict resolution rules to rename either the local or retrieved files: Automatically rename conflicting files already on the drive. Files currently in the destination folder of the same name are renamed to avoid conflict. Automatically rename conflicting files being retrieved. Files being retrieved with the same name as a file currently in the destination folder are renamed to avoid conflict. Instead of retrieving files to their original folders, you can select a different destination folder or create a new one. The Retrieve all files to a different directory option enables you to browse for an existing folder or to create a new one. You can opt to retrieve the original folder structure of the retrieved files. If you do, the path of the retrieved files is recreated in the folder that you selected for the Retrieve. Once you select a destination or conflict resolution rules, the Agent connects to the Data Center and authenticates using the account number. The Agent submits the Retrieve request to the Data Center and waits to receive files. Repackaging Files Many of the files requested by the user have likely been backed up multiple times, recording incremental changes, or deltas, in one or more archive sets. In Data Centers with tape libraries or other storage devices, the requested files could have long since been migrated off the Data Center server to the auxiliary device. The Data Center collects all of the archive sets it needs to reconstitute the requested version of the files from its own server and, if applicable, from its auxiliary storage devices. It then extracts all of the required base and delta files from the archive sets and merges them together to create the file or files requested by the Agent. Before downloading the files, the Data Center recompresses and re-encrypts the files for security. Downloading Files The Agent decompresses the files and decrypts them before distributing them to the destination folder(s) and applies the selected conflict resolution rules. 128 Connected Corporation

141 Optional Retrieve Features Optional Retrieve Features You can configure the Agent with the following optional features to give your users more flexibility in retrieving files. Optional retrieve features include: File sharing CD retrieval iroam Data Migration notification File Sharing File sharing enables your users to retrieve files from each other s accounts on the Data Center. File sharing is useful for groups that frequently collaborate on files and for users who have more than one computer, such as a laptop and a desktop. The Agent on the desktop computer can share files with the laptop computer, even though the laptop has a different account. File sharing can be limited to specific folders, so users can share files for an individual project without granting access to all the files backed up from their computer. To share files, users must provide their encryption keys and account passwords, if an account password is used, to other users. Refer to Chapter 26: Agent Security Features, beginning on page 139 for more information. CD Retrieval As an alternative to retrieving files using a network connection to the Data Center, you can allow users to order CDs that contain their backed-up data. End users can then retrieve files from CD. This option is useful in situations where the size of Retrieve requests are likely to exceed the network connection s capacity to download the files within a reasonable amount of time. For example, a laptop computer using a dial-up connection at 28.8 baud can take hours to download a set of files that are each several megabytes in size. You can set the Agent to compare the user s retrieve request against the speed of the network connection and prompt the user to order a CD if it takes too long to retrieve the files using the current connection. If you host your own Data Center, you must use the CD Maker application to create data CDs in response to user requests. For more information about CD Maker, refer to Chapter 31: CD Maker, beginning on page 159. Understanding Connected DataProtector 129

142 Chapter 23 / File Retrieval iroam With the optional iroam application, users can download files from the Data Center using a Web browser rather than their Agent. This enables users to access their backed up files from any computer with Internet access. For more information about iroam, refer to Chapter 17: iroam, beginning on page 87. Data Migration Data Migration is a command line utility specifically designed for use by IT staff for the purpose migrating user data to new computers. You can use it to retrieve data files to a new computer with new hardware, operating system, and applications. If an end user s computer is replaced because of loss, theft or damage, Data Migration enables you retrieve that user s data files onto a new computer. Data Migration does not retrieve application or Windows registry files and cannot be used to create unauthorized copies of software applications. You cannot use this utility to migrate an application such as Microsoft Word or Excel. Data files are any files generated by users that are not intrinsic to the installation or execution of a software application or utility. Examples of data files include spreadsheets, text documents, files, address book files, source code files, and graphics, to name a few. Data Migration retrieves the most recently backed-up versions of files to either the original location or a new location on the new computer. Notification You can configure communities so that when files are retrieved from an account, an notification is automatically sent to the address registered with the account. notification adds an additional layer of security in that a user is notified of any file retrieval and can take appropriate action if an unauthorized person retrieved their files. You enable notification through Support Center at the Data Center, community, or subcommunity level (specific Agent configurations do not use e- mail notification; it is enabled for the entire Data Center or community). Refer to Support Center Help for instructions on enabling notification. 130 Connected Corporation

