Basic Operation

Download this manual as a PDF file

The Restorepoint user interface pages share some common features. These features include:

  • A menu bar at the top of the page, for navigating between the different functions
  • The username of the logged in user at the top right-hand side of the screen
  • A footer that displays the current software version, serial number, license expiry, and time

Image of the Restorepoint Dashboard page

Tables display a grey header. For example, in the Device page shown below, you can change column widths by double-clicking on the header, or by clicking and dragging the heading separators. You can change the sorting criterion by clicking on a column heading. You can also perform a full text search by typing in the Search field.

Image of the Restorepoint Devices page

My Account

You can hover over the username on the top of the user interface and two options appear. A Logout option that features a clock that shows how many minutes until a user is automatically logged out, and the My Account option that allows you to edit the following user settings:

  • Full Name

  • Email

  • Password

  • Encryption Password

  • Recovery Question

  • Recovery Answer

To change a password, you need to specify the Old Password.

Image of the Restorepoint My Account page

For more information on the My Account options, see Adding a new user.

Activity Display

The Activity Display, shown below, displays a list of tasks that are currently running. This list is displayed on every page while tasks are in progress:

Image of the Restorepoint Activity Display page

You can click on the magnifying glass icon to show the Progress Log, which displays real-time information about the running task:

Image of the Restorepoint Progress Log page

Editing Views

In addition to the built-in views, every data table in Restorepoint can have multiple customized views. You can access these by clicking on the menu icon () at the top left of a table. You can use this icon to reorder columns by clicking the up/down arrows and selecting the checkbox to show/hide columns.

You can define a name and save column orders, widths, and display settings using the Save button. You can delete saved views using the Delete button.

Views stored in your browser’s local storage are only available on the browser and workstation where they were set. If you clear your browser storage, you will clear any saved views.

Encryption

All sensitive data stored in Restorepoint, including device configurations, is protected by encryption. Restorepoint encrypts data when it is written to a disk and decrypts it as it is read. Cleartext data is only held in volatile memory. Therefore, the data disappears when the appliance is shut down or rebooted, which renders data theft impossible without a valid encryption key.

Restorepoint has two operational states:

  • Locked State. When the appliance is powered up and no encryption password is entered by an administrator. In this state, Restorepoint cannot read its own database and therefore cannot perform any operations. An administrator must log in and provide the encryption password to unlock the database.
  • Normal State. Once an administrator provides the encryption password at login, all system functions are enabled. Subsequent administrator logins will not require an encryption password until the appliance is powered down or rebooted.

The entire Restorepoint database is encrypted. Therefore, it is vital that administrators remember both their normal and encryption passwords. Administrators must also keep their emailed password-recovery tokens safe. For more information, see Connecting to Restorepoint After a Reboot and Password Reset.

System Status Page

The System Status page or Dashboard, displays an overview of the health of your Restorepoint system and displays the number of devices that are being backed up. The following image is the default page when you first login to Restorepoint. You can display this page at any time by clicking Info on the menu:

Image of the Restorepoint Dashboard page

The following type of graphs can be displayed on the Dashboard page:

Backups (24h)

Successful and failed scheduled backups in the last 24 hours. Additionally, mouseover mention devices not scheduled for backup.

Device compliance

The number of compliant and non-compliant devices, and the number of devices with no policy assigned.

Device Baseline

The number of devices that are running a baseline configuration, non-baseline configuration, and no baseline configuration set. For more information, see Configuration Baselines.

Devices Up

The number of devices that are currently being monitored and responding to Restorepoint. If you click on the graph, a moving average chart covering the past 24 hours is displayed.

Storage

The amount of disk space used and the total amount of disk space for the Restorepoint appliance.

Devices

The total number of devices configured on the appliance, and the maximum devices allowed on your current licence.

Memory

The amount of RAM currently being used by the Restorepoint appliance and the total amount of RAM available.

Network Activity

The current network activity, as seen by the Restorepoint appliance.

Load Average

The Load Average [https://en.wikipedia.org/wiki/Load_(computing) ] of the Restorepoint appliance, over the last 30s.

 

The following information is displayed in text panes on the Dashboard page:

Appliance Status

The uptime, number of logged in users, High Availability status (if enabled), Agents status (if enabled), and number of running tasks.

