Creating a System Backup
Before You Begin
-
From X8.11, backup files are always encrypted. In particular because they include the bootstrap key, and authentication data and other sensitive information.
-
Backups can only be restored to a system that is running the same version of software from which the backup was made.
-
You can create a backup on one Expressway and restore it to a different Expressway. For example if the original system has failed. Before the restore, you must install the same option keys on the new system that were present on the old one.
If you try to restore a backup made on a different Expressway, you receive a warning message, but you will be allowed to continue.
(If you use FIPS140-2 cryptographic mode) You can't restore a backup made on a non-FIPS system, onto a system that's running in FIPS mode. You can restore a backup from a FIPS-enabled system onto a non-FIPS system.
-
Do not use backups to copy data between Expressways. If you do so, system-specific information will be duplicated (like IP addresses).
-
Because backup files contain sensitive information, you should not send them to Cisco in relation to technical support cases. Use snapshot and diagnostic files instead.
Passwords
-
From X8.11, all backups must be password protected.
-
If you restore to a previous backup, and the administrator account password has changed since the backup was done, you must also provide the old account password when you first log in after the restore.
-
Active Directory credentials are not included in system backup files. If you use NTLM device authentication, you must provide the Active Directory password to rejoin the Active Directory domain after any restore.
-
For backup and restore purposes, emergency account passwords are handled the same as standard administrator account passwords.