Appliance Administration

Download this manual as a PDF file

The System Settings page allows you to configure appliance-related settings, such as networking parameters and date/time settings.

System Settings

To access the System Settings page, expand the Administration menu and select System Settings.

Network Settings

On the Network tab (Administration > System Settings), you can configure your interfaces, network access, IP configuration, manage bandwidth, and configure additonal IPv4 and IPv6 static routes.

Network Interfaces

Use the drop-down menu to override the default auto-detect setting of the Ethernet interface(s).

Primary / Secondary Interface

Use the Network tab (Administration > System Settings > Network) to set or update the network address for Restorepoint. The initial settings are entered when you first set up your appliance. Select your Interface first and then supply values in the following fields. Click Save when all updates have been made.

  • Use DHCP. Select this checkbox if you use DHCP for your interface and the other options will be disabled.
  • IP Address. Complete the specific address fields for your IPv4 and/or IPv6 Settings.
  • Subnet Mask. Enter the subnet mask associated with the IP address.
  • Speed/Duplex. Select the link speed and duplex from the drop-down list.
  • Auto Negotiation. Check whether or not you'd want to include Auto Negotiation for your interface.
  • Mode. Select your Mode type from the drop-down list.

IP Configuration

To configure your IP, complete the following fields:

  • DNS Server. The DNS server address for your network. The DNS server must be able to resolve public names (for example, support.restorepoint.com), otherwise the appliance cannot retrieve software updates and license details. This option is for IPv4 addresses only.
  • DNS Sever 2. (Optional) A second DNS server. This option is for IPv4 address only.
  • DNS Sever 3. (Optional) A third DNS server. This option is for IPv6 address only.
  • Gateway. The default gateway for your network. You can Ping these servers to check connectivity.
  • Domain Name. The default domain name.

Network Access

Restorepoint needs Internet access (HTTP/HTTPS) to retrieve software and plugin updates. If a proxy is required for Internet access, select Use Proxy, and supply the following information:

  • IP address of the proxy server.
  • Proxy port.
  • Username/password, if your proxy requires authentication. Otherwise, leave this field empty.Use the Test Proxy button to verify that the configuration is correct.

Network Address Translation (NAT)

Restorepoint may use back-connections (typically TFTP or FTP) to backup certain devices. If Restorepoint is accessing a device using back connections through a NAT router or firewall, back-connections will fail because the device will attempt to connect to the original, untranslated IP address. To avoid this problem:

  • On your firewall, create a 1:1 NAT mapping (often referred to as Static NAT or Mapped IP) to translate the Restorepoint IP address to a public/routable IP address.
  • Enter the public IP address for Restorepoint in the NAT Address box. The system-wide NAT IP address defined here can be overridden in the Domain settings, or in each individual device’s settings.

The Back-connection NAT option needs to be selected in any device that is accessed by Restorepoint through NAT. For more information, see Manually Adding a New Device.

Restorepoint supports multiple NAT addresses. The NAT IP address defined in this page can be overridden by the Domain or Device NAT IP setting.

Additional IPv4 and/or IPv6 Static Routes

If the devices that you want to add to Restorepoint are located on different networks, you may need to define additional IPv4 or IPv6 static routes.

To define a static route:

  1. IP Address / Mask length: Enter the network address/netmask (in CIDR notation).
  2. Via IP address: Enter the destination gateway IP address.
  3. Click Add.
  4. Click Save.

To remove a static route:

  1. Click Delete next to the static route you want to remove.
  2. Click Save.

Bandwidth Management

You may limit the amount of network bandwidth Restorepoint uses by selecting Throttle SCP/SFTP and specifying a speed (in kbps).

Appliance Operations

You can manage your appliance operations on the Appliance tab (Administration > System Settings). Complete your desired platform, software updates, branding and date/time operations and click Save.