Appliance Software

The serial number, version, build number (including a link to the change log for that version), and license expiration date of the Restorepoint installation. This information is also available in the footer.

Latest user activity

Administrator logins/logouts, and other user-initiated operations.

Latest critical events

Any backup failures, bad logins, or other important information.

Latest Configuration Changes

Any devices that have reported modified configurations.

Activity display

Appears on the left-hand side if any background processes are running. It also displays real-time task details and terminating a task details.

Scheduled Tasks

The Schedule page (Information > Schedule) displays upcoming scheduled tasks, including the next backup for each device.

Image of the Restorepoint Schedule page

For each task, the Schedule page displays the following information:

  • Date. Date and time when the next task is due.
  • Event. Name of the scheduled event.
  • Type. Type of task. Possible types are backup, discovery, archive, etc.
  • Object. Device, user, or system configuration object to which the task refers.

Postponing Tasks

You can postpone any scheduled event to remove the next occurrence of a scheduled task. To postpone a scheduled task:

  1. Find the task that you want to postpone and select it's checkbox.
  2. Click the Postpone button.

Pausing Tasks

You can pause a scheduled task so it doesn't run until you unpause the task. To pause a scheduled task:

  1. Find the task that you want to pause and select it's checkbox.
  2. Click the Pause Scheduler button.

Adding Devices to Restorepoint

You can add devices to Restorepoint using the following methods:

The Device page allows you to:

  • Display all the existing backups for a device
  • Compare the configurations of two devices

The Discovery page allows you to:

  • Define the networks you wish to scan
  • Schedule a periodic network scan
  • Import discovered devices into the main device list

Manually Adding a New Device

How you configure a new device may vary slightly from one device to another. Please see device specific information in the Plugin Guide (Help > Plugin Guide).

To create a new device:

  1. Go to the Device Management page (Devices > Device List).

  1. Click the Add button on the top left hand corner of the page. The Add device page appears.
    Complete the following fields:
  • Device Name. Type a name for the device that is up to 64 characters long.
  • Type. Select the device type. You can start typing in the Select Plugin field to filter the list. This list only displays the device types that are currently available on your license. The Fingerprint button can return data regarding header banners, like SSH or FTP, if you enter an IP address in the device Address field.
  • Domain. Select the domain that the device is assigned to. This field is only present if Domain Administration is enabled on your appliance. For more information, see Administration Domains.
  • Agent. If the device is managed via an agent, select the appropriate agent from the dropdown list.
  • Labels. Select and set Labels to be applied to your devices; these help filter and group devices.
  • Address. Type the device IP address. You can click the Resolve button to automatically fill the IP Address field. Restorepoint will keep the IP address up to date with your DNS and manual changes to the IP address will be ignored.
  • Open Terminal. You can click this button to open a web-based virtual terminal to the device that you can use for troubleshooting. If you select Restorepoint Credential, the field uses the credentials you have defined on the Connection tab. Otherwise, you will need to provide your own credentials for logging into the device. For more complex terminal use, ask your account manager about Restorepoint Universal Console.
  • Owner Email. Type the email address(es) of the device administrator(s). By default, this field is filled with the notification email address defined on the System Configuration page.
  • Email on Config Change. Select this checkbox to automatically trigger an email notification to the device owner when a device configuration change is detected. This option is not available for all device types.
  • Email on Start Backup. Select this checkbox to automatically trigger an email notification before a backup starts for this device. This notification creates a 1 minute delay before the backup starts.
  • Email on End Backup. Select this checkbox to automatically trigger an email notification when a backup completes. If this checkbox is not selected, Restorepoint will only send an email notification if the backup fails, or if a configuration change is detected and Email Config Change is selected.
  • Syslog Change Detection. If this field is available on your Restorepoint system, select the checkbox for Restorepoint to automatically detect when a device is modified and automatically retrieve its configuration. Note that this feature is only available for specific devices. For more information, see the Plugin Guide (Help > Plugin Guide).
  • Log Transcript. Select this checkbox to create a full transcript log for this device for debugging purposes. A transcript log is automatically saved if the backup fails, so this is rarely needed.
  • Types. Select the types of configurations to backup for this device.
  • Filename Prefix. Optionally type a custom filename prefix for the device configuration files, and check the relevant fields to include. A preview of the filename will appear in the Preview field.
  • Monitor. Select this checkbox to monitor the device. For more information, see Device Monitoring.
  1. Click the Connection tab and complete the following fields:
  • Protocol. Select the appropriate connection protocol for your device, such as telnet or SSH. The options may vary depending on the device type.
  • Username. Type the administrator account username for the target system.
  • Password. Type the password associated with the administrator account. For some devices you may need to enter more than one password. The field color ranges from red to green to indicate the password strength, according to the policy set in the Password Policies page.
  • Use Restorepoint Credentials?. You can select this checkbox and select a Credential Set instead of entering a username and password. Credential sets are reusable username/password combinations that can be shared among different devices (See Credential sets).
  • Back Connection NAT. Select this checkbox if Restorepoint accesses this device through a NAT router or firewall. This option will only be displayed if the device requires back-connections and if Use NAT is selected in the System page. If a NAT IP Address is configured here, it will override the corresponding Domain (Section Administration Domains) and System (Section Network Address Translation (NAT)) settings.
  • Use SSHv2 PKA. Select this checkbox if you want to use SSH Public Key Authentication instead of password-based authentication when connecting to the device. Click the Show Keys button to display Restorepoint’s public SSH keys.
  • Disable SSH Strict Host Key Checking. Disables the SSH host key validation and logs when the key changed.
  • Clear Cache. If you have replaced a device, Restorepoint may refuse to connect to it because it will detect that the device key has changed and display a connection error. This is a security feature of SSH. In order to override this feature, click the Clear Cache button.
  • Backup Port. If required for your device, enter the backup port you want to use.
  1. Click the Schedule tab to configure the backup schedule for the device and click Add Entry to add one or more backup intervals. You can bulk add or remove schedules if multiple are selected on the Device Management page.