143 24 AGENT TO DATA CENTER CONNECTIONS The Agent can connect to the Data Center using any Transmission Control Protocol/Internet Protocol (TCP/IP) connection, including local area networks, wide area networks and dial-up modems. This flexibility makes the Agent compatible with virtually all network types. The Agent supports Windows Sockets 1.1 and Windows Sockets 2.0 specifications, utilizing whichever version is available. The network traffic generated by Agents depends on the number of Agents you have deployed, the backup and file selection methods used, and the Agents backup schedules relative to your network s peak and off-peak hours of usage. To minimize the Agents impact on your network, Agents assume the lowest priority when communicating with the Data Center. This chapter discusses the following concepts relative to the Agent connecting to the Data Center: Agent connection properties Connecting through firewalls Network interrupts Agent Connection Properties The Agent connects to the Data Center using the IP address of the server. In a mirrored configuration, you can designate which server the Agent contacts first when it attempts to connect. This is the Agent s primary server. 131

144 Chapter 24 / Agent to Data Center Connections Firewalls Either server in the pair can act as a primary or a secondary server. In a mirrored configuration, all backed-up data is replicated from one server to the mirror. So if the primary server is busy handling other transactions, the Agent can connect to the secondary server to perform backups, Retrieves, or Heals. You can designate different servers as the primary for different communities. For example, if you manage a mirrored configuration and have six distinct communities, you can designate Server 1 as the primary server for Communities A, B and C, then designate Server 2 as the primary server for communities D, E and F. This enables both servers to equally share the volume of Agent transactions. If the client and Data Center reside on different sides of a firewall, you must configure the Agent to connect to the Data Center through the firewall. The Agent can connect through a SOCKS firewall or an IP translation to the appropriate firewall IP/Port. You can configure firewall settings using Agent Configuration Editor (ACE) in Support Center or allow users to edit their own firewall settings during registration or later using the Agent interface. Refer to ACE Help for instructions on configuring Agent connection properties. Connecting Through a SOCKS Firewall All connections to the Data Center first require a connection to the SOCKS server. The server then sets up a connection with the Data Center using the IP/Port information specified by the Agent. To enable an Agent to connect to the Data Center through a SOCKS firewall, you must edit its Firewall Settings using ACE. You must specify the IP address and port number for the firewall. The Agent uses the SOCKS protocol to tell the firewall the IP address of the Data Center that it wants to connect to, as well as the port number (16384). No reconfiguration of your firewall is necessary if SOCKS is used. For more information, refer to the Setting Up Connected DataProtector manual. For more information about using ACE to configure Agent firewall settings, refer to ACE Help. 132 Connected Corporation

145 Network Interrupts Connecting Through a Non-SOCKS Firewall If your organization uses a non-socks-compliant proxy firewall, you must configure both the Agent and your firewall to communicate with the Data Center. Specifically, the Agent s firewall information is configured to map the Data Center IP address to the IP address of the firewall and the port on which to connect to the firewall. Domain names can be used instead of IP addresses when specifying the Data Center/firewall mapping. This mapping is specified for both the primary and secondary servers, if using a mirrored pair. The Agent accesses the mapping to connect to the IP address of the appropriate firewall (using the appropriate port) instead of connecting directly to the Data Center server. The firewall then routes the connection to the Data Center that is behind the firewall. Connecting Through Software Firewalls If the client computer uses a software firewall such as Zone Alarm or Norton Security, configure the Agent as if the computer didn t use a firewall. The firewall software might prompt the user to allow the Agent to connect before backing up or retrieving files. Network Interrupts If the Agent s initial attempt to connect to a Data Center that consists of a standalone server fails, the Agent records the failure in the Agent log. If the Data Center consists of a mirrored pair, the Agent attempts to connect to its secondary server if it cannot establish a connection to its primary server. If the Agent connects to its secondary server, it proceeds as normal and completes its task. If the Agent cannot connect to its secondary server, it records the failed attempt in the Agent log. If a connection is interrupted or lost during a backup, Retrieve, or Heal session, the Agent attempts to reconnect and finish the operation after waiting for a predefined period of time. After the waiting period, the Agent attempts to reconnect to the same server to which it was originally connected. The Agent does not attempt to connect to a different server to continue an aborted backup, Retrieve, or Heal session. When the Agent reconnects, it begins working at the beginning of the last file it was working on before the connection was interrupted. Understanding Connected DataProtector 133

