1 2 Previous Next 14 Replies Latest reply on Jul 22, 2010 5:59 AM by epo909

    Restoring MVM database on a new architecture

    epo909

      Hi all.

       

      I need to move/export the following items for the new MVM architecture:

      - asset list and historical data;

      - remediation data;

      - scan templates (we have a couple of them);

      - scan configurations (although the associated engine will no longer exist in the new architecture...)

      - scan results;

      - scan credentials;

      - users and groups;

       

      The new architecture is distributed with a totally new naming scheme and ip addressing.

       

      Since the MVM version is the same by the time of the move, my guess is that this can by accomplished by using a script to copy the table data from the older to the new architecture.

       

      How can I acomplish this?

       

      Thanks in advance.

      RD

        • 1. Re: Restoring MVM database on a new architecture
          jhaynes

          Hi RD,

          I might be misunderstanding what are you asking so please correct me if I'm wrong. When you say "The new architecture is distributed with a totally new naming scheme and ip addressing." are talking about taking the MVM components from and all in one and putting them on separate machines or are you tying to setup a SQL Cluster, which isn't supported?

           

          Jeff Haynes

           

           

          Message was edited by: Jeffrey Haynes on 2/16/10 10:28:55 AM CST
          • 2. Re: Restoring MVM database on a new architecture
            epo909

            Hello Jeffrey.

             

            No, this not a cluster architecture.

             

            All I want to do is move my data, including historical, from the old MVM DB to the new MVM DB.

             

            In other words my current MVM, which is an All-in-one (FS1000), will be replaced by a three tier architecture.

            I need to migrate as much data as possible to the new solution.

             

            The items that I need to migrate are described in my first post.

             

            Thanks,

            RD

            • 3. Re: Restoring MVM database on a new architecture
              jhaynes

              Hi RD,

              Ok I understand what you are trying to do now.  Now I need to understand why you are trying to do it this way. Normally the Database would just be backed up, copied to the new location and then restored. The way you are attempting to do this would be very difficult, time consuming and probably not supported.

               

              If you would like help relocating your database to a new location I'm sure we can assist you with that.

               

              Jeff Haynes

              • 4. Re: Restoring MVM database on a new architecture
                epo909

                If I backup and restore the entire database wouldn't I have problems with components that are no longer on the those IPs? For instance the ID on my new scan engine would be diferent...

                I don't want to have a DB full of configurations from an older architecture. I just want to move the asset and scan data.

                 

                Thanks,

                RD

                • 5. Re: Restoring MVM database on a new architecture
                  jhaynes

                  No you would not have issues with those components. In fact its better if you keep the setting as they exist in the database. I'll give you an example using your example.

                   

                  "For instance the ID on my new scan engine would be different".

                   

                  Each scan engine has a GUID that makes it unique in the MVM environment. This number is stored in the scan engine registry and each time your scan engine checks into the database it finds that GUID in the engines table and then updates its info including its IP Address. Each scan config is tied to a scan engine by its GUID. The verification option in tickets is tied to the scan engine that originally discovered the vulnerability.

                   

                  Even if you decided to reimage all of your scan engines its still better to just back up and restore the database. You would end up with a view extra entries in the engines table that could be cleaned up later but that would be much better than the option that you are thinking about.

                   


                  Jeff Haynes

                  • 6. Re: Restoring MVM database on a new architecture
                    epo909

                    Hello Jeffrey.

                     

                    Thanks for your input.

                     

                    I will test the procedure. I will backup the DB and restore on a lab environment (three tier) to validate if the process goes smooth as expected.

                     

                    I will post the results by the end of the week.

                     

                    Regards,

                    RD

                    • 7. Re: Restoring MVM database on a new architecture

                      How does moving the database to a new server affect registered scan engines with the original server?

                       

                      Meaning, if there are scan engines registered and working with server1, then the database is moved to server2, how do the engines now know to communicate with a different server with a different IP address?

                       

                      I have been tasked to investigate options for recovering / maintaining a standby environment (at a different geographical location) so that if the primary site becomes a smoking hole, how can we continue scanning using a secondary site.

                       

                      Thanks for any insight into this.

                       

                      Sean

                      • 8. Re: Restoring MVM database on a new architecture
                        jhaynes

                        MVM components get their database information from the FCServer. If you move the database to a different location you would just need to do this.

                         

                        1. Open up the FCM Console.
                        2. Go to Tools>Preferences and select the Database tab.
                        3. Change the Foundstone Database Address section and click apply.

                         

                        The new database information will be pushed out to all components that contact the database.

                         

                        There are several other components other than the DB that are also crucial:

                        • API Server
                        • Enterprise Manager
                        • FCServer

                         

                        Less crucial but also important for a properly functioning environment are:

                        • Report Server
                        • Data Synchronization Service
                        • Notification Service

                         

                        Jeff Haynes

                         

                        rsharris3 wrote:

                         

                        How does moving the database to a new server affect registered scan engines with the original server?

                         

                        Meaning, if there are scan engines registered and working with server1, then the database is moved to server2, how do the engines now know to communicate with a different server with a different IP address?

                         

                        I have been tasked to investigate options for recovering / maintaining a standby environment (at a different geographical location) so that if the primary site becomes a smoking hole, how can we continue scanning using a secondary site.

                         

                        Thanks for any insight into this.

                         

                        Sean

                        • 9. Re: Restoring MVM database on a new architecture

                          Hi Sean,

                           

                          Did you get a reply (answer) on the question of the connectivity of scan engines when a database has been moved, in testing I am seeing the Scan engines report into the FCM o.k. after changing the agent on the scan engines, but with the Enterprise Manager under Manage, Scan Engines - Engines are offline.

                           

                          Andy

                          1 2 Previous Next