Platform

To configure your platform, enable the following buttons and/or complete the following fields:

  • Restart Software. Restarts the Restorepoint domain. May leave the system in an unstable state, use when directed by Restorepoint support.
  • Abort All Tasks. Aborts all currently-running tasks. May leave network devices in an unstable state.
  • Reboot. Enables you to reboot your Restorepoint appliance. However, try to Restart software first.
  • Shutdown. Enables you to shutdown and power off your Restorepoint appliance. This is the safest way to shut down your Restorepoint appliance. Wherever possible, avoid using the front panel buttons to reset or shutdown Restorepoint.
  • Remote Support. Click Start to enable Technical Support to securely connect to your Restorepoint appliance for troubleshooting. To stop the remote support tunnel, click the Stop button on this page, or click the running task in the Activity Display, and click Stop Remote Support to terminate the secure connection.

    • Note: This feature requires that your firewall allows SSH connections (TCP port 22) from Restorepoint to jmp1.restorepoint.com and jmp2.restorepoint.com. For notes on firewall configuration, see Firewall Requirementsfor notes on firewall configuration.

  • Open Console. Generates an appliance debug file that may help Technical Support diagnose your issue. Click Start to start the debug, retrace your steps, and then click Stop Debug. A link to download the debug log will appear next to this button.
  • Debug. Generates an appliance debug file that may help Technical Support diagnose your issue. Click Start to start the debug, retrace your steps, and then click Stop Debug. A link to download the debug log will appear next to this button.
  • After Power On. Defines what Restorepoint should do when returning from a power-off state. If Restorepoint should Run Due Backups, and treat any missed backups as Overdue, or Recalculate Schedules and just return to the normal backup schedule.

Branding

Restorepoint can display your logo in the top left-hand side corner, instead of the default one. Click Change and then Browse to locate a suitable image file on your PC. For best results, the logo should be exactly 30 pixels tall and up to 150 pixels wide, and no more than 40KB in size. Click Revert to return the logo to the default Restorepoint logo.

You can customize the user interface for Domain users in the Domains page. For more information, see Managing Domains.

Software Updates

You can view the following software details in this section:

  • The current Restorepoint version.
  • The appliance's connection to the Internet. This option allows you to Force Check the connection, or when the checkbox is checked, perform a Manual Upgrade of the version.
  • The option to Disable Automatic Version Upgrades.
  • The option to Disable Automatic Minor Updates.

For more information, see System Updates.

Date and Time

Use the selectors to set the date, time, and world time zone on the appliance. You can also enable the Network Time Protocol (NTP) and enter up to two NTP servers, such as pool.ntp.org.

Image of the Restorepoint Date / Time page

System Archive

On the System Archive tab (Administration > System Settings) you can configure your schedule, set the primary and secondary server archiving, and set the operations archive.

Image of the Restorepoint Archive page

You can prepare for disaster recovery scenarios by archiving the Restorepoint configuration from the Administration > System Settings > Archive tab. Archiving the Restorepoint configuration allows you to back up the Restorepoint appliance automatically to up to two remote servers, including all device configurations stored on Restorepoint.

Taking an Archive

You can define the following settings for archiving:

  • For Primary and Secondary Archive servers, you can use a pre-defined server, or select [New Server] to enter the details for a server that you have not defined. For details on how to define a file server, See File Storage.
  • For each Archive Server, you can define the following:
    • Retain. Enter the maximum number of archives to keep on the remote server. You reach this number, older archives will be removed.
    • Type. Define what each archive should contain. A Full Archive is a complete disaster-recovery backup. You can also choose to only save the most recent 1 to 5 configurations for each device, or only the Restorepoint database (only Restorepoint settings, no configuration backups).

Then , you have the options to:

  • Click Save.
  • Click Archive Now to start a manual archive operation.

Restoring from an Archive

Restoring from an archive allows you to quickly recover from a failure. For example, when installing a replacement appliance after a hardware problem. To restore the appliance from an archive:

  1. Click the Restore Archive button on the System Archive page to display the list of available archives.
  2. Select the archive to be restored.
  3. Click Restore.