    For each schedule interval, you can override the config types to backup by selecting any of the Config Type checkboxes, or override the default retention policies by unselecting Use Default Policy. You can also override the Failure Policy on this page. For more information, see Backup failures.

  2. Click the Assets tab and enter optional asset management details for the device:
    • Serial. Type the serial number for the device.
    • Firmware. Type the firmware the device has.
    • Asset ID. Type the device ID for the device.
    • Notes. Type any additional notes that you would like to include for the device.
    • Purchase Date. Select the date you or your organization purchased the device.
    • Purchased From. Type the business that you purchased the device from.
    • Manufacturer. Type the manufacturer of the device.
    • Model. Type the device model.
    • History. Type any relevant history related to the device.
    • Owner. Type the device owner.
    • Customer No. Type the customer number.
    • Build Document. Select Upload to upload a build document or Remove to remove a build document.

    Custom fields can be added in the Custom Asset Fields page. For more information, see Asset Fields.

  3. The Additional Info tab, if available, displays additional information retrieved from the device, such as license details, routing table, and network interfaces. You can also display the output of a saved action on this page using the New Info Command dropdown. For more information on creating actions, see Controlling a device.
  4. Click the Compliance tab and assign compliance policies to this device. For more information on compliance policies, see Device Policies.
  5. Click the Notifications & Monitoring tab and enter optional notification details for the device:
    • Owner Emails. Type the email address(es) that you want to receive device notifications.
    • Email on. Select a task that you want to trigger a notification.
    • Log transcript. Select this checkbox if you want the notification to include a transcript of the task.
    • Monitor Device. Select this checkbox if you want to monitor the device.
    • Type. Select how you want to monitor the device, using TCP connection or ping.
    • Email when down. Select this checkbox if you want a notification to trigger when the device is down.
    • Fail after. Type a number or use the scroll to define after how many attempts connecting to a device that a notification should be triggered.
    • Email when up. Select this checkbox if you want a notification to trigger when the device connects after failing.
  6. Click Save Changes to finish creating the new device. The Device page appears and the new device is added.

    Image of the Restorepoint Progress Log page

  7. Once you add the device, you can select the checkbox next to the device and click the Backup button to perform a manual backup, if required. The backup progress and completion will be shown in the Activity Display. If the backup is completed successfully, the indicator next to the device name is green, and the date of the last backup is added to the Device Management page.

Importing Multiple Devices Using a CSV File

If you need to add a large number of devices, you can click the Import button and select a comma-separated values (.CSV) file, that contains the device details.

