Automate backup for Tufin devices without scripts

Tufin® configuration backup is the process of making a copy of the complete configuration and settings for Tufin devices. Configuration backups allow network administrators to recover quickly from a device failure, roll back from misconfiguration or simply revert a device to a previous state.

Because configurations change in time, configuration backups for Tufin should be created regularly and stored in a secure location.

Restorepoint includes support for the following Tufin device types:

  • T Series Appliances
  • Tufin Virtual Appliance
  • Tufin Aurora

Restorepoint supports the choice of a full Tufin backup or a configuration-only backup.

Configuration-only vs. Full Backup

When choosing between Configuration-only and Full backup, you need to consider the following:

  • Configuration-only: only backs up the SecureTrack configuration information. The backup and restore operations complete very quickly; when you restore from a configuration-only backup, you have everything you need to start collecting revisions, analysing files and running reports.
  • Full Backup: backs up the entire SecureTrack database, including configuration, policy revisions and historical reports. However, backup and restore operation can be quite time consuming.

The following illustrate in detail what is backed up by Restorepoint:

  • All settings, including: Users, Domains, Zones, Licences, TOP plugins
  • Policy Analysis Queries
  • Reports and Audit Definitions (*)
  • Performance Alerts
  • Topology
  • Full Backup: all the information above, plus:

  • Policy Revisions
  • Revision Comments
  • Automatic Policy Generator Data Rule Documentation
  • Rule and Object Usage Data
  • Firewall OS Monitoring Data
  • Published Reports
  • Plug-n-Play License Information

  • (*) When restoring from a configuration-only backup, the following need to be redefined:

  • Rule Change Reports
  • Security Risk report exceptions
  • SecureChange Access Requests
  • Additional information about how Tufin backups work with Restorepoint -

    • You must choose at least one of the following configurations to back up:
    • SecureTrack: use the selector to choose what type of ST backup to perform. Full performs a backup of the SecureTrack database and configuration; Config Only will only include SecureTrack configuration information. None ignores the SecureTrack settings.
    • SecureChange: SecureChange and SecureApp database and configuration.
    • Suite Administration: includes Suite Administration backup data.
    • Use the Temp Dir field to enter a directory on the Tufin appliance to be used for temporary storage during backup. /var/tmp is used if this field is left blank.
    • Tufin may occasionally overestimate the amount of storage required to back up the appliance, and refuse to back up as a consequence. Use the Force checkbox to override the disk space check. Note that this may result in filling a filesystem on the Tufin appliance.
    • Restorepoint will use SSH and SCP to connect to the device. Please ensure that port 22/tcp is not blocked by any firewalls between Restorepoint and the device.
    • When entering the logon credentials, you should use the root account with the advanced shell enabled. If cannot use root, you must use an account that is authorised (via /etc/sudoers) to become root using the sudo command.

    Restorepoint enables organisations to remove network management complexity by putting routine tasks such as network configuration backup, compliance and change management tasks on autopilot across their multi-vendor network infrastructure.

    Using Restorepoint's simple graphical user interface network administrators can quickly schedule network device backups without scripts, analyse devices to ensure security, compliance and automate bulk changes that would otherwise take hours or days to implement manually. Learn more about how Restorepoint how you can save time and ensure you meet your disaster recovery and compliance needs.