You will need the password and encryption password for the admin account in order to complete the operation.

Image of the Restorepoint Restore Archive page

Workstation DB Archives

You can also a database-only export/import to a workstation instead of a fileserver. While not suitable for most disaster recovery scenarios, it allows for a quick migration of your Restorepoint settings from one appliance to another. You can use the Export/Import DB Archive buttons to save the Restorepoint database through your browser and reimport a previously saved database.

Log Settings and Alerts

You can use the log settings and alerts section to define your default log retention policy and the email address for system error notifications.

Navigate to the Logs/Alerts tab (Administration > System Settings) and supply values in the given fields. Then, click Save when finished.

Log/Alerts settings .

  • Delete logs after. Enter a maximum age for events. Events older than this value are permanently deleted from the system. The default value is one month.
  • Send Syslogs. Select this checkbox to forward all log messages to an external syslog server. Log entries will still be available by clicking on Info > Logs or Info > Syslogs. If you use a syslog server, you will need to enter it’s IP address and choose the syslog facility. If you want to use the Restorepoint hostname as the syslog message source, add the hostname to Syslog Source Hostname. Note that the facility setting only applies to forwarded Restorepoint logs, not forwarded operating system events.
  • Syslog Version. Choose the syslog version from the drop-down menu.
  • Syslog Source Hostname. Type in the hostname for your Syslog source.
  • Protocol. Chose the protocol from the drop-down menu.
  • Primary Server.
    • Host. Type the Host name or IP address for your primary server. You can also click Ping to verify communication.
    • Port. Type the port you primary server will use. For more information, see Firewall Requirements.
  • Secondary Server.
    • Host. Type the Host name or IP address for your primary server. You can also click Ping to verify communication.
    • Port. Type the port you secondary server will use. For more information, see Firewall Requirements.
    • Facility. Select the facility for your server from the drop-down menu.
  • Use SNMP Traps. Select this checkbox to forward log messages as SNMP traps to a Network Management Server (NMS). You will need to enter the NMS IP Address, the SNMP Version, and the community string.
  • Enable Email Alerts. Select this checkbox to receive emails if an alert is triggered.

SNMP

If your network has a Network Management System, you can use SNMP to perform some basic monitoring of your Restorepointappliance. Restorepoint supports SNMP v1, v2c, and v3. To configure SNMP:

  1. Navigate to the SNMP page (Administration > System Settings > SNMP).
  2. Supply values in the following fields:
  • Select which SNMP versions should be enabled by selecting the relevant checkbox.
  • If you enable SNMP v1 or v2c, you must enter a Community String in the appropriate field.
  • If you enable SNMP v3, you must define a username. Depending on the SNMP v3 security level, you may need to enter additional integrity/encryption passwords and integrity/encryption algorithms.

Click Save.

Image of the Restorepoint System Settings page

SNMP settings (Administration> System Settings>SNMP) may need to be reset/updated after upgrading to 5.6.

Security

The Security tab (Administration > System Settings) allows you to configure various global settings to mandate a higher level of network security for the Restorepoint appliance.

Applying some of these settings may cause compatibility problems with legacy devices and clients.

Protocol Versions

The Protocol tab allows you to specify the minimum version of TLS that the Restorepoint UI can use and can communicate with devices. You can also prevent Restorepoint from falling back to SSHv1, if TLS is unavailable.

Services

You may wish to disable some functionality of Restorepoint for reasons such as PCI Compliance.

HTTPS Certificate

Click Change to modify the HTTPS certificate used by Restorepoint. The following dialog appears:

Image of the Restorepoint Update Certificate page

The Type drop-down will show you the different options available:

  • Self-Signed. Generates a self-signed HTTPS certificate with the current keypair.
  • New Key. Allows you to generate a new private/public keypair of the given length.
  • Create CSR. Allows you to generate a Certificate Signing Request, which your Certificate Authority (CA) will need to produce a signed certificate.
  • Upload Certificate. Once you have a signed certificate from the CA, you can upload it here.
  • Upload All. Alternatively, if you have a key/certificate pair already from your CA, you can upload both of them here.

