Table of Contents
Database AdministrationCompacting the Database
Backing Up the Database
Restoring the Database
Changing Database Passwords
Scheduling Checkpoint Events for the Database
Database Administration
- Compact the CiscoWorks Common Services databases.
- Backup CiscoWorks Common Services client application data.
- Restore CiscoWorks Common Services client application data.
- Change the passwords that CiscoWorks Common Services uses with the SQL databases.
- Schedule Checkpoint Events for the Database.
The administrative tools for the CiscoWorks Common Services database do not cover CiscoWorks application data and user account data. To manage CiscoWorks application and user account data, you must use the CiscoWorks database administration tools. Refer to the CiscoWorks documentation or online help for information about performing those tasks.
About Data Management
CiscoWorks Common Services uses multiple databases to store client application data. When you perform a backup, all the databases are backed up. However, CiscoWorks Common Services does not store user account information or CiscoWorks application data. Those items are stored by the CiscoWorks database, and can only be backed up using the CiscoWorks utilities.
 |
Note References to "KRS" or "FMS" in the CiscoWorks Common Services interface refer to a proprietary database that is used to store configuration information for the client applications. |
Compacting the Database
Compacting the database eliminates space that was allocated for data that no longer exists in the database. This decreases the amount of space required to retain existing CiscoWorks Common Services configuration data and can increase system performance and minimize startup time. Only the KRS database used by the Management Center for PIX Firewalls is affected by this procedure.
You should compact the database at regular intervals to reclaim any unused storage space. You can compact the database on demand or schedule the database to compact at a set time or at regular intervals. You cannot compact the database while backing up or restoring the database.
|
Note The CW2000 KRS Database service shuts down when the database is compacting. You should not perform any other activities while the database is compacting. |
 |
Tip Use the scheduling feature to schedule database compactions on a weekly or daily basis, depending on how often you update your configurations. You should schedule the compaction to occur when the system is not being used, such as late at night or early in the morning. |
To compact the database, follow these steps:
Step 1 Select VPN/Security Management Solution > Administration > Common Services > Compact Database from the navigation tree.
The Compact Database page appears.
Step 2 To specify that you want to send an e-mail to a designated recipient each time the database is compacted, select the Email Notification check box and enter an e-mail address in the field.
|
Note If you have specified a default e-mail address on the Preferences page, that address appears in the Email Notification field by default. You can add additional recipients by separating e-mail addresses with a comma (,). |
Step 3 To specify that the database be compacted immediately, select the Immediate check box.
Step 4 To specify a date and time when you want the compact operation to begin, follow these steps:
a. Deselect the Immediate check box.
b. Use the scroll arrows to display the month, day, and year in the Start Date lists under Schedule, and then click each displayed value to confirm your selection.
- Confirmed selections appear in blue.
c. Use the scroll arrows to display the hour and minutes in the Start Time lists under Schedule, and then click each displayed value to confirm your selection.
- Confirmed selections appear in blue.
Step 5 To specify that a scheduled compaction should take place at regular intervals, follow these steps:
a. Enter a value in the Repeat After field, and select Days, Hours, or Minutes from the list. You must click your list selection after using the scroll arrows for the selection to take effect.
b. To limit the number of times the database is compacted, enter a value in the Limit Occurrences field under Frequency.
|
Note Entering 1 in both the Repeat After and Frequency fields causes the database compaction to occur only once at the scheduled date and time. |
Step 6 To compact the database according to the settings you have made, click Finish.
If you selected the Immediate check box, database compaction begins immediately. The compaction may take several minutes to complete. A message box displays the status of the database compaction.
If you scheduled a compaction, the information is added to the Scheduled Jobs log. A dialog box displays date and time the compact job is scheduled for.
Step 7 If you scheduled a database compaction, click Yes. Otherwise, skip to the next step.
A message box appears, indicating that the compaction job was scheduled.
Step 8 Click OK to close the message box.
Backing Up the Database
You should back up the database regularly so that you have a safe copy of the CiscoWorks Common Services database. You can back up the database on demand, at a specific time, or at scheduled intervals. You cannot back up the database while restoring or compacting the database.
