CDP_Overview
SonicWALL CDP Overview
Protect your network using SonicWALL CDP (Continuous Data Protection), a secure backup solution that runs continuously, archiving file and application data from assigned agents (servers, laptops or PCs intended for backup using SonicWALL CDP).
SonicWALL CDP replicates data in real time, capturing new, changed and deleted information. By storing multiple versions of each file and application revision, SonicWALL CDP can recall data from nearly any point in time.
In the event of local disaster, data can be recovered from the secure SonicWALL CDP Offsite Service.The Offsite Service is an optional service that backs up your data at a North American or European site. For more routine data recovery needs, the SonicWALL CDP appliance provides instant, onsite data recall. SonicWALL CDP works even when users are on remote laptops connected by IPsec or SSL VPN connections.
SonicWALL CDP includes an appliance, a Web Management Interface, Agent User Interface, and Offsite Service.
This section contains the following subsections, which provide an introduction to the SonicWALL CDP features and benefits:
What Is SonicWALL CDP?
SonicWALL CDP protects your network from data loss. SonicWALL CDP is a disk-based data backup and recovery system that provides protection for assigned agents, regularly preserving the latest file versions and database revisions locally, and if configured, storing full folder and full database revisions to the secure Offsite Service.
Backups are performed regularly by SonicWALL CDP, ensuring that new versions of files or application revisions are continuously updated. In addition, older versions of each file are stored, allowing recovery from multiple points in time.
SonicWALL CDP includes the following components: The SonicWALL CDP Web Management Interface, Appliance, Offsite Service, Agent User Interface and Service, Local Archive Manager, and Bare Metal Recovery.
Each SonicWALL CDP component is described below.
|
|
|
SonicWALL CDP Web Management Interface —The SonicWALL CDP Web Management Interface is a Web-based interface that provides the system administrator the ability to configure, create, and apply global policies and tasks for the SonicWALL CDP appliance. The Web Management Interface also provides initial system setting configuration for the SonicWALL CDP appliance, as well as system diagnostics, and allows for a full purge of data from the appliance. For detailed SonicWALL CDP management interface specifications, refer to the “How the SonicWALL CDP Web Management Interface Works” section . |
|
|
|
SonicWALL CDP Appliance — The SonicWALL CDP appliance is a dedicated disk backup appliance that collects data blocks from agents for storage and for secure transmission to the Offsite Service (if configured). For detailed SonicWALL CDP appliance specifications, refer to the “How the SonicWALL CDP Appliance Works” section and the “About the SonicWALL CDP Appliance” section . |
|
|
|
SonicWALL CDP Offsite Service —The SonicWALL CDP Offsite Service is a subscription service that provides protection against local disasters including theft, power surges and server crashes. Full file revisions from the SonicWALL CDP appliance are securely transmitted to the Offsite Service and stored for emergency recovery. The Offsite Service can be configured to use a North American or European data center. For detailed SonicWALL CDP Offsite Service specifications, refer to the “How the SonicWALL CDP Offsite Service Works” section and the “SonicWALL CDP Site-to-Site Service Overview” section . |
|
|
|
SonicWALL CDP Agent User Interface —The SonicWALL CDP Agent User Interface software is installed on every agent (server, laptop or PC intended to be backed up on the SonicWALL CDP appliance), and provides individual users and system administrators the ability to configure, create, and apply local backup policies, and the ability to view backup status and recover lost data. User access privileges to the appliance using the Agent User Interface are configured by the SonicWALL CDP appliance administrator using the Web Management Interface. For more information about the SonicWALL CDP Agent User Interface specifications, refer to the “How the SonicWALL CDP Agent Works” section and the “About the SonicWALL CDP Agent User Interface” section . The SonicWALL CDP Agent User’s Guide provides detailed information about using the Agent User Interface. |
|
|
|
SonicWALL CDP Agent Service —The SonicWALL CDP Agent Service software is installed automatically with the SonicWALL Agent User Interface. By running continuously in the background of each agent, the Agent Service enables backup of folders and application revisions as it performs handshaking with the appliance, transmits data, and listens for Windows Event Notifications. For detailed SonicWALL CDP Agent Service specifications, refer to the “How the SonicWALL CDP Agent Works” section and the “About the SonicWALL CDP Agent User Interface” section . |
|
|
|
Local Archive Manager —The Local Archive Manager is a separate application, installed on an agent machine, that allows an administrator to archive some or all of the contents of your SonicWALL CDP appliance onto a USB device. This feature can also be used to create a portable backup that can be restored at another site that does not have a SonicWALL CDP appliance. Data can be archived to the USB device in encrypted format. For more information about local archiving, see the “SonicWALL CDP Local Archiving Overview” section . |
|
|
|
Bare Metal Recovery —Bare Metal Recovery is a separate, standalone application, which provides the administrator with the option to create a hard disk image backup of information stored on a disk, including the operating system files, applications and configuration files, software updates, personal settings, documents, and other data. For detailed Bare Metal Recovery specifications, refer to the “How Bare Metal Recovery Works” section . |
Why Use SonicWALL CDP?
