|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 7.1
Platform (Other): any
O/S Version: any
Product Name: null
Product Description: null
|Issue||After migration from RSA Authentication Manager (AM) v7.1 to v8.x, a customer may need to be able to access historical data for potential future fraud investigations or other reason.|
There are three main categories of data to consider:
|Tasks||The inability to restore a backup from v7.1 to v8.x does not mean the data is entirely inaccessible. |
As explained in detail below, activity (audit) logs can be copied from a backup location and accessed from any text editor or spreadsheet tool. Technical logs and database data however must be restored to a server or appliance, as applicable, running a compatible operating system.
RSA Authentication Manager Activity (audit) logs can be opened and read on any machine (e.g. a Windows PC) and do not require the old RSA AM v7.1 system to be present to do that.
There are three different activity logs. In RSA AM v7.1, a Recurring Log Archive Job can be used to copy the log data to a simple local text file on the AM primary.
From there, you can use your own method to regularly backup these to a remote archive location for long term storage, and clean out the backed up logs from RSA AM. The three logs that are handled this way are:
Just before final shutdown of AM v7.1 primary, special steps would be required to save the last set of activity logs:
All other RSA AM logs are internal technical/troubleshooting logs - the sort of logs RSA Support normally ask for when we are working on a technical problem for you. These can be optionally backed up as part of RSA AM's backup of the internal database.
If technical logs are not backed up, obviously they cannot be restored. If they are backed up by RSA AM with the database, they can only be restored with the data, as described in the Data section below.
All data (e.g. Identities and Tokens) in RSA AM are stored on the internal database and when backed up, are secured using the master password. If you are required to save and possibly access such data then you will need to maintain a system that a backup can be restored to, and obviously, take a final backup before shutting down your AM 7.1 primary permanently. Below are listed the restore limitations for RSA Authentication Manager Server (from the RSA Authentication Manager 7.1 Administrator’s Guide Revision 4, p. 224). The data cannot be restored to RSA AM v8.1.