Secure backup mode

Secure backup mode supports the creation of a backup to restore the complete configuration of another appliance with a backup-restore process.

The creation of a secure backup is available only when you enabled secure backup mode during the initial firmware setup of the appliance. If not enabled, you must reinitialize the appliance with the reinitialize command and enable secure backup mode.

To determine whether secure backup is available, view the System Settings configuration and check the value of the Backup Mode property. If the value is Secure, secure backup is available.

You must use the backup-restore process among appliances at the same firmware level and features.

Unlike a standard backup, a secure backup contains private data (certificates, keys, and user data), which the appliance encrypts with a customer-provided and a DataPower® certificate. The secure backup also contains an unencrypted XML manifest. The manifest includes the date of the backup and the firmware level, model, and serial number of the appliance. You cannot view the encrypted private data, but you can view the manifest.

You can refer to the manifest files of multiple backups to determine which backup you want to restore. For example, you can identify which backup has an applicable firmware level. You can also use this information during the restore process to validate that a specific backup can be restored on an appliance.

Notes:
  • A secure backup does not back up data that is on the HSM.
  • A secure backup does not back up the password for IPMI users. The password is in the Baseboard Management Controller (BMC).

You can use the backup-restore process during the end-of-life migration to move the configuration from one appliance to another.