When you back up the database, the data for all client applications is backed up; you cannot specify a backup for the data of a single client application. User account information is not saved in the backup. You must use the CiscoWorks2000 Server utilities to back up user account information.
|
Note You can only back up the data to the server. You cannot back up the database to a client system, even if that client system is being used to connect to CiscoWorks Common Services and initiate the backup. However, after you back up the database, we recommend that you store the backup to a different computer to prevent data loss in the case of hardware failure. |
To backup the database, follow these steps:
Step 1 Select VPN/Security Management Solution > Administration > Common Services > Backup Database from the navigation tree.
The Backup Database page appears.
Step 2 Specify the path to the directory where you want the backup stored. You can specify the backup directory in one of two ways:
- Enter the path into the Backup Directory field. If the directory you specify does not exist, it is created for you.
- Click Select and browse to an existing directory. To change drives, enter the drive letter in the field.
|
Note The default backup directory path is <install_drive_and_path>/CSCOpx/MDC/backup/. |
Step 3 To specify that you want to send an e-mail to designated recipients each time the database is backed up, select the Email Notification check box and enter an e-mail address in the field.
|
Note If you have specified a default e-mail address on the Preferences page, that address appears in the Email Notification field by default. You can add additional recipients by separating e-mail addresses with a comma (,). |
Step 4 To specify that the database backup is performed immediately, select the Immediate check box.
Step 5 To specify a specific date and time when you want the database backup to begin, follow these steps:
|
Note You cannot schedule a backup while performing an immediate backup. |
a. Deselect the Immediate check box.
b. Use the scroll arrows to display the month, day, and year in the Start Date lists under Schedule, and then click each displayed value to confirm your selection.
- Confirmed selections appear in blue.
c. Use the scroll arrows to display the hour and minutes in the Start Time lists under Schedule, and then click each displayed value to confirm your selection.
- Confirmed selections appear in blue.
Step 6 To specify that a backup should take place at regular intervals, follow these steps:
a. Enter a value in the Repeat After field, and select Days, Hours, or Minutes from the list. You must click your list selection after using the scroll arrows for the selection to take effect.
b. To limit the number of times the database backup occurs, enter a value in the Limit Occurrences field under Frequency.
|
Note Entering 1 in both the Repeat After and Frequency fields causes the database compaction to occur only once at the scheduled date and time. |
Step 7 To back up the database according to the settings you have made, click Finish.
A message box provides the status of the database backup. If you selected the Immediate check box, the database backup begins immediately. The backup may take several minutes to complete. The backup is stored in a subdirectory named with the time and date that the backup occurred (in yyyymmddhhmmss format).
Step 8 Click OK to close the message box.
Restoring the Database
You can restore the database from an existing backup. The backup contains data from all installed CiscoWorks Common Services client applications. Because user account information is not backed up, you cannot use restore to recover deleted accounts. Additionally, license information is not restored; the license in effect when the restore is performed remains in effect after the restore.
|
Note You cannot restore the database while compacting or backing up the database. |
To restore the database, follow these steps:
Step 1 Select VPN/Security Management Solution > Administration > Common Services > Restore Database from the navigation tree.
The Restore Database page appears.
Step 2 Specify the path to the directory where the backup is stored. You can specify the directory in one of two ways:
- Enter the path into the Backed-up Archive field.
- Click Select and browse to the directory. To change drives, enter the drive letter in the field.
|
Note The Backed-up Archive field displays the last backup performed. If no backups have been performed, then the Backed-up Archive field is blank. |
You can also specify the backup to use. If you do not specify a specific backup, the system selects the most recent backup in the directory.
Step 3 To specify that you want to send an e-mail to designated recipients each time the database is restored, select the Email Notification check box, and enter an e-mail address in the field.
|
Note If you have specified a default e-mail address on the Preferences page, that address appears in the Email Notification field by default. You can add additional recipients by separating e-mail addresses with a comma (,). |
Step 4 Click Finish.
A message box provides the status of the database restore.
Step 5 Click OK to close the message box.
Step 6 Restart the system services:
a. Select Server Configuration > Administration > Process Management > Stop Process from the navigation tree.
- The Stop Process page appears.
b. Select System in the stop column.
c. Click Finish.
