cancel
Showing results for 
Search instead for 
Did you mean: 
epo909
Level 9

Restoring MVM database on a new architecture

Hi all.

I need to move/export the following items for the new MVM architecture:

- asset list and historical data;

- remediation data;

- scan templates (we have a couple of them);

- scan configurations (although the associated engine will no longer exist in the new architecture...)

- scan results;

- scan credentials;

- users and groups;

The new architecture is distributed with a totally new naming scheme and ip addressing.

Since the MVM version is the same by the time of the move, my guess is that this can by accomplished by using a script to copy the table data from the older to the new architecture.

How can I acomplish this?

Thanks in advance.

RD

0 Kudos
14 Replies
jhaynes
Level 12

Re: Restoring MVM database on a new architecture

Hi RD,

I might be misunderstanding what are you asking so please correct me if I'm wrong. When you say "The new architecture is distributed with a totally new naming scheme and ip addressing." are talking about taking the MVM components from and all in one and putting them on separate machines or are you tying to setup a SQL Cluster, which isn't supported?

Jeff Haynes

Message was edited by: Jeffrey Haynes on 2/16/10 10:28:55 AM CST
0 Kudos
epo909
Level 9

Re: Restoring MVM database on a new architecture

Hello Jeffrey.

No, this not a cluster architecture.

All I want to do is move my data, including historical, from the old MVM DB to the new MVM DB.

In other words my current MVM, which is an All-in-one (FS1000), will be replaced by a three tier architecture.

I need to migrate as much data as possible to the new solution.

The items that I need to migrate are described in my first post.

Thanks,

RD

0 Kudos
jhaynes
Level 12

Re: Restoring MVM database on a new architecture

Hi RD,

Ok I understand what you are trying to do now.  Now I need to understand why you are trying to do it this way. Normally the Database would just be backed up, copied to the new location and then restored. The way you are attempting to do this would be very difficult, time consuming and probably not supported.

If you would like help relocating your database to a new location I'm sure we can assist you with that.

Jeff Haynes

0 Kudos
epo909
Level 9

Re: Restoring MVM database on a new architecture

If I backup and restore the entire database wouldn't I have problems with components that are no longer on the those IPs? For instance the ID on my new scan engine would be diferent...

I don't want to have a DB full of configurations from an older architecture. I just want to move the asset and scan data.

Thanks,

RD

0 Kudos
jhaynes
Level 12

Re: Restoring MVM database on a new architecture

No you would not have issues with those components. In fact its better if you keep the setting as they exist in the database. I'll give you an example using your example.

"For instance the ID on my new scan engine would be different".

Each scan engine has a GUID that makes it unique in the MVM environment. This number is stored in the scan engine registry and each time your scan engine checks into the database it finds that GUID in the engines table and then updates its info including its IP Address. Each scan config is tied to a scan engine by its GUID. The verification option in tickets is tied to the scan engine that originally discovered the vulnerability.

Even if you decided to reimage all of your scan engines its still better to just back up and restore the database. You would end up with a view extra entries in the engines table that could be cleaned up later but that would be much better than the option that you are thinking about.


Jeff Haynes

0 Kudos
epo909
Level 9

Re: Restoring MVM database on a new architecture

Hello Jeffrey.

Thanks for your input.

I will test the procedure. I will backup the DB and restore on a lab environment (three tier) to validate if the process goes smooth as expected.

I will post the results by the end of the week.

Regards,

RD

0 Kudos
rsharris3
Level 7

Re: Restoring MVM database on a new architecture

How does moving the database to a new server affect registered scan engines with the original server?

Meaning, if there are scan engines registered and working with server1, then the database is moved to server2, how do the engines now know to communicate with a different server with a different IP address?

I have been tasked to investigate options for recovering / maintaining a standby environment (at a different geographical location) so that if the primary site becomes a smoking hole, how can we continue scanning using a secondary site.

Thanks for any insight into this.

Sean

0 Kudos
jhaynes
Level 12

Re: Restoring MVM database on a new architecture

MVM components get their database information from the FCServer. If you move the database to a different location you would just need to do this.

  1. Open up the FCM Console.
  2. Go to Tools>Preferences and select the Database tab.
  3. Change the Foundstone Database Address section and click apply.

The new database information will be pushed out to all components that contact the database.

There are several other components other than the DB that are also crucial:

  • API Server
  • Enterprise Manager
  • FCServer

Less crucial but also important for a properly functioning environment are:

  • Report Server
  • Data Synchronization Service
  • Notification Service

Jeff Haynes

rsharris3 wrote:

How does moving the database to a new server affect registered scan engines with the original server?

Meaning, if there are scan engines registered and working with server1, then the database is moved to server2, how do the engines now know to communicate with a different server with a different IP address?

I have been tasked to investigate options for recovering / maintaining a standby environment (at a different geographical location) so that if the primary site becomes a smoking hole, how can we continue scanning using a secondary site.

Thanks for any insight into this.

Sean

0 Kudos
andy5446
Level 7

Re: Restoring MVM database on a new architecture

Hi Sean,

Did you get a reply (answer) on the question of the connectivity of scan engines when a database has been moved, in testing I am seeing the Scan engines report into the FCM o.k. after changing the agent on the scan engines, but with the Enterprise Manager under Manage, Scan Engines - Engines are offline.

Andy

0 Kudos