02-13-2015 06:38 PM
Is there a way to migrate the Users Blacklist/Whitelist, Queues, Report data, and anything else from my physical appliance while moving to the virtual appliance?
This is about where I'm stuck at this point, everything else looks good. Will be nice to shut down this last physical appliance in my environment.
Solved! Go to Solution.
02-15-2015 07:54 PM
Maybe these might help:
Backing up SMA datasets:
http://www.cisco.com/c/en/us/support/docs/security/content-security-management-appliance/118459-technote-sma-oo.html
http://www.cisco.com/c/en/us/support/docs/security/content-security-management-appliance/118441-technote-sma-00.html
02-13-2015 07:13 PM
Blacklist/whitelist: yes. Go to System Administration/Configuration File. Near the bottom there's a section to Backup / Restore the End User Safelist/Blocklist. Save it on your old box, it will get dumped into the /configuration directory... FTP to the old box, and download it. FTP to the new box and upload it. Then go restore it...
Queues? do you mean quarantines? Can't move them, unless you centralized them onto a SMA. I'd let them age out, then shut down the box...
Reports yes (they're in /periodic_reports). Data, I don't think so. If I remember correctly, data for the reports is pulled out of the log files and put into a db on the box, and that can't be moved.
02-13-2015 07:15 PM
Duh, just realized you're doing an SMA... there's a way to use one SMA as a backup to the other... I'm not sure how that restore or failover process works....
02-15-2015 07:54 PM
Maybe these might help:
Backing up SMA datasets:
http://www.cisco.com/c/en/us/support/docs/security/content-security-management-appliance/118459-technote-sma-oo.html
http://www.cisco.com/c/en/us/support/docs/security/content-security-management-appliance/118441-technote-sma-00.html
02-17-2015 10:47 AM
Just what I needed,
Almost worked just need to set my disk allocation on the target machine and I should be able to start migration.
02-17-2015 11:01 AM
Figured out what was wrong with the disk space. Some how my source physical SMA had more disk allocated then existed. So I fixed it to match the target SMA, and the back up is now working. I'll check everything out, if it is working, I'll start migrating all my ESAs to the new SMA and point my spam Q dns records to the new SMA.
I'll probably setup a second SMA and schedule regular backups from the new SMA, pretty nice feature. Could be improved for better HA, but we can manage.
02-17-2015 05:42 PM
I'm glad to hear it's working out for you now.
02-18-2015 11:11 PM
So just a quick outline for making the migration to another SMA Appliance (also if you are doing a recovery from backup):
1. Build the new SMA applaince setup all basic configurations.
2. review Disk Quotas on the new target SMA so it matches or exceeds the source SMA
3. Disable Central Services on ESAs and WSAs(I don't have a WSA so assumption made here)
4. Remove Security appliances from Source SMA (e-mail will continue to flow and all reporting data will remain locally on the ESA until it is reattached to the new SMA)
5. In the command line on the source SMA run the backupconfig command and schedule a backup now to the target sma. http://www.cisco.com/c/en/us/support/docs/security/content-security-management-appliance/118459-technote-sma-oo.html
6. Once backup completes (this can take 30-60 minutes depending on size) Reattache ESA to new SMA appliance. Also update your DNS that you use for SPAM Queues to point to the new SMA.
Validate that reports are being updated. You may need to reschedule reports on the new appliance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide