Disaster recovery best practices for Endpoint Protection

To prepare for recovery after a hardware failure or database corruption, you should back up the information that is collected after you install
Symantec Endpoint Protection Manager
Refer to the following topics for more information:
Preparing for disaster recovery
Follow these steps to prepare.
High-level steps to prepare for disaster recovery
Step 1: Back up the database
Back up the database regularly, preferably weekly.
By default, the database backup folder is saved to the following default location:
C:\Program Files (x86)\Symantec\
Symantec Endpoint Protection Manager
The backup file is called
For more information, see:
Step 2: Back up the disaster recovery file
The recovery file includes the encryption password, keystore files domain ID, certificate files, license files, and port numbers. By default, the file is located in the following directory:
C:\Program Files (x86)\Symantec\
Symantec Endpoint Protection Manager
\Server Private Key Backup\recovery_
The recovery file only stores the default domain ID. If you have multiple domains, the recovery file does not store that information. If you need to perform disaster recovery, you must re-add the domains. See:
Step 3: Update or back up the server certificate (optional)
If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest one. See:
Step 4: Save the IP address and host name of the management server to a text file (optional)
If you have a catastrophic hardware failure, you must reinstall the management server using the IP address and host name of the original management server.
Add the IP address and host name to a text file, such as:
Step 5: Store the backup data in a secure location off-site
Copy the files you backed up in the previous steps to another computer
Performing disaster recovery
The following table lists the steps to recover your
Symantec Endpoint Protection
environment in the event of hardware failure or database corruption.
Before you follow these steps, make sure that you made backups and recovery files.
Process for performing disaster recovery
Step 1: Reinstall Symantec Endpoint Protection Manager using a disaster recovery file.
By reinstalling the management server, you can recover the files that were saved after initial installation. See:
If you reinstall
Symantec Endpoint Protection Manager
on a different computer and without using the disaster recovery file, you must generate a new server certificate. See:
Step 2: Restore the database.
You can restore the database with or without a database backup. See:
Step 3: Re-enable Federal Information Processing Standards (FIPS) 140-2 compliance. (optional)
If you use a FIPS-compliant version of
Symantec Endpoint Protection
and have FIPS compliance enabled, after you recover
Symantec Endpoint Protection Manager
, you must reenable FIPS compliance.
This setting is not stored in the disaster recovery file.
More information