You need to back up user profiles if your company uses RSA SecurID Access to protect HTTP Federation (HFED) applications.
Before you begin
- You must be a Super Admin in the Cloud Administration Console.
- Sufficient disk space must be available for storing backup files. For more information, see Calculating Storage Space for HFED User Profile Backup Files.
- Decide upon a target location for the backup data:
- Save to local disk on the identity router.
- Use SSH File Transfer Protocol (SFTP) to securely transfer the files to a different location.
Note: To ensure security for backup files, follow standard network hardening guidelines to limit identity router access to only the resources it is required to access. If you are using port TCP 22 for SFTP backups, do not allow the identity router to use TCP 22 to access internet resources.
- In the Cloud Administration Console, click Platform > Backup and Restore.
- Click Add a Backup.
- In the Cluster field, select a cluster for this backup configuration.
- In the Backup Location for Selected Cluster field, select the target location for the backup for the selected cluster.
Backup Location Description Local Disk Save the backup on the identity router. SFTP SSH File Transfer Protocol
- For SFTP backups, complete the required fields.
Required Fields Field Description Username Username for the account used to access the SFTP server. Password Password for the account used to access the SFTP server. Hostname Hostname of the SFTP server and directory path. Port Port number for the SFTP server. Relative Path Relative path of the directory where backups are stored. For example, .../yourpath/userdatabackups. Routing Interface
Select Private to access the target location by means of a private network, or Public to use the public network.
- In the Number of Backups to Keep for Selected Cluster field, specify the maximum number of backups to save for the selected cluster. RSA recommends that you store at least five backups at a given location. When the actual number of backups exceeds the Number of Backups to Keep for Selected Cluster, RSA SecurID Access deletes the oldest backup from the storage location. For example, if you keep five backups and then generate a sixth, the oldest stored backup is deleted.
- Click Save.
- (Optional) Click Publish Changes if you want to activate the settings immediately. The identity router can create backups only after the changes are published.
- (Optional) After you publish the changes, you can click Backup Now to run an immediate backup for this cluster only.