SonicWALL CDP is a complete and reliable data protection solution that eliminates exposure to threats of data loss, using the same security technology implemented by major financial and government institutions.
Specifically developed for the business and remote office networks, SonicWALL CDP is employed in network environments with business requirements that necessitate continuous data backup. SonicWALL CDP also provides real-time, continuous data protection for laptops and remote agents connected by IPsec or SSL VPN.
Running seamlessly, SonicWALL CDP captures the most recent file and application revisions, maintaining multiple versions of each backed up file. SonicWALL CDP stores backed up data on a local SonicWALL CDP appliance for instant recovery, and if configured, to the secure SonicWALL CDP Offsite Service for protection against local disaster.
You control SonicWALL CDP, specifying which agents will use the appliance, selecting files and applications for automatic backup, and applying custom filters for non mission-critical file types.
SonicWALL CDP provides the following key features:
|
|
|
Continuous Data Protection —SonicWALL CDP replicates data in real time, capturing new, changed and deleted information. SonicWALL CDP works even when users are on laptops or other remote connections using IPsec or SSL VPN. |
|
|
|
Offsite Service —SonicWALL CDP Offsite Service protects businesses against power surges, theft, server crashes and other disasters by backing up full files and full database revisions to a secure data center. The administrator can configure a bandwidth management schedule as well as adjust the synchronization interval so that backups are performed when network usage is at its lowest. You can select a North American or European data center during the appliance registration process. |
|
|
|
Instant Recovery — Because SonicWALL CDP utilizes an onsite appliance for data storage, agents have instant access to old file versions and can recover data at any time. And, agents have the ability to restore their own data without help from an IT administrator. |
|
|
|
Multiple File Versions —SonicWALL CDP saves multiple versions of every file, not just the latest version. Therefore, any user on the network can instantly retrieve a previous version of a document, even after they have saved over it. SonicWALL CDP allows recovery of data from multiple points in time. |
|
|
|
Security —Transmission of data to the SonicWALL CDP Offsite Service is secured by the same 256-bit AES (advanced encryption standard) and SSL (secure socket layer) encryption technologies implemented by major financial institutions and government agencies. SonicWALL CDP also utilizes public-key encryption and digital certificates as an additional layer of protection. |
|
|
|
Intelligent Applications —SonicWALL CDP integrates a collection of intelligent software applications. One such application is a backup reporting tool, which provides constant visual data backup verification. The tool places a highlighted SonicWALL stamp on each protected file so the user knows that the SonicWALL CDP is working. |
|
|
|
Application Support —SonicWALL CDP supports most business applications. Supported agent applications include Outlook and Outlook Express, and supported server applications include Microsoft Exchange, Active Directory and SQL Server. |
|
|
|
RAID Support —Some SonicWALL CDP appliances support RAID (redundant array of independent disks), providing additional failover protection in the event of a disk failure. The SonicWALL CDP 6080 and 5040 include RAID 5, block-level data striping with distributed parity across the drive set. |
How Does SonicWALL CDP Work?
