This article details how to restore a backup to Encryption Management Server (AKA PGP Server, PGP Encryption Server, or PGP Universal Server).
The PGP Server (Symantec Encryption Management Server\SEMS), allows administrators to restore a full backup of the server in the event of a minor problem or catastrophic failure.
You can restore the server from any saved backup. Restoring from a backup restores everything configured, including network settings, such as IP Addresses, FQDNs, Keys, policies, etc. All the information you would need are included in the backups. Make note that some servers, depending on their features will not contain all data, however, the backups will contain all information needed to restore the server back to its own working state.
After the restore is complete, you are redirected to the administration console login screen.
If you get the following error message, this means you need to find the correct Org Key associated to the backup:
As has been demonstrated above, backups for the PGP Server can be used for "Upgrade" scenarios going from one version of the server to another.
In this scenario, we were going from 3.3.2 MP13 to PGP Server version 10.5.1.
For additional information on upgrade scenarios, see the following article:
The above method shown in the KB above a great way to upgrade if you are also trying to restore a backup while upgrading.
*If you are doing a new installation of the PGP Server for the purpose of restoring the backup, we recommend using the "New Installation" option during the setup.
This is the most seamless experience and allows multiple options for restore.
*This will require setting the destination server up with a new IP and hostname to complete the new setup, however, once the backup is restored, all the previous network details will be restored (You would shut down the old server before restoring the backup).
*Because all previous network information is restored, before you attempt to restore a backup, make sure the old server is first shut down.
*Symantec recommends you always install using a New Installation rather than repurposing an old VM. This makes it possible to easily revert to the old server if needed in the unlikely event the upgrade fails, and also allows for a cleaner installation.
*Restoring a backup could take twice as long as it took to create the backup. For example, if it takes 15 minutes to perform a backup, restoring the backup could take up to 30 minutes to restore. There are other factors at play that can extend these times, such as where the backup is located that is to be restored.
For information on how to install Symantec Encryption Management Server, see the following article:
It is possible to get a backup from the PGP server and take that into a Test environment.
Special care should be taken as each PGP backup from the server contains server information, such as the following (not limited to):
*Network Details in addition IP/Hostname
*Clustered Server Information
*Mail Configuration Details
As the above information is restored in the restoration process, if the Production PGP server is online while the Test Server in UAT is online, collisions in network details can occur.
This makes it trick to restore these types of backups. Reach out to Symantec Encryption Support for further guidance to this.
A Feature Request has been logged to be able to enter any IP/Network Details restoring backups so these collisions can be avoided.
To be added to this feature request, provide the below ID and reach out to Symantec Encryption Support.