• State Not Answered
  • Replies 1 reply
  • Subscribers 28 subscribers
  • Views 115 views
  • Users 0 members are here
Options
Related

Procedures to migrate a PAM ecosistem from a tenant to another

simone tabacchi
1 month ago

Hi,

i was wondering if there is a best practice that permits a client to transfer all the data from one appliance to another, even from different types of environments (i.e from onPrem to onPrem, from onPremo to onDemand, from onDemand to onDemand)

Lets say that my actual PAM infrastructure has lots of problems and it's "buggy" so i want to create a new environment in which i want to Import all the data contained in the old infrastructure.

Which are the steps that should be followed? How can this be achieved?

If the question is not clear, feel free to ask for more informations.

Thank you,

Simone

Parents
  • 0 1 month ago

    Hi,

    For SPP backup\restore:

    - Migrating data from HW to VMs require a special VM Compatible backup which need to be unlocked by submitting a service request to support and provide the challenge code for enabling this feature on a HW SPP appliance.

    - Migrating data from VMs to HW is not currently supported.

    - Migrating data from (HW to HW) or (VM to VM) in SPP is possible as long the target SPP is running at equal or higher version and not lower version.
    -- Backup can only be restored to same or newer version of SPP for the supported above scenario:
    support.oneidentity.com/.../is-it-possible-to-restore-a-safeguard-backup-taken-at-a-different-version

    - Migrating data from VM to VM (this applicable whether SPP in running in VMware, HyperV, or in the Cloud hosted by customer's own tenant ex. Azure or AWS) - Safeguard on Demand classic version is also possible to restore data to similar to the other VMs mentioned earlier, however, Safeguard on Demand Starling Edition does not allow restores from a customer side.

    Note: Restoring data from backups does not restore the cluster configuration and therefore after the new target Primary node has the data restored then you would need to add the other nodes as Replicas which will sync the same data from the Primary as part of the Replica enrollment process.

    This KB shows what is included in the SPP Backups and what is not included:
    https://support.oneidentity.com/one-identity-safeguard-for-privileged-passwords/kb/4263913/what-information-is-included-in-a-backup

    Best Practice: We recommend consulting with One Identity Professional Services team for migrations as these can get quite complex if for example an SPS cluster is also joined to SPP which will require additional configuration to relink the SPS cluster or migrate the SPS cluster.

    Thanks!

Reply
  • 0 1 month ago

    Hi,

    For SPP backup\restore:

    - Migrating data from HW to VMs require a special VM Compatible backup which need to be unlocked by submitting a service request to support and provide the challenge code for enabling this feature on a HW SPP appliance.

    - Migrating data from VMs to HW is not currently supported.

    - Migrating data from (HW to HW) or (VM to VM) in SPP is possible as long the target SPP is running at equal or higher version and not lower version.
    -- Backup can only be restored to same or newer version of SPP for the supported above scenario:
    support.oneidentity.com/.../is-it-possible-to-restore-a-safeguard-backup-taken-at-a-different-version

    - Migrating data from VM to VM (this applicable whether SPP in running in VMware, HyperV, or in the Cloud hosted by customer's own tenant ex. Azure or AWS) - Safeguard on Demand classic version is also possible to restore data to similar to the other VMs mentioned earlier, however, Safeguard on Demand Starling Edition does not allow restores from a customer side.

    Note: Restoring data from backups does not restore the cluster configuration and therefore after the new target Primary node has the data restored then you would need to add the other nodes as Replicas which will sync the same data from the Primary as part of the Replica enrollment process.

    This KB shows what is included in the SPP Backups and what is not included:
    https://support.oneidentity.com/one-identity-safeguard-for-privileged-passwords/kb/4263913/what-information-is-included-in-a-backup

    Best Practice: We recommend consulting with One Identity Professional Services team for migrations as these can get quite complex if for example an SPS cluster is also joined to SPP which will require additional configuration to relink the SPS cluster or migrate the SPS cluster.

    Thanks!

Children
No Data