146 Chapter 24 / Agent to Data Center Connections 134 Connected Corporation

147 25 HEAL Heal enables you to restore a computer s files and registry settings using the data stored during previous backups. Using Heal, you can repair the operating system and other files that have been corrupted on end users computers. Heal works by returning the computer s files and settings to the configuration that existed on the date selected by the end user. Generally, Heal is used in any of the following situations: An application has ceased to function reliably and the cause of the malfunction is undetermined. A computer s Windows registry settings have been altered and must be restored. The computer s operating system is producing errors or behaving erratically following a modification or possible virus infection. Heal Requirements Your computers must meet the following requirements to use Heal: The new computer s hardware must be identical to the original computer. If you are restoring end user data onto a new computer or onto a computer that has undergone repairs, make sure that all of hardware (hard disk, video cards, etc.) matches that of the original computer. The hard drive of the target computer may be larger than the original computer, but the system BIOS and video BIOS must match exactly. 135

148 Chapter 25 / Heal The target computer s operating system is the same as the original computer. You cannot use Heal to restore data on to a computer with a different operating system configuration than the original computer. For example, an account that was backed up from a Windows 98 computer cannot be restored onto a Windows XP system. If you are performing a partial Heal to restore only application, OS or configuration files, the target machine (the one to receive the restored files) must be identical to the machine that performed the last good full system backup. Make sure that the operating system (OS), OS path, computer name, OS, service packs and hardware exactly match those of the original. Also, make sure that the end user s account should be part of the local administrators group. If you are performing a complete Heal (restoring all files, including data), make sure that the OS of the target machine matches the original machine. When performing a complete Heal, it is not necessary to make the target machine s configuration identical to the original. Only the operating system must match. The Agent must be configured for Heal. If you are restoring a user account onto a new computer, make sure that you use the same Agent configuration as the original Agent on the old computer. The end user must be logged on to the computer with a Windows user account that is an administrator or has the following minimum security privileges: SE_BACKUP_NAME SE_INC_BASE_PRIORITY_NAME SE_INCREASE_QUOTA_NAME SE_LOAD_DRIVER_NAME SE_RESTORE_NAME SE_SECURITY_NAME SE_SHUTDOWN_NAME The client can access the Data Center, unless you are using Heal with a CD. The Agent has previously performed a successful backup using Full System File Selection. You cannot use Heal on a computer that has only performed Automatic or Manual File Selection backups. 136 Connected Corporation

149 Using Heal Using Heal You can run Heal directly through the Agent interface or from a command prompt (Refer to Command Line Interface, on page 105 for command line syntax reference). You can run Heal in two different modes, depending on the knowledge and experience of the user: Heal Wizard. The Heal wizard walks the end user through a number of screens, enabling them to choose Heal options and any previously successful backup dates to restore the computer back to its previous functionality. When using the Heal Wizard, the Agent makes all of the decisions as to which files and Windows registry keys should be restored, changed, or deleted. Advanced Heal. The Advanced Heal option gives end users or an administrator access to a directory-tree view of files, showing which files need to be added, deleted, or changed to repair the computer to the previous successful backup date selected. Advanced Heal also allows end users to select which Windows Registry settings to retrieve. Heal enables you to restore some or all of the files on a target computer. Using the Heal Wizard, you can select one of the following options: Restore only application, operating system, and configuration files. This option preserves data files that have been created since the backup. For example, if you have created spreadsheets, reports, documents, and other files since the last Full System Backup, this option will preserve these files while restoring executables,.ini and.dat files, and other system data to their previous state. Restore all files, including data files. This option restores all files on the computer to their earlier state. New files that have been created since the backup date are erased. You might need to use this option if a virus has infected the computer and it is uncertain which file(s) contains the virus. In some cases, these options might not be adequate. For example, the computer s problem stems from one application, or Windows registry settings for a specific application have been corrupted. You might only want to restore certain folders to their earlier state without restoring the entire computer. You can accomplish this Understanding Connected DataProtector 137

150 Chapter 25 / Heal using advanced options. Using advanced options, you can select particular folders, files, and registry settings to be restored. You can also browse the contents of previous backups to see which backups contain the files you want. Healing from CD Depending on the scope of the Heal that is required or the type of available network connection, you may want to request a CD from the Data Center. Using CDs for Heal is particularly useful for laptops and other computers that might not be connected to the network or which use slow connections such as dial-ups. The end user is provided with all of the same Heal options when using a CD as they would be if using a direct network connection. 138 Connected Corporation