SonicWALL CDP replicates data in real time by storing multiple revisions of files and applications defined by policies and tasks set by the administrator and agents. Each element of the SonicWALL CDP works synchronously to ensure that data is protected continuously, in real time.
SonicWALL CDP includes the following major components:
This section provides an overview of the SonicWALL CDP components. This section contains the following subsections:
How the SonicWALL CDP Web Management Interface Works
The operating system inside the SonicWALL CDP appliance is called firmware. The SonicWALL CDP Web Management Interface is a Web-based interface that allows the SonicWALL CDP administrator to configure the SonicWALL CDP appliance firmware.
The SonicWALL CDP Web Management Interface is used by the SonicWALL CDP administrator to configure local and global policies, obtain logs and reports, set email notifications and other administrative settings, configure network settings, and manage agents.
Individual agents (workstations and servers) can connect to the SonicWALL CDP appliance and back up files and applications by running the SonicWALL CDP Agent software. Administrators can control the flow of data from the agents to the appliance(s) by using the SonicWALL CDP Web Management Interface to:
The Web Management Interface also allows the administrator to register the appliance, view and configure system and network settings, and purge data from the appliance.
After the initial set up of your SonicWALL CDP, which includes registering your SonicWALL CDP appliance on MySonicWALL, you must activate your appliance using the Web Management Interface. The Web Management Interface is used to insert the registration code or manual keyset that is obtained from MySonicWALL.
For more information about the registration and initial setup of your SonicWALL CDP appliance, refer to the SonicWALL CDP Getting Started Guide for your model.
Alert and Help Options
The alert and help options are located in the header of the Web Management Interface.
Navigation Overview
The navigation options are located in the left pane beneath the header.
|
|
|
Status Panel : Displays the Log Out option and status of the administrator’s appliance. This panel is located above the Navigation Menu. |
|
|
|
Navigation Menu : Allows the administrator to navigate the Web Management Interface. |
Status Panel
The Status panel provides administrators with the login status, the name of the SonicWALL CDP appliance that the Web Management Interface is currently accessing, and the registration status of the accessed appliance.
|
Lists the name of the device the administrator is logged into. |
|
Navigation Menu
The Navigation Menu allows the administrator to navigate the appliance features.
How the SonicWALL CDP Appliance Works
The SonicWALL CDP appliance performs three main tasks: Data processing, data storage, and if configured, data transmission to the Offsite Service.
The appliance receives data blocks from the Agent Service and compares them to existing blocks in order to discover new or modified information. The appliance stores the new or modified data blocks, and if configured, securely transmits them to the Offsite Service.
The appliance is connected, using a standard CAT5 or higher Ethernet cable, to your local area network (LAN). The SonicWALL CDP appliance requires configuration of a static IP address in order to communicate with your network, and an agent must be connected to the same LAN as the appliance to connect to it.
The SonicWALL CDP appliance communicates with the Web Management Interface, Agent Service, and, if configured, to the Offsite Service. The appliance communicates with the SonicWALL CDP Offsite Service for registration and storage using HTTPS (TCP 443), providing enhanced security and greater levels of compatibility with network perimeter devices. As a result, your network must be configured to allow HTTPS (TCP 443) communication.
To ensure that the appliance performs at its peak, it will automatically alert the administrator if it is close to reaching capacity. If the appliance is busy, or if an agent has become disconnected from the network, the agent will continue to attempt communication until a successful backup has been completed.
How the SonicWALL CDP Agent Works
The SonicWALL CDP Agent User Interface and Agent Service are installed at the same time. The Agent Service runs continuously in the background as a service, allowing backups of files, folders, and application revisions.
The Agent User Interface is a graphical user interface that allows users to control agent backup to and recovery from the SonicWALL CDP appliance. User access privileges to the appliance using the Agent User Interface are configured by the CDP administrator using the Web Management Interface. Users can manage backup options and restore files and application revisions from the appliance using the Agent User Interface.
