Disaster Recovery for FEP 2010 on Configuration Manager

  • Article

Applies To: Forefront Endpoint Protection

Disaster recovery refers to restoring your servers and data in the event of a partial or complete failure due to natural or technical causes. When a server is damaged or fails, your ability to restore that server’s functions and data depends on the actions you take before the disaster occurs. Therefore, preparing for disaster recovery by planning both backup and recovery operations is a necessity for enterprise solutions such as Forefront Endpoint Protection.

The steps to back up and restore Forefront Endpoint Protection are described in this section.

Backup

The operation consists of scheduling the periodic back up of data and configuration settings on servers running Forefront Endpoint Protection features.

To back up Forefront Endpoint Protection

  1. Back up the Configuration Manager site server. For more information, see Overview of Backup and Recovery (https://go.microsoft.com/fwlink/?LinkID=206967).

    Note

    The backup includes Forefront Endpoint Protection specific Configuration Manager items and their settings, for example, Forefront Endpoint Protection policies, their assignments, and their precedence.

  2. Back up the Forefront Endpoint Protection reporting database using a SQL Server backup solution. The default database name is FEPDW_XXX.

Restore

In the event of a server failure resulting in a replacement server, the recovery operations consists of reinstalling the operating system, applications, and server configuration on the replacement server, and then restoring the data and configuration settings. Since Forefront Endpoint Protection can be installed using a remote reporting database, the steps for restoring are divided into two procedures as follows:

To restore when the Configuration Manager site server fails and is replaced

  1. Restore Configuration Manager. For more information, see Overview of Backup and Recovery (https://go.microsoft.com/fwlink/?LinkID=206967).

  2. Restore the Forefront Endpoint Protection reporting database (optional—only if SQL Server is also restored)

    Important

    In database recovery situations in a large scale deployment (more than 10,000 client computers), tempdb must be configured with a 500-GB logical unit number (LUN) for its data file. For more information about configuring the tempdb data file, see Optimizing tempdb Performance (https://go.microsoft.com/fwlink/?LinkID=206862).

  3. Install Forefront Endpoint Protection using the reuse existing database option. For more information, see either Installing Using Basic with a Remote Reporting Database Setup or To install FEP 2010 Reporting and Alerts.

To restore when the SQL Server system where the Forefront Endpoint Protection reporting database resides fails and is replaced

  1. Restore SQL Server and the Forefront Endpoint Protection reporting database.

    Important

    In database recovery situations in a large scale deployment (more than 10,000 client computers), tempdb must be configured with a 500-GB logical unit number (LUN) for its data file. For more information about configuring the tempdb data file, see Optimizing tempdb Performance (https://go.microsoft.com/fwlink/?LinkID=206862).

  2. Uninstall the Forefront Endpoint Protection reporting feature from the server where it is installed (optional—only if it is installed on a server other than the SQL Server system where the Forefront Endpoint Protection reporting database resides). For more information, see Uninstalling.

  3. Install Forefront Endpoint Protection using the reuse existing database option. For more information, see either Installing Using Basic with a Remote Reporting Database Setup or To install FEP 2010 Reporting and Alerts.