This article shares steps to follow to take a full backup of the Symantec ProxySG and Advanced Secure Gateway (ASG) configuration and policy by using SSH-Console. This will have all the configuration except for private keys which are set to "Hidden".

IMPORTANT: Because the configuration archive contains your private keys, store it in a secure location. This will only display private keys of Keyrings which are set to "Show". Private keys which are set to "hidden" will not be displayed this backup.

Backup Configuration

1. Make sure that the SSH client you are using is set to write the output to a file:
2. For example, in PuTTY, select Session > Logging.  Ensure that All Session output radio button option is selected to log all session output. 
3. Connect to the ProxySG CLI via SSH.
4. Enter enable mode.
5. Type the following command:#show configuration expanded noprompts with-keyrings unencrypted

The expanded configuration will be written to the file you specified in step 1; this may take some time depending on the size of your configuration. This copies the entire configuration as well as the security keyrings (both private and public keys), unencrypted.

IMPORTANT: Make sure that no ccl name starts with "bluecoat"; this is not allowed. If a ccl starting with "bluecoat" is found, identify the related section and remove it.  Below is a common example of lines to be removed from the backup:

NOTE : This command doesn't show local policy so please make sure to get local policy backup separately if you have on your ProxySG/ASG. You can go to Policy > Policy files > Install local policy from TEXT EDITOR > Install and save that policy separately on notepad.

Restoring the Configuration