This section provides an introduction to the SonicWALL CDP Site-to-Site Service feature. This
section contains the following subsections:
The SonicWALL CDP Site-to-Site Data Backup Service is an optional offsite backup and
recovery solution that stores data in a secure data center, and can be purchased for an additional fee. For more information, see the SonicWALL CDP Offsite Data Backup Service data sheet at: <http://www.sonicwall.com/downloads/DS_CDP_Offsite_US_060507.pdf
>.
The CDP Site-to-Site Service feature provides a secure, reliable, and confidential method of
backing up and recovering data from one or more local CDP appliances to another local or offsite CDP appliance.
In a typical one-to-one configuration of CDP Site-to-Site, one local CDP appliance, or
downstream appliance, is used to backup local workstations. A second CDP appliance, or upstream appliance, is deployed locally or at a remote location and is used to backup the downstream CDP appliance.
The one-to-one CDP Site-to-Site configuration can be expanded to include multiple
downstream CDP appliances that back up to a single local or offsite upstream CDP appliance. The upstream appliance needs to have sufficient Offsite nodes licensed.
In the event that a downstream CDP appliance is rendered unusable, the CDP Site-to-Site
feature allows you to recover your data, settings and configurations directly from the upstream CDP appliance. If the data on the upstream CDP appliance is not the most recent, choose the option to only download settings and configurations; the local agents will then back up the most recent data to the downstream CDP appliance which will be sent to the upstream CDP appliance. If the upstream CDP appliance is rendered unusable, it can easily be replaced with a new CDP appliance configured with the same IP address as the original upstream CDP appliance.
The benefits of the SonicWALL CDP Site-to-Site feature include:
The CDP Site-to-Site feature requires a minimum of two CDP appliances to be deployed in a
one-to-one scenario, in which a single upstream CDP appliance is the backup method for a downstream CDP appliance. The upstream CDP appliance can be deployed locally or offsite using a VPN or WAN connection, as illustrated in Figure 1
and Figure 2
. The downstream CDP appliance must be configured to backup to the IP address of the upstream CDP appliance, and the upstream CDP appliance must be licensed for Offsite and have at least one node available.
Multiple downstream CDP appliances can be configured to backup to a single local or offsite
upstream CDP appliance in a many-to-one configuration. Upstream CDP appliances can also be used as a backup method for local agents, and can back up the local agent data to the SonicWALL offsite portal or to another CDP. Data, settings and configuration backed up from the downstream CDP appliance to the upstream CDP appliance are 256-bit encrypted and compressed, and sent using port 2022. All other features, including alerts, policies, and reports, can be configured on the upstream and downstream CDP appliances.
In the event of a disaster, data, settings, and configurations (or just settings and configurations)
can be recovered from the upstream CDP appliance to the downstream CDP appliance. If the data on the upstream appliance is outdated, the option to recover only settings and configurations provides the ability to rapidly set up the replacement CDP. The replacement will then recover the latest data directly from its local agents, and then pass this data on to the upstream CDP appliance, thereby reinstating full backup protection.
If the downstream CDP appliance is rendered unusable, it is necessary to obtain a new
downstream CDP appliance to replace it. The upstream CDP appliance must be notified of the change and the new box must be configured to backup to it prior to recovering data from the upstream CDP appliance.
The diagram in
Figure 1
provides an example of a one-to-one CDP Site-to-Site deployment. Multiple agents are configured to backup to the downstream CDP appliance (IP address 10.0.0.1). The downstream CDP appliance is configured to backup to the local upstream CDP appliance (IP address 10.0.0.2).
The diagram in
Figure 2
provides an example of a one-to-one offsite CDP Site-to-Site deployment. Multiple agents are configured to backup to the downstream CDP appliance (IP address 10.0.0.1). The downstream CDP appliance is configured to backup to the offsite upstream CDP appliance (IP address 10.1.1.2) using a VPN or WAN connection.
Figure 3
provides an example of a many-to-one CDP Offsite deployment with multiple CDP appliances (IP addresses 10.0.0.1 and 10.0.0.3) configured to backup to a single upstream CDP appliance (IP address 10.1.1.2). The upstream CDP appliance can be used to backup local clients and backup this data either to the offsite portal or to a final CDP.
This section contains the following sub-sections:
For best performance, SonicWALL recommends you follow these practices:
The following deployment prerequisites are required to use the CDP Site-to-Site feature:
You must purchase an 8x5 or 24x7 support contract and a 1, 3, 5, or 10 node Offsite license
for the upstream CDP appliance. This can be done directly through mysonicwall.com or through your reseller.
