Webconf: Backup

This tab is only available after the HSM has been initialized and replaces the Restore tab!

The Keyfactor Next Generation Hardware Appliance provides a Backup tab in Webconf.

On the Backup page you can configure the backup behavior of your system or trigger a manual backup.

A backup is a snapshot of the system at a specific point in time. This makes it possible to restore the device to a stable state if necessary.

It is therefore advisable to create regular backups to ensure that an up-to-date backup is always available.

For appliances with an Luna S790 HSM be aware that the backup for the HSM must be taken separately. See HSM Backup for more information.

Backups can be restored so that the same state of the appliance is restored to a specific date/time.
A backup can be restored to the same device or to different device to enable write-offs, disaster recovery, etc.

A backup contains the following data:

• firmware configuration 

• system configuration (cluster, network, database, HSM, etc... configuration)

• database (internal) 

• database configuration (external DB)

For the basic setup, refer to the following steps:

Backup Status

A table with three columns provides information about the current backup status.

• Current Backup Status

• Last Successful Backup

• Next Scheduled Backup Execution

Backup Settings

Backup Protection

For the Backup Protection it is mandatory to define a Domain Master Secret.

The Domain Master Secret can only be set once. Therefore, make sure that you keep a copy of it in a safe place for the entire lifetime of your New Generation Hardware Appliance.

1. Log in to Next Generation Hardware Appliance.

2. Open the Backup page.

3. In the section Backup Settings click Set Domain Master Secret to open the corresponding form.

4. Enter the Domain Master Secret.

5. Repeat the Domain Master Secret.

6. Click Set Domain Master Secret to confirm your entries.

Backup Filename (optional)

Use this field to specify a prefix for you backup file name, if you want to individualize it.

1. Log in to Next Generation Hardware Appliance.

2. Open the Backup page.

3. In the section Backup Settings, Backup Filename enter the prefix for the backup filename.

4. Click Save Settings to confirm your entries.

Automated Backup Schedule

To trigger an automated backup see Scheduled Backup.

Backup Storage

Configure the storage location for the backup here.

Network File System (NFS)

To store the backup to a NFS located in your network and reachable for the Next Generation Hardware Appliance the following NFS versions are supported:

• NFS Version 4

• NFS Version 4.1

• NFS Version 4.2

If you experience long loading times or even timeouts while browsing backup files from your NFS, this could be due to a blocked port 111/TCP.
Prior to version 5.2.0, the device assumed that it could send traffic to the NFS server with destination port 111. If the port is blocked by a firewall, the backup file browser freezes for a while (3 min) and then reports an error in Webconf.

For more information please refer to the Ports and Protocols documentation.

1. Log in to Next Generation Hardware Appliance.

2. Open the Backup page.

3. In the section Backup Storage, Backup Storage Settings select the Storage Type for the backup from the drop down menu:
   None (default)
   Network File Setting (NFS)

4. Select Network File System (NFS).

5. Enter your NFS URL and click Browse Storage to browse the backup location.

6. The storage browser opens. Select/Navigate to the path where the backup is to be saved.
   Click on Directories to navigate one level down or
   click .. One level up to return to the previous level.

7. Click on Use This Location to confirm your backup location.

8. Click Save Settings to confirm your entries.

Manual Backup

To trigger a manual backup see Manual Backup.