151 26 AGENT SECURITY FEATURES The Agent s security features ensure that files cannot be intercepted and decoded while being transmitted between the computer and Data Center. Other safeguards prevent end users from retrieving files from other accounts that they are not authorized to access. This chapter discusses the following concepts relative to Agent security: Encryption keys Account passwords Access control list management (for Windows 2000/XP) Unauthorized access prevention Encryption Keys To ensure that files backed up from the client to the Data Center cannot be intercepted and decoded, the Agent encrypts the data prior to backup. The files remain encrypted on the Data Center and are encrypted when downloaded to the Agent during a file retrieval. The encryption key is an alphanumeric string stored locally, in encrypted form, on the Agent. Because the encryption key is stored locally, only the Agent that encrypted the file can be used to decrypt it, unless the key is given to another Agent user in order to share files. 139

152 Chapter 26 / Agent Security Features You can configure the level of encryption an Agent uses in the Agent Configuration Editor (ACE). Several levels of encryption are available, including DES (40 bit key), DES (56 bit key), Triple-DES (112 bit key), and AES (128 bit key). Selecting Encryption Keys You can select or genterate encryption keys using one of three different methods. These methods include: Setting a specific encryption key for all Agents in the Agent configuration Configuring the Agent to generate a random encryption key during Agent registration Enabling the end user to create their own encryption key during Agent registration You must select one of these three methods in ACE when configuring an Agent for deployment. Users can view their encryption keys using the Agent s Security screen unless you configure the Agent to hide the key. You can hide the key in order to prevent the keys from being distributed to other parties if this poses a security risk to your data. However, if your end users want to use file sharing, they must have access to their encryption keys in order to provide the key to their file sharing partners. Once an encryption key is set for the Agent account, it cannot be changed. Escrowing Encryption Keys to the Data Center The encryption key resides locally, in encrypted form, on the computer. During Agent registration the encryption key is securely transmitted, using 112-bit Triple-DES encryption, to the Data Center and escrowed in the encrypted format. 140 Connected Corporation

153 Account Password Account Password Account passwords offer an additional layer of protection against unauthorized access to data. When an account is password protected, end users must enter the password to retrieve files from the Data Center. Account passwords are optional, but they are strongly recommended for computers at risk of being stolen or computers that share files. You can configure the Agent to prompt end users to create a password during Agent registration. Passwords can be created after registration, if necessary. At any time you can disable the use of passwords on the Agent. You should use account passwords for accounts that share files. To share files, the end user must provide the Agent s account password and encryption key to filesharing partners. The user can later stop sharing files and change the account password. This enables the user to retain control over the account even if other users have the account s encryption key. Using Enterprise Directory Passwords If your organization uses Enterprise Directory to centrally manage passwords and other end user information, you can configure the Agent to use the passwords stored on the Enterprise Directory server for your end users. To do this, Support Center must be configured to link its user communities with the Enterprise Directory server. For more information, refer to Chapter 8: Data Center and Enterprise Directory, beginning on page 43. If you use Enterprise Directory passwords with your Agents, you cannot install the Agent using Hands-Free Install. This can limit the ways you can deploy your Agent. For more information, refer to the Setting Up Connected DataProtector manual. Access Control List Management Since Windows 2000 and XP computers support multiple user accounts on a single computer, each user can have different permissions that limit the user s access to files, folders, and drives. These permissions are defined in the access control lists. If configured to do so, the Agent backs up access control lists and retrieves them along with the files the user requests. When Agents retrieve files for Windows 2000 and XP systems, the access control lists are reapplied so that only authorized users can view the files. Understanding Connected DataProtector 141

154 Chapter 26 / Agent Security Features If you have computers in your organization that are shared by multiple users, the Agent installed on a computer can back up and retrieve files for all users. However, it does not allow users to retrieve files for which they do not have proper file permissions. The Agent backs up the Encrypting File System (EFS) attributes of files on Windows 2000 and XP computers if the Agent service is running under a user account (not the local system account). If the user account is logged in, but the machine is locked, the Agent can still access and backup the files. If the Agent service is running under the local system account, users must re-apply the files encryption settings after retrieving the files from the Data Center. Unauthorized Access Prevention If a computer is lost or stolen, the person in possession of the computer could use it to view and retrieve data from the computer s account if an account password is not used. The computer could also retrieve files for other accounts if the Agent has file sharing permissions and the thief has access to the required information. This is possible if, for example, the user stores the account s security information and file sharing information in a text file or other document on the computer. In the event that a computer is lost or stolen, it is critical that the following actions be taken immediately to prevent unauthorized access: Using Support Center, change the account password, or create an account password if the user doesn t already use one. Change the account passwords of any accounts the computer can access through file sharing. Recover the account on a new computer and restore the account s data. Optionally, remove the Agent from the new computer and install a new Agent with a new account. Backup the data to the Data Center using the new account. Cancel the previous account using Support Center and expire its data from the server disk. Follow this process for all computers that have shared files with the lost computer. To minimize the risks from stolen computers, require users to create an account password and instruct them not to record this password on their computer. 142 Connected Corporation

155 27 AGENT LOGS AND MESSAGES Agent logs and messages are two tools that are useful for Agent administration. You can review Agent logs to verify successful Agent activity or diagnose a potential problem. Agent messages enable you to notify users about changes in an Agent configuration or other important information. Viewing Agent Logs The Agent records details about activities and interactions with the Data Center in a log file that you can view by clicking the Log tab in the Agent user interface. You can also export individual log entries to text files for use in spreadsheets or text documents. Each log contains the following information: The type of activity The date and time that the activity started and ended A brief description of the activity Log entries use the following format: 10/25/2002 2:10:13 AM File C:\Program Files\Common Files\GMT\Scripts\oingo.com.csf: encrypted and successfully backed up (1K/0K/0K) In the example above, the log notes the date and time of the event, followed by the directory path of the file affected. The entry notes whether the operation was successful or unsuccessful in regards to the file and the size of the file on the hard disk followed by the size of the file after compression and transmission. 143

156 Chapter 27 / Agent Logs and Messages Viewing Logs Outside of the Agent Users who encounter problems during a backup or Retrieve session can send the log files from the Agent to you for analysis. The Agent stores logs in encrypted format in the Agent s Log folder. The user can the logs in encrypted format (all log files must by sent), or use the Agent s Log tab to export individual log entries to an unencrypted text file. Export logs to text format whenever possible. Using the Agent Logger Application The Agent Logger application (AgentLogger.exe) resides in the Agent s folder. This executable can be used to launch the Log Details window separately from the Agent. You can use Agent Logger to view log files sent to you by an end user. Follow these steps to view logs with Agent Logger: 1. Create a folder and copy AgentLogger.exe into the new folder. 2. Create a subfolder named Log. 3. Copy all of the end user s log files into the Log folder. 4. Double-click AgentLogger.exe to view the log files. Creating Agent Messages You can download text messages from the Data Center to Agents. Agent messages are useful for alerting end users to changes in their accounts, configurations, or other facets of their Agent service. End users access the messages using the Agent s Message Center. Alternatively, you can configure the message to open automatically when it is downloaded to the Agent. Downloading messages to your Agents using the Message Center requires some modification of your Data Center s SQL tables. If you host your own Data Center, refer to the Maintaining Your Data Center manual for more information. 144 Connected Corporation

157 28 AGENT INFORMATION WEB PAGES Creating your own centralized Web pages to enable end users to order CDs and obtain support information can help you reduce support time and costs. By specifying a URL in the Agent settings, you can make access points available within the Agent Registration Wizard and Agent interface that end users can use to access your Web pages. Users could order their backed-up files on CD, get pricing information, or access additional Help just by accessing the Web pages through the Agent interface. The Agent Registration Wizard and the Agent interface each contain access points designed to access specific information on your own Web pages. In the Agent Registration Wizard, the See Pricing Information link can be used to direct users to information about your pricing structure. Links in the Agent interface include Account Information, Order CD, and Help on the Web. When the Agent is deployed and installed on the client, it generates the links by appending a query string to the URL that you specify when configuring Agent settings in ACE. You or your Web developer must configure your active server pages or CGI script to return the appropriate content for the variables specified in the query. Note that all links become enabled and visible in the Agent registration wizard and user interface when you supply a Web page URL in ACE. You cannot change the text of the hyperlinks, but you can programmatically control the content displayed on your Web pages for each link. The following sections contain detailed information about the links available in the Agent interface and the variables used to form each link. For information about specifying an Agent Information Web page URL in the Agent s settings, refer to ACE Help. 145