To configure the upstream CDP appliance to accept backup data from the downstream CDP
appliance, perform the following steps:
Step 2
|
Enter
http://www.mysonicwall.com
in the location
or address
field.
|
The
mySonicWALL.com login
page is displayed.
Step 4
|
Navigate to
My Products
in the left-hand navigation bar
|
Step 10
|
Click the
Refresh
button to have the CDP appliance update its license.
|
The appliance should now show the correct number of nodes licensed and is ready to backup
a downstream CDP appliance.
To configure the downstream CDP appliance to back up to the SonicWALL CDP Portal or to an
upstream CDP appliance, perform the following steps:
Step 5
|
Set the desired number of minutes in the
Synchronization Interval
field. The default, and minimum, is 15 minutes. To save bandwidth, you can set the interval to a larger number for less frequent synchronization between the downstream and upstream appliances..
|
Step 6
|
The
Encryption Key
is set automatically, and cannot be changed. If you switch between the Portal and another upstream destination, you will see a different key in this field. You can copy the key to your computer clipboard and save it in a text file for secure storage offsite.
|
The SonicWALL CDP Site-to-Site Data Backup provides different services, ranging from 5 to
100 GB of quota. The quota is the maximum amount of data that can be backed up. You need to make sure that the total size of all of your backups does not exceed the quota limit. If quota is exceeded, a subsequent backup will fail, the Quota Exceeded Error
message will be displayed, and the status for the last backup will change to Quota Exceeded
. You will receive an email notification informing you of the failed backup attempt. You can free up your storage space by removing some of the old backups, or you can purchase additional quota.
For information about editing the default policy quota or creating a custom policy with a custom
quota, refer to the “Creating a Global Policy” section
.
To apply a quota for the amount of data the upstream CDP appliance will accept from the
downstream CDP appliance, perform the following steps:
Step 5
|
Click the
Edit
icon for the downstream CDP appliance.
|
Step 6
|
From the
Select Admin Policy
drop-down list, select the Default Policy
, or, if you have configured one, a custom policy with a specific quota defined.
|
Removing a downstream CDP will delete all the relevant backup data from the upstream CDP
appliance. To remove a downstream CDP and free up an upstream node, perform the following steps:
Step 3
|
Clear the
Upstream Appliance Name/IP Address
field.
|
Step 8
|
Click the
Delete
icon for the downstream CDP appliance.
|
Once properly configured, SonicWALL CDP Offsite Backup is as simple to use as the basic
CDP backup.
You can view the files that are backed up offsite in one of the following ways:
To restore data and policy information from the upstream appliance to the downstream
appliance, perform the following steps:
Step 2
|
Navigate to the
System > Settings
page and click the Restore from Offsite
tab.
|
Step 6
|
Click
Restore from Offsite
.
|
The restore progress displays. Click
Close
to close the progress page.
To delete data and policy information from the upstream appliance, perform the following steps:
Step 2
|
Navigate to the
System > Settings
page and click the Restore from Offsite
tab.
|
Step 5
|
Click
Wipe Offsite Data
.
|
If the downstream CDP is no longer accessible, a new CDP can take its place and recover data
from the upstream appliance. The following information is required before you begin:
To recover data from the upstream CDP appliance, you must first configure the upstream
appliance to allow the new downstream appliance access to the old appliance’s data. Then the new appliance must be setup to connect to the upstream CDP appliance.
To update the upstream appliance with a different downstream appliance, perform the following
steps:
Step 3
|
On the
Configure
tab, click the Edit
icon for the old CDP that is being replaced.
|
Step 4
|
In the
Agent Name
and Friendly Name
fields, replace the old CDP’s IP address or FQDN with the new one and click OK
.
|
You must now configure the new downstream appliance to backup to the upstream CDP
appliance. Follow the directions in “Configuring the Downstream CDP Appliance” section
before recovering data from the upstream CDP appliance.
SonicWALL CDP Offsite Service allows the administrator to perform a disaster recovery when
local data have been rendered unrecoverable. This means that the local SonicWALL CDP appliance is unusable and must be replaced. Data can be recovered from the Offsite Service in the event that a disaster renders local data corrupted, destroyed or otherwise unrecoverable.
To recover data from the Offsite Service after the original local SonicWALL CDP appliance has
become unusable, perform the following steps: