Symantec Access Management

Hi,
We are putting together a disaster recovery plan for all critical applications. The plan is to identify what steps need to be taken to bring PRE-PROD environment up and running in case PROD is not available.

I am new to SiteMinder. It does not look straight forward to me based on my understanding of SM.

Web agents, resources being protected, user repositories (Active Directory, LDAP, Databases) etc. are all location specific on the network. In otherwords, in case of a disaster, the applications, their databases may switch to their backup environments.

In this case, how can we bring SiteMinder up to protect the applications with out reconfiguring every thing? We are using version 6.0 currently, we go to 12.5 soon. I heard there is an export option available in 12.5. Even if we take a BACKUP of the export, but if the applications themselves are changing their network locations, how come the EXPORT be useful?

I may be missing some thing here. There must be a way to do Disaster Recovery. I appreciate if some one can explain the solution or point to some resources which explain the plans for DR.

Thanks in advance,
Ram

Guys, correct me if i mentioned anything wrong.

Hi Ram,

In industry usually, setup will be done at two different locations. If one location goes down, they will bring up the operations using second location. So, its kind of setting up two complete environments in different locations.

To answer your question, we used replication of data so that if one goes down, other location will have the info and it works just fine when brought up. Yes there is export option available and you can export siteminder data. But for disaster recovery, siteminder is not the only component.

(1) You have to first decide what kind of site you are planning to setup(Hot site, warm site or cold site). You can find the details about sites here(http://searchdisasterrecovery.techtarget.com/news/1370733/Disaster-recovery-site-options-Hot-warm-and-cold-sites).
(2) After you decide the site, based on that infrastructure setup happens.
(3) Then comes data replication between sites etc.,

Most of the companies will have disaster recovery plans. So,If you want to add siteminder too to the list, just check with your DR team.

Hope this helps.

Thanks,
Jagadeesh.K

Hi Ram,

Was the explanation helpful to you?

Thanks,
Jagadeesh.K

Hello Jagadeesh,
I would say no :) Actually I have to provide input to Disaster Recover plan.

Your explanation is in general terms about an enterprise. I am interested about how we do disaster recovery for SiteMinder. I appreciate if you have any input.

I have one other question on SM Logs. I will post another question.

Thanks,
Ram

Hi Ram,

DR exercise depends upon the OS you use. In our case,
Our Policy Servers are in linux, they are backed up to the tape, carried to the DR site and recovered from the tape. No changes are needed except having to restart policy server services, provided all other infrastructure(DNS,AD etc..) components are up.
Policy Store is in Windows, so we need to build a Windows server, install LDAP manually at the site, import Policy Data which is exported the night before DR activity. I use SMDIF.
For Webagents. TAI agents, Unix systems make it easy. Windows needs reconfiguration.

Hope this helps.

Thanks SamWalker.

Your answer is helpful at a higher level. I can clue in for the rest of the stuff :)

Thanks,
Ram