When you create a comma-separated value (CSV) text file to import, include a line at the top of the file to indicate the columns for the attributes you want to import. Fields can be in any order. For example:

name,plugin,protocol,ip_address,username,password,password2,backup_port,keep_backup,owner,serial_no,asset_id,location,notes

 

The following table lists the column name and its description:

Field Description
domain_name

If there is not a domain_name present and you have permissions to create devices on the global domain, then the device will be saved on a global domain.

If not, Restorepoint will find a domain with the same name and if you have permissions to create devices on that domain, it will be created there.

This field is optional.

name The device name. This field is required.
plugin The device type (e.g. ‘Cisco ASA’ or ‘cisco_asa’).
protocol The connection protocol (e.g. ‘telnet’ or ‘ssh’ ). This field is required.
ip_address The device IP address.
username, password, password2 The login credentials for the device.
backup_port The port to use to connect to the device, if required
keep_backup The backup retention policy (days).
owner, serial, no, asset_id, location, notes Device details and descriptors. These fields are optional.

Device Discovery

The Restorepoint device discovery engine uses a variety of methods to discover hosts on your network that can be imported to the main device list. You can also be notified by email of new devices that are installed on your network.

Device discovery is not guaranteed to discover all the relevant devices on your network. Firewalls or the device configuration itself may negatively affect the discovery process. Similarly, the device type may not always be detected correctly. When you import a device, you are able to override the detected type.

Discovery Setup

To configure discovery:

  1. Go to the Setup tab (Devices > Discovery > Setup).

  2. Type one or more network ranges (in CIDR notation) to scan in the Search Networks field, for example: 10.20.0.0/16 and click Add.

  3. If you do not wish to scan a particular range, for example 10.20.10.0/24, add this to the Ignored Ranges list.

  4. You can optionally add one or more SNMP communities in use on your network: choose the SNMP version, enter a community string, and then click the Add button.

  5. If you want to be notified of a new device, select the Notify of new devices checkbox.

  6. If you want to use the Cisco Discovery protocol (https://en.wikipedia.org/wiki/Cisco_Discovery_Protocol), select the Use CDP checkbox.

  7. If you want to use the Link Layer Discovery protocol (https://en.wikipedia.org/wiki/Link_Layer_Discovery_Protocol), select the Use LLDP checkbox.

  8. Choose a scan schedule.

  9. Click Update.

  10. Click Scan Now to start the scan.

    Image of the Restorepoint Device Discovery page

Discovered Devices

At the end of a discovery scan, a list of discovered devices is displayed is displayed in the Devices tab:

Image of the Restorepoint Discovery page

You must import the newly added devices into the main device list. To manually import your devices:

To automatically import your devices, see Automatic Import.

  1. Go to the Devices tab (Devices > Discovery > Devices).
  2. Once the list of discovered devices is displayed, select the checkbox to the left of one or more devices.
  3. Click Import.
  4. You must then finish the configuration:
  • If you only select one device to import, the New Device page appears which includes automatically populated discovery information. After you review the information and make any required changes, click Save.
  • If you selected multiple devices, the devices will be imported without review. The devices are marked as incomplete and are displayed in red in the devices list. You can then complete the configuration and add authentication details or edit any default parameters and click Save.

Ignored Devices

The Ignored devices screen displays a list of devices that will be ignored in future scans. To remove devices from the ignore list, select the devices then click Un-ignore.

You can review the list of ignored devices and make changes. To remove devices from the Ignored Devices list:

  1. Go to the Ignored tab (Devices > Discovery > Ignored).
  2. Once the list of ignored devices is displayed, select the checkbox to the left of one or more devices.
  3. Click Unignore.
  4. Click Update.

Device Types

The Device Type Override page allows you to force discovery scans to import a device as a certain type based on a hostname pattern. To override a device type:

  1. Go to the Device Types tab (Devices > Discovery > Device Types).
  2. Click Add and enter values in the following fields:
  • For hostname pattern. Enter a hostname value to be assigned the device type.
  • use plugin. Select a device type.
  1. Click Update.

Automatic Import

You can automatically import your devices to the Device page after setting up discovery. To automatically import your devices:

Image of the Restorepoint Device Discovery page

  1. Go to the Auto-import tab (Devices > Discovery > Auto-import).
  2. Select the Use Auto-import checkbox.
  3. Click Update.