Timeouts

To set the timeout values, complete the following fields:

  • UI Timeout. How long a user may stay logged-in to the Restorepoint user interface without making a change or initiating an action. Default value is 60 minutes.
  • Console Timeout. How long to keep a session for the VM Console open without an action. The default value is 15 minutes.
  • Max login attempts. Allows you to automatically set users' maximum login attempts per minute. Default value is 0 minutes. For more information, see Managing Users.

Admin Allowed Networks

This tab allows you to set a range of IPs (in CIDR format) that administrator accounts can connect from. For a per-user setting, see the section on Managing Users.

Additional SSH Settings

The additional SSH Settings all you to configure your system settings further.

  • Additional SSH Server Port. Enables users to define another SSH host port the appliance should listen to for incoming SSH connections. This allows the agent to establish the initial SSH connection to the appliance. Defining the value changes the sshd_config to listen on that port in addition to port 22 and adapts the firewall rule accordingly.
  • Disable SSH Strict Host Key Checking. Disables the SSH host key validation for all devices and logs when the key changed.

High Availability

High Availability (HA) provides a way to minimize the effects of hardware failure, by configuring two Restorepoint appliances in a cluster.

Under normal operating conditions, the primary cluster member is active and the secondary is in standby mode; the active appliance performs all network operations, and replicates all settings and device configurations to the standby appliance. Restorepoint replicates data both incrementally (for example, just after a backup is retrieved from a device) and by performing full synchronizations on a regular basis.

If the primary member becomes unavailable because of a hardware failure, other network problem, or from losing power, the secondary member will automatically become Active, and carry on as normal. If the primary recovers, it will automatically take over from the secondary and become active.

HA does not require the appliance to be installed on the same network, as long as the traffic requirements are met (see below).

Software updates and upgrades are managed at the cluster level; updating the active appliance will automatically update the standby appliance.

HA Requirements

  • HA is a separately licensed feature.
  • Only appliances of the same model can be clustered and appliances must be running the same software version.
  • Cluster members must be able to communicate over HTTPS to exchange heartbeat information and data synchronization. TCP/443 traffic should be permitted bidirectionally between the appliances.

Creating a Cluster

To create a cluster, on the Primary Restorepoint appliance:

  1. Click Create Cluster.
  2. Type a password to be used between appliances in the cluster.
  3. Click Save.

On the secondary Restorepoint appliance:

  1. Click Join Cluster.
  2. Enter the same password you entered on the Primary appliance.
  3. Enter the IP Address of the Primary appliance.
  4. Click Save. The cluster will perform the initial full sync.

After the cluster is created, this screen can be used to monitor the status of the cluster or to leave the cluster.

  • Role displays which position the appliance takes in the cluster (Primary or Secondary).
  • The Member Status displays if the current appliance is Active or Standby.
  • The Cluster Status displays the status of the Secondary appliance on the Primary or the amount of time between heartbeat synchronizations on the Secondary.

You can use the Leave Cluster button to break the cluster. When you click Leave Cluster, all synchronization will stop, the two appliances will keep the existing configuration, and the appliances will carry on independently.

Device Defaults

This tab allows you set the device defaults for your system. Complete the following fields for your device's default settings:

  • Retention Policy. First, select what versions to keep. Then, choose when to Always delete after (in days/weeks/months) and Never delete before (in days/weeks/months).
  • Config Filename. Enter your Filename Prefix, what to include (Device ID or Device Name), and see your selection's Preview.
  • Email Alerts. Choose whether or not you'd like an email to be sent when there is a Config Change, Backup Start, and/or Backup End.
  • Monitoring. Choose your monitor device settings. These include your Type, Email when down, and Email when up.
  • Failure Policy. Set when your failure policy should Retry, alert (Always, First Failure, or Never), and/or when to Retry after (in minutes).

Click Save when finished.