158 Chapter 28 / Agent Information Web Pages Agent Interface Links If you enable the Web page links, they appear in the locations listed in the table below. If you do not specify a URL in the Agent s configuration settings in ACE, the link text does not appear in the Agent Registration Wizard or Agent interface. You cannot change the link text or the locations of the links in the Agent interface. Link Text Appears In Links To See Pricing Information For account information, click here Help on the Web For more information on CD Ordering, click here Agent Registration Wizard, in the Software License Agreement Screen Agent interface, on the Home tab Agent interface, on the Help menu Agent interface, on the Order CD window Pricing plans offered by your organization (if your organization does not charge users for using the Agent, you can display general information about your organization or the Agent.) Information regarding Agent upgrades and troubleshooting Additional help information such as how to contact Support, recommendations for configuring backups and other features, and a conceptual overview of the Agent s role in your organization Information regarding CD pricing and delivery options Agent Link Query Variables The query variables that are appended to the URL enable you to display content that s appropriate for the specific Agent version, organization brand, and language. For example, if the Agent s language is Spanish, you can direct the user to a page that contains content in Spanish. To do this, you must program your active server pages or CGI script to interpret the Agent query variables so it can display the appropriate content. 146 Connected Corporation

159 Agent Link Query Variables The query string appended to the URL uses the following syntax: "?Acct=AccountNumber &Pwd=EncryptionKeyHash&Loc=Location&Locale=LCID&Version= Version Number&Company=Brand&RegNumber=RegNumber" where the variable names appear in bold text. You can use any or all of these variables to display customized or localized content when an end user clicks the link. The following table lists the variables used in the query string and provides a definition for each. Use this information when designing the content for your Agent Information Web pages. Variable Definition AccountNumber The 9-digit account number associated with the Agent EncryptionKeyHash Location LCID Version Number Brand RegNumber The account s encryption key, transmitted in encrypted format The location of the hyperlink in the Agent interface This parameter contains one of the following options: HomePage (for the Home tab link) CDOrder (for the Order CD window link) Pricing (for the Software License Agreement link) HelpOnTheWeb (for the Help menu link) The language code of the Agent These are standard codes available at ault.asp?url=/library/enus/script56/html/vsmsclcid.asp The version of the Agent software The organization brand name associated with the Agent. The registration number of the account Understanding Connected DataProtector 147

160 Chapter 28 / Agent Information Web Pages 148 Connected Corporation

161 PART III: DATA CENTER TOOLS Chapter 29: Data Center Tools Overview Chapter 30: Data Center Management Console Chapter 31: CD Maker Chapter 32: Other Tools and Utilities

162

163 29 DATA CENTER TOOLS OVERVIEW The Data Center comes with several tools to assist you in monitoring and managing your Data Center servers. These tools include: Data Center Management Console (DCMC) CD Maker Other tools and utilities Data Center Management Console CD Maker DCMC is a useful tool for monitoring and managing the activity on your Data Center. For example, you can use the DCMC to start and stop services, change Data Center settings, and manage tapes in a tape library. Refer to Chapter 30: Data Center Management Console, beginning on page 153 for more information on all of the uses of DCMC. You can use CD Maker to create a CD of an account s entire set of data. The end user can then use the CD to restore some or all of their files. CD restore is very useful for an end user who must restore many files, or large files, but uses a slow connection to the Data Center. Refer to Chapter 31: CD Maker, beginning on page 159 for more detailed information on using CD Maker. 151

164 Chapter 29 / Data Center Tools Overview Other Tools and Utilities The Data Center comes with several other tools and utilities for managing your data. Refer to Chapter 32: Other Tools and Utilities, beginning on page 163 for detailed information on each tool and utility supplied with the Data Center. 152 Connected Corporation

165 30 DATA CENTER MANAGEMENT CONSOLE The Data Center Management Console (DCMC) is designed as a snap-in for the Microsoft Management Console (MMC). The DCMC enables you to perform a variety of tasks necessary to monitor and control Data Center operations. You should be familiar with the MMC to be able to work with the DCMC. The DCMC enables you to perform a variety of tasks necessary to monitor and control Data Center operations, including managing the BackupServer, PoolServer, ReplicationServer, IndexServer, BackupHSM, HSMPurge, and Compactor. For specific information and procedures on working with the DCMC, refer to the DCMC Help, which you can access through the DCMC. 153