Running a Manual Backup

To run a manual backup:

  1. Go to the Device page (Devices > Device List).
  2. Select the checkbox to the left the devices that you want to back up and click Backup.

You can also run a manual backup by clicking the Backup Now button on the Edit Device page (Devices > Device List > Select Device > Edit).

Scheduling an Automatic Backup

You can automatically schedule backups for a large group of devices by spreading the backups over a day, a week, or a month. To automatically schedule backups:

  1. Select the checkbox to the left of the relevant devices on the Devices page (Devices > Device List), and click the Schedule button.
  2. Select the desired time interval, and the daily Start/End time and/or the Start/End day. For example, you can configure the schedule to run backups only at night or during the weekend.

Exporting the Device List

Click the Export button to save the device database in a CSV file.

Editing an Existing Device

To edit an existing device:

  1. Go to the Devices page (Devices > Device List).
  2. Click on the name of the device that you want to edit. The Edit Device page appears
  3. Make any required changes and click the Save changes button.

Editing Multiple Devices

To edit multiple devices:

  1. Go to the Devices page (Devices > Device List).
  2. Select the checkbox to the left of the devices that you want to edit and click Edit. The Edit devices page appears.
  3. Edit your desired fields and click Save Changes.
  4. Fields that have different values between devices display a [Multiple] value.

Deleting an Existing Device

To delete an existing device:

  1. Select the device(s) you want to remove.

  2. Click Edit, and ensure that the Disabled field is set to Yes to prevent accidentally deleting a device you have not disabled.

  3. Click Save.

  4. The devices you want to remove are selected. Click Delete.

Device Monitoring

Restorepoint can monitor devices by periodically checking that the TCP port used for backup (for example, telnet or SSH) is accepting connections, or by sending ICMP Echo Requests (pings) to the device. Monitoring is disabled by default and can be enabled or disabled for each individual device.

Enabling Monitoring

To enable monitoring, open the relevant device Edit screen:

  1. Select the Monitor Device checkbox

  2. Select the Type of monitoring required. Normally, the device’s TCP port used for backup is polled; if the Ping option is selected, the ICMP Echo Request (ping) will be used.

  3. You can select Email when down to send an email notification if the device appears to be down. You can also choose to receive Email when up.

  4. If the device fails to respond after the number of attempts specified in the Fail after box, it is considered “down”.

Displaying Monitoring Information

You can hover over status information to display a Round Trip Time graph between Restorepoint and the device, in 5 minute intervals.

Image of the Restorepoint Devices page

Clicking Uptime will display the monitoring graph for the device.

You can select any other monitored device from the dropdown at the top of the page to display its graphs.

Configuration Templates

Templates are configurations that can be pushed to multiple devices. For example, during a large deployment of similarly configured devices. Each template can contain parameters, which are substituted for entered values for each device. For example, a section may be marked “IP Address”, and the field will be applied when pushed to devices.

Creating and Editing Templates

  1. Navigate to the Template page (Devices > Templates). Click Add, or click on an existing template name.

  2. For new templates, select a device and configuration to base the template on.

  3. After your template has loaded, select the configuration fields that you want to be substituted.

  4. Click Mark Variable to name and store a highlighted value.

  5. Once your template is created, the template values can be renamed or deleted with the relevant buttons.

  6. Click OK. If you don’t provide a name and comment, a name and comment will be automatically generated.
    Image of the Restorepoint Add Template page

Pushing Templates

To push a template to a device, select the template from the Template Management page. Choose one or more devices using the device selector, and click Push.

Image of the Restorepoint Push Template page

If the template has any parameters, you must enter the values for each of the devices selected above:

Image of the Restorepoint Push Template page

Click OK to complete the operation.

Software Management

Restorepoint can be used as a repository for device firmware/software that allows you to upload files like firmware images and ISO images to the appliance. Software images can also be pushed to supported devices.

Image of the Restorepoint Software page

Uploading and Editing Firmware Images

  1. Click Import, or an existing firmware name.

  2. For new firmware, click the Browse button and navigate to the file from your hard drive.

  3. Supply values in the Device Type and Description fields.

  4. Click Save.

Image of the Restorepoint Upload Firmware page

Pushing Firmware

Restorepoint can upgrade the firmware of a supported device using an image stored in the repository. Select a firmware image using the tickboxes, then click Push. Select the device from the menu, then click Push again; Restorepoint will perform the upgrade procedure recommended by the device vendor.