- The Process Status page appears.
d. Select Server Configuration > Administration > Process Management > Start Process from the navigation tree.
- The Start Process page appears.
e. Select System in the start column.
f. Click Finish.
- The Process Status page appears.
Changing Database Passwords
You can change the passwords used by CiscoWorks Common Services and CiscoWorks Common Services client application SQL databases.
To change database passwords, follow these steps:
Step 1 Select VPN/Security Management Solution > Administration > Configuration > Database Credentials from the navigation tree.
The Database Credentials page appears.
Step 2 Select the Modify check box.
The Modify details section becomes active.
Step 3 Select the database from the Description list.
The database name and the user name that CiscoWorks Common Services uses to access the database appear in their respective fields under Credentials. The MC Name field lists all client applications that use the selected database.
Step 4 From the MC Name list, select the client application for which you want to change the database password.
|
Note If more than one client application share a database and have the same user name for that database, changing the password for one client application changes the password for all. However, if more than one client application share the same database, yet have different user names, only the password for the selected client application changes. |
Step 5 Enter the current database password in the Enter old password field.
Step 6 Enter the new password in the Enter new password field.
Step 7 Re-enter the new password in the Confirm password field.
Step 8 Click Finish.
The password for the selected database is changed.
Step 9 Restart the system services:
a. Select Server Configuration > Administration > Process Management > Stop Process from the navigation tree.
- The Stop Process page appears.
b. Select System in the stop column.
c. Click Finish.
- The Process Status page appears.
d. Select Server Configuration > Administration > Process Management > Start Process from the navigation tree.
- The Start Process page appears.
e. Select System in the start column.
f. Click Finish.
- The Process Status page appears.
Scheduling Checkpoint Events for the Database
When a database checkpoint event occurs, all information stored in the memory cache is written to data files on the hard drive.
Changes that you make to the system are tracked by a log file. These changes signify information, such as configuration settings and audit records, that differ from the settings stored in the data files.
If the server on which the database resides shuts down prematurely, such as by a power failure, the database uses the log file to recreate the state of the system before it was shut down. Checkpoints reduce the amount of time required to recreate this "last known good" state, because they reduce the size and number of changes in the log file. The database synchronizes its in-memory working data with the data stored on the hard drive when whichever of the following events occurs first:
- The specified amount of time elapses.
- The log file tracking the changes made since the last checkpoint exceeds the maximum specified file size value.
A disadvantage of checkpoints is that they consume much of the system resources. Therefore, the number of audit records that can be recorded while a checkpoint is being performed is reduced. The smaller the difference between the in-memory data and the data files, the faster the server running the database can "recover" and resume normal activity. (Normal activity consists of activity such as recording audit records and accepting changes to existing network policies.)
You can define a checkpoint rule to specify how frequently the database should write the information stored in its memory cache to the database files on the server hard drive. You can base checkpoint events on the size of the log file, the time-of-day, a set interval, or some combination of the three. You can also disable checkpoint events completely by disabling each type of checkpoint rule; however, this option is highly discouraged.
|
Note Database checkpointing only affects the KRS database used by the Management Center for PIX Firewalls. |
|
Tip If importing or generating large configurations in a client application takes a long time, increase your Checkpoint File Size value. It is likely that one or more checkpoint events are occurring during your import or generation. |
To set checkpoint intervals, follow these steps:
Step 1 Select VPN/Security Management Solution > Administration > Configuration > Database Checkpoint in the navigation tree.
The Database Checkpoint Settings page appears.
Step 2 To specify the maximum size (in megabytes) that the log file can reach before requiring a checkpoint, enter the value in the Checkpoint File Size field. You can disable the size checkpoint by entering 0 (zero).
Step 3 To specify a specific time when the checkpoint should occur, select the hour and minutes from the Schedule At lists. You can disable the time-of-day checkpoint by entering 00 (zero-zero) for both the hours and the minutes. The time is shown in 24-hour format.
Step 4 To specify how often the checkpoint is repeated, enter the interval, in hours, in the Interval field.
Step 5 Click Finish.
A message box provides the status of the configuration change.
Step 6 Click OK to close the message.