Information Systems:Steps To Recover The Sophos Firewall From Disaster

From uniWIKI
Jump to navigation Jump to search

The Sophos firewall appliances are a pair of machines that have a customized operating system that provides business critical network and security services. The two physical appliances are configured for high availability in an active passive scheme. The appliance labeled as Node1 is the primary and Node2 is secondary. If one appliance has a hard drive or other physical component failure, the following are the steps that need to be taken:

  • Call Sophos support and give them the serial number of the failed appliance. The serial number is on a label on the front panel. Tell support that a hardware failure occurred and a replacement device needs to be cross shipped.
  • When the replacement device is received, the operating system will probably already present but not at the same version as the remaining in production unit. Download the operating system ISO file from the Sophos website that matches the firmware level of the remaining in production unit. Hook up a screen and keyboard and USB CD-ROM drive to the replacement appliance and boot from the downloaded ISO to install the matching OS.
  • Retrieve the license file from the Sophos website that tells the newly installed OS what services we are entitled to and have that text file ready to uploaded to the appliance when it asks for it
  • Retrieve the latest saved configuration backup file that is either saved in the Astaro Backup folder on the SuperServer, or use the daily configuration backup file that is emailed to webmaster@unipharm.com each day. The attached abf file is the configuration file that the newly installed OS will read to configure all of the rules and settings that existed before the appliance died. Upload the abf file with the appliance asks for it.
  • Please note that what may also happen is that if the replacement appliance with just the matching OS is plugged back into the high availability cable, the remaining in production appliance might just do a massive re-sync and automagically configure the replacement unit. It is supposed to do a re-sync anyways but pre-uploading the latest configuration file will make that sync easier.

If both in production appliances suffer a hardware failure, the installation of the OS from disc and the uploading of the licensing file and configuration file is required in order to get networking and security services running again. Please be aware that if both appliances need to be replaced or have their OS's reinstalled, the hard drives are wiped and any historical data will be lost.

Retrieved from "https://owl.unipharm.com/mediawiki/index.php?title=Information_Systems:Steps_To_Recover_The_Sophos_Firewall_From_Disaster&oldid=12223"