Image of the Restorepoint Push Firmware page

Please check the Plugin Guide (Help > Plugin Guide) for a list of devices that support this function.

Credential Sets

Restorepoint can use predefined Credential Sets to authenticate to a device instead of individual usernames and passwords. Credential Sets are useful if several devices share the same authentication credentials. To create a Credential Set:

  1. Go to the Credential Sets page (Devices > Credential Sets).

  2. Click Add Set, or click on an existing Credential Set name.

  3. Type a name for the set and type your authentication details .

  4. Select a Domain from the pull-down menu to restrict the scope of this set to a particular domain; otherwise choose Global to make this set available to all domains.

  5. Click OK.

Image of the Restorepoint Edit Credentials page

Using Credential Sets

To authenticate to a device using an existing credential set, leave the authentication details empty, check Use Credentials, and then select the correct credential set. Click Save.

Image of the Restorepoint Edit Device page

To view which devices are currently using a selected Credential set, click the name on the Devices > Credential Sets page, and navigate to the Devices tab.

Integrating Restorepoint and CyberArk

You can integrate your CyberArk Vault with Restorepoint to populate credential information. To integrate CyberArk with a predefined Restorepoint device:

  1. Identify the device and credential field that you want populated by the CyberArk Vault.
  2. Go to the Credential Sets page (Devices > Credential Sets).
  3. Click Add Set and supply values in the following fields:
  • Set Name. Type a name for the credential.
  • Username. Type your device username. If you want CyberArk to populate this value, leave this field blank.
  • Password. Type your device password. If you want CyberArk to populate this value, leave this field blank.
  • Password 2. Type your second device password. If you want CyberArk to populate this value, leave this field blank.
  • Add Custom Fields. Click the Add Custom Fields button and type the name of the field that you want to query from CyberArk so that CyberArk can populate the corresponding value in Restorepoint.
  1. Click Save.
  2. Go to the System Settings page (Administration > System Settings) and select the Security tab.
  3. In the Credential Providers pane, click Add, and supply values in the following fields:
  • Name. Type a name for the credential provider.
  • URL. Enter the URL for your CyberArk Vault, specifically the GetPassword Web Service endpoint of the Central Credential Provider (CCP). You should not include any query parameters here, but add them to the Query Mappings section below.
  • Application ID. Type the application ID that identifies Restorepoint application to your CyberArk vault.
  • Request Timeout (sec). Type a value, in seconds, after which Restorepoint will stop trying to communicate with CyberArk. Default value is 10 seconds.
  • RootCA Certificate. Upload the PEM-encoded X.509 Root CA certificate required for secure TLS communication with CyberArk.
  • Client Certificate. Upload the PEM-encoded X.509 client certificate required for secure TLS communication with CyberArk.
  • Client Key. Upload the PEM-encoded client private key required for secure TLS communication with CyberArk.

Query Mappings

Click Add query mapping and supply values in the following fields:

  • Credential. Select the credential that you created in steps 2-4 of this section.
  • Field. Select the field that you want CyberArk to populate.
  • Query. Type the query to retrieve field data from CyberArk. This is a required parameter to retrieve a secret value from the vault in conjunction with the Application ID.
    •  Query. The query is a string with the following format:
    • 'Property=Value;Property=Value;...Propery=Value'
    • where Property is one of the properties of the CyberArk account where the credentials are stored. Different types of accounts contain different properties, but most contain UserName and Address.
    • For a successful query, you must include enough properties to return exactly one account, otherwise you will receive an error. For example:
    • 'safe=test;Database=hr;UserName=sa;Address=dbserver1.cyberark.local'
  1. Click Save.
  2. Go to the Devices page (Devices > Device List).
  3. Select the checkbox to the left of your device and click Edit.
  4. Go to the Connection tab.
  5. Select the Use Restorepoint Credentials? checkbox and select the credential that you created in steps 2-4 of this section from the drop-down.
  6. Click Save changes.

If the field does not populate in the user interface, you can click Backup Now when editing the device to view the device logs and the value that was populated from CyberArk.

Asset Fields

In addition to the built-in Asset Management fields, you can also define custom fields. To do this, navigate to the Assets Fields page (Devices > Asset Fields). Custom fields can be of type Date, Text (single-line), Textarea (multiple-line), and File.

Once defined, date fields can be set to give an Expiry Notification:

  • 60 days before
  • 30 days before
  • When Reached

If set, an email is automatically sent to the device’s owner on the specified expiration date. Expiry date is also used in reports.

Image of the Restorepoint Custom Fields page

Any custom fields defined in this page become immediately available in the Assets page of all devices managed by Restorepoint.

Global Search

Restorepoint can search the full text of configuration backups for a keyword from the Global Search page (Devices > Global Search).

Enter your search term in the Search for box, select the devices you would like to search, and click Go. To avoid excessive results, you can choose to Limit the search to a given timeframe.

If the keyword (or keywords, if more than one is entered) are found in a device configuration, it will be listed in the right-hand panel. If you click the name of the device configuration, the device configuration page will open.

Global searches are case-insensitive and do not support wildcards.

Viewing the List of Configurations for a Device

You can access the list of configurations for a device from the Device Management page by clicking the last backup column of the corresponding device, or by clicking the Configurations tab when you edit the device.

A configuration may contain more than one file. For example, a Cisco IOS device has a start-up and a running configuration; you can choose which configurations should be backed up in the Device Details page.

Image of the Restorepoint Configurations page

If a device supports firmware identification, Restorepoint will display the firmware version detected at the time of backup, next to each configuration. A sample list is shown below:

Restorepoint keeps track of configuration changes by assigning a version ID to each unique configuration retrieved from a device. Identical configurations are not stored multiple times.

View

There are three available views:
  1. Default View: A list of all the configurations retrieved from the device.

  2. Group by: This view groups the configurations by File, Size, Firmware version, Initiator, or configuration version.

  3. Version Changes: This view does not display consecutive entries with the same version ID, and therefore highlights configuration changes.

Baseline version

The checkmark shows the baseline version of a configuration. To set a baseline version, select the checkmark. The checkmark will become solid. Restoring a non-baseline configuration version to a device with a baseline configuration version will cause a compliance alert. For more information, see Configuration Baselines.

Retaining a version

You may want to retain a configuration indefinitely (a milestone configuration), that overrides your configured retention policy. For example, a backup taken just before a device upgrade. To retain a configuration, click the padlock icon next to the file name; the padlock will become solid. To undo this action, click the padlock icon again.

Adding comments

You can add a comment to a configuration by clicking the gray note icon next to the relevant configuration. Enter your comment in the pop-up dialog box and click OK; the icon will change color . To remove a comment, click the icon , delete the text, and click OK.

The above options apply to a configuration version, rather than an individual backup.

Compare configurations

The Compare option is only available for the devices with text file or a tar/tgz archive of text files configurations. To compare two configurations, select two items using the checkbox to the left of the item, and click Compare. If the configurations are archives, Restorepoint will expand the archives and compare the individual files. Restorepoint will display the chosen configuration files side by side and highlight the differences; inserted lines will be displayed in blue and changed lines will be displayed in red. When Only differences is selected, Restorepoint will not display lines which are identical in both files, except those preceding or following a change.

Note: Some devices embed a timestamp or fingerprint in the configuration every time a backup is performed. Wherever possible, Restorepoint ignores lines that only differ by such fingerprints when comparing configurations, so that only relevant changes are displayed.

Delete a configuration

Select a configuration using the checkbox and click Delete. This operation is usually only required to delete a milestone configuration (one you have chosen to retain indefinitely), because old configurations are automatically removed according to the retention policy.

Restore a configuration

To restore a configuration, select a configuration using the checkbox and click Restore. Additional options may be displayed, for instance which configuration type should be restored, or whether the device should be reset to complete the operation.

Upload Backup

This option allows you to upload a new device configuration file to Restorepoint from your PC.

Export Backup

You can export a device configuration from Restorepoint through your browser, email, make it available for FTP/TFTP/SFTP collection by a device, or export it to one of your pre-configured file servers.


Comparing Device Configurations

Restorepoint allows you to compare Device Configurations and sift through whole files to analyze any changes between them. You can use the compare function located on either the Device Management page (Devices > Device List) or Configurations tab on the Edit device page. You can also select Show ignored changesin the Compare Devices window to view any changes that Restorepoint deems "not actual changes".