The Agent Service runs in the background, handshaking with the appliance, transmitting data to the appliance, and, when using the CDP backup method on a Windows machine, listening for Windows Event Notifications to discover when data has been written to a local disk; triggering the agent to backup the change to the SonicWALL CDP appliance. When changes have been made, the Agent Service transmits 4 KB to 64 KB data blocks (compressed if necessary) to the appliance for backup.
For more information about the SonicWALL CDP Agent User Interface, refer to the “Agents Interface” section on page 64 .
How Bare Metal Recovery Works
Bare Metal Recovery is a separate software tool that creates a disk image backup. A disk image backup includes a backup of operating systems, applications and configuration files, software updates, personal settings and other data.
To use Bare Metal Recovery with the SonicWALL CDP appliance, you use the Web Management Interface to create a user account on the appliance with the desired quota. Then you can launch the Bare Metal Recovery application and save the image to the SonicWALL CDP appliance.
Disk imaging includes images of disk partitions and track zero with the Master Boot Record (MBR). Disk partitions include files and folders (independent of their attributes), boot record, FAT (file allocation table) and root. The Master Boot Record is the code used by the BIOS to load the operating system into memory; residing on track zero of the disk.
Bare Metal Recovery disk image creation is automatic, which means files and folders do not have to be earmarked for backup. To ensure that the backup and recovery processes are streamlined, Bare Metal Recovery disk images only store hard disk parts that contain data.
Bare Metal Recovery images can be backed up directly to the SonicWALL CDP appliance with FTP. Bare Metal Recovery disk images can also be created on local hard disks, CD-R/RW, DVD+R/RW, DVD-RW, or removable media such as Firewire (IEEE-1394) and USB (1.0, 1.1, and 2.0) devices. Once created, the image can later be transferred to any other media. Lost data from the disk image can be retrieved at any time. Additionally, the disk image can be accessed as a virtual drive for browsing and extracting files.
For more information on Bare Metal Recovery, refer to the Bare Metal Recovery and Local Archiving - Workstation User’s Guide .
How the SonicWALL CDP Offsite Service Works
The SonicWALL CDP Offsite Service provides a secure server, or Portal, that stores backed up data for protection against local disaster. During registration of your SonicWALL CDP appliance, you are able to select a North American or European data center. You can also use the Web Management Interface to configure another upstream SonicWALL CDP appliance for offsite backup.
Data transmitted and stored securely at either the North American or European Offsite Service is available for retrieval when onsite data has been destroyed or the onsite appliance has been rendered inoperable, enabling an enterprise to be up and running quickly after a disaster event.
Compressed, full-database and full-file (with latest revision) data blocks are encrypted and transmitted from the SonicWALL CDP appliance to the Offsite Service. Offsite Service communication uses SSL/TLS transport layer encryption, and AES application layer encryption. In the event that a local SonicWALL CDP recovery is not viable, the SonicWALL CDP administrator can recover the data from the Offsite Service using an encryption key.
Data backed up using the SonicWALL CDP Offsite Service is protected by AES (advanced encryption standard) 256-bit encryption, and can only be recovered using an AES 256-bit encryption key, set automatically and available only to the network administrator. Data stored using the Offsite Service is fully secure, as it cannot be decrypted without the key, even by SonicWALL technical support engineers.
Refer to Figure 1 for the Offsite Service data backup flow. For more information about the SonicWALL CDP Offsite Service, refer to the “SonicWALL CDP Site-to-Site Service Overview” section .
|
|
Offsite Service Data Backup Flow |
How SonicWALL CDP Local Archiving Works
Local archiving is a separate software tool that allows you to archive some or all of the contents of an upstream (offsite) or downstream (local) SonicWALL CDP appliance onto a USB device. This feature can also be used to create a portable backup that can be restored at another site that does not have a SonicWALL CDP appliance. Data can be archived to the USB device in encrypted format.
The Local Archive Manager application is installed on an agent system as part of a Complete installation of the SonicWALL CDP Agent software. For more information about Local Archiving, see the “SonicWALL CDP Local Archiving Overview” .