166 Chapter 30 / Data Center Management Console The following example shows the DCMC interface: With the DCMC, you can: Start, Pause, and Stop the Data Center services. The icons in the console tree, as well as the information in the details pane, shows whether the Data Center service is started or stopped. View and modify properties for each Data Center service. The DCMC enables you to view default properties and properties chosen during Data Center Setup. You can also change these properties as needed (contact Support for guidance before changing any Data Center service properties). Monitor multiple Data Center servers simultaneously. The DCMC enables you to monitor all of the servers in a mirror or cluster at one time. Manage space used in archive storage devices. You can use the DCMC to view status and monitor usage of all archive storage devices including tape libraries and EMC Centera. 154 Connected Corporation

167 Starting the DCMC Monitor current status. Use the DCMC to monitor the status of HSM requests, operations, and tape drive availability. View event logs and run the Windows Event Viewer. You can view event logs for Data Center operations from within the DCMC. You can also run the Windows Event Viewer for a selected Data Center. This information is typically used for problem diagnosis. Starting the DCMC You can run the DCMC on a Data Center server or remotely, if your remote computer has the Data Center Toolkit installed. Use the following step, depending on the computer you use, to start the DCMC: If you are working on a Data Center server: click the Start button (on the Windows taskbar), point to Programs, point to Data Center, and then click Data Center Management Console. If you are working on a remote computer that has the Data Center Toolkit installed: click the Start button (on the Windows taskbar), point to Programs, point to Data Center Toolkit, and then click Data Center Management Console. If your Data Center does not appear in the DCMC console tree, refer to DCMC Help for instructions to add it. DCMC User Interface The DCMC supports and enhances all of the standard MMC functions and interface elements. Together with the MMC, it provides an intuitive user interface that enables you to manage various Data Center components quickly and easily. The DCMC interface includes: The console tree, including DCMC-specific icons to make visualizing DCMC components easy The details pane, which provides information based on your selection in the console tree Menus and toolbars (including context pop-up menus), with DCMCspecific commands Understanding Connected DataProtector 155

168 Chapter 30 / Data Center Management Console Console Tree The DCMC console tree (the left pane of the window) contains a view of all of the components of your Data Center, as shown in the boxed area in the following example: The console tree uses icons to represent each of the Data Center components. These icons are organized hierarchically to make it easy for you to locate the components you need: servers are listed under the Data Center to which they belong, and services and components are listed under the server to which they are attached. Icons for services show whether the service is running, paused, or stopped. If a service or component contains subcomponents, a plus sign appears to the left of the component's icon. To view the subcomponents of a given component, expand it by clicking the plus sign or double-clicking the component name. The details pane (discussed in the next section) displays information pertaining to the selection in the console tree. 156 Connected Corporation

169 DCMC User Interface Details Pane The DCMC details pane displays specific information on the item you select in the console tree (discussed in the previous section). For example, if you select a Data Center in the console tree, the details pane shows the statuses and other information about all of the services running on the servers connected to that Data Center. The boxed area in the following example shows the DCMC details pane: You can set the DCMC to automatically refresh the view of the details pane at set intervals. By default, the service statuses in the DCMC are set to refresh every five minutes. You can also manually refresh the view of the details pane if you do not want to use the automatic refresh feature. Menus and Toolbars You access the DCMC functions and properties through toolbars and menus. The DCMC menus contain the console s commands as well as other DCMC functions. Understanding Connected DataProtector 157

170 Chapter 30 / Data Center Management Console The menus appear in three forms: The MMC menu bar includes the Console, Window, and Help menus. These menus are standard to MMC. The DCMC snap-in menu bar includes the Action and View menus. These menus provide access to DCMC functions as well as display options for the console tree and details pane. A context pop-up menu appears when you right-click items in the console tree and details pane. This menu enables you to modify the selected item's properties or to run a command that is relevant to the selected item. The DCMC contains snap-in toolbars to augment the MMC toolbar. Together, the toolbars provide quick and easy access to console functionality and DCMC commands, which you could otherwise access through menus. The DCMC also has a description bar, which displays the name of the current view along with the time the view was last refreshed. The following example shows DCMC menus and toolbars: 158 Connected Corporation