Examples of "not actual changes" that can be ignored include:

  • Run-time variables (e.g. Cisco IOS ntp clock-period value)

  • Salted hashes (e.g. hashed passwords, certificates, keys)

  • Log files

You can now set Restorepoint to specifically ignore phrasing/words (like matching a regex), entire text-blocks (given the start/stop delimiters), and entire files (within tar/tgz/zip/xz config files).

To compare device configurations from the Devices page (Devices > Device List) or Configurations tab on the Edit device page:

  1. Select the checkboxes next to the two devices/configurations you want to compare.

  2. Click Compare. The Compare Devices window or Compare Configurations window appears.

  3. You can view configuration changes between the selected files in this window. To help refine your viewing, you can select the Show ignored changes checkbox to view any "non-actual changes" and/or view the entire files by selecting Show whole file checkbox to review entire files.

    There are multiple parameters regarding specific config diff limits when you are comparing configs:

    • 1000 lines is a cutoff for HTML diff before only changes are forced to be shown.
    • 2000 lines is a cutoff for HTML diff when the diff gets truncated (for rpcmd diff, it is 5000).
    • 2 million lines is a max number of lines for any of the two files before the diff is considered too large to be displayed.

    It is important to note that both 1000 lines and 2000 lines refer to the number of lines in the diff, not the configs themselves."Diff" in this context refers to the whole set of lines to be displayed including unchanged lines, added lines, and deleted lines.

    For example, if the produced diff has more than 1000 lines, it will be forced to show changes only.

    Another example is if the diff has more than 2000 lines, it will be truncated and only the first 2000 lines of the diff will be used for generating the HTML output. The remainder or its changes will not be shown in the user interface. A message alerting you that the output was truncated will display at the bottom of the modal.


An Email Alert of your compare results is also sent when finished comparing configurations and/or devices.

Backup File Operations

If a device configuration is a plain text file or a tar/tgz archive of text files, you can view the configuration contents by clicking the relevant tab or file name in the configuration page. If the configuration is an archive of text files, Restorepoint will attempt to unpack the archive and display each individual file. If the configuration is a binary file, or if the file is too large, Restorepoint will not display the contents.

From this page, you can copy this file to your local machine by clicking the Export button. After you export the file, you can use a text editor to edit the backup file, and then upload it back to Restorepoint using the Upload Backup button on the Configurations tab. You can push the edited configuration file to the device by clicking the Restore button.

Backup Failures

By default, after a device fails to back up, Restorepoint will retry the operation every hour until it succeeds, and it will send an error notification by email on every failed attempt. This behaviour can be modified by changing the Failure Policy, configured in the device Schedule tab:

  • From the Retry pull-down, choose how many times to retry a failed backup. Backups are attempted every hour.

  • Next, choose whether to revert to the set schedule or disable further backups when the last allowed failure occurs.

  • Finally, choose when to be notified of a failure.

Restoring to an Existing Device

To restore a device:

  1. Select Devices from the menu. Restorepoint displays the Device Management page.

  2. Click the entry in the Last Backup column next to the device you want to restore. Restorepoint displays all the available configurations.

  3. Select a configuration by selecting its checkbox and click Restore. Restorepoint prompts you to confirm the restore operation. Depending on the device type, you may be prompted for additional options.

  4. Image of the Restorepoint Restore Backup page

  1. If the restore operation fails, you will see an activity in the activity display. You can click on the magnifying glass icon next to the progress bar to show a real-time progress log, which will aid in determining the cause of the failure. There is also a Transcript in the Logs tab for failed backups, which contains the details of the conversation with the device.

  2. Image of the Restorepoint Tasks page

Restoring to a New Device

When a device is replaced, for instance due to failure, the following conditions must be met:

  • The new device must run the same software version as the original.

  • The new device must be configured with the same IP address and authentication details as the old device. Alternatively, you can temporarily change the IP addresses or credentials stored on Restorepoint to match those of the new device.

  • If Restorepoint connects to the device using SSH, you may to need clear the SSH cache in Restorepoint in the Connection tab of Device Management.

Cloning

The Clone button restores a configuration to a device that is different than the original, which produces a duplicate of the original device. This operation should be used with caution, as it may produce a duplicate IP address on your network.