Data Backup

s

Backup, Archiving and Disaster Recovery

Access Control SystemSIPORT Enterprise R1 The Security Solution for Life Science Environments

Building Technologies

42359_Siport_BU_en.indd 142359_Siport_BU_en.indd 1 14.1.2008 8:08:53 Uhr14.1.2008 8:08:53 Uhr

Table of Contents

1 Abbreviations and Synonyms 5

2 System Environment 6

2.1 Backup Software 7 2.2 Image Software 7 2.3 Backup Hardware 7 2.3.1 Backup Drives 7 2.3.2 Tape Technologies 7 2.3.3 Hard Disk Drives 8

3 Backup Procedures 9

3.1 Backup Responsibilities / Logs 9 3.2 Creating Images 9 3.3 SQL Database Backup 10 3.4 Backup Master Database 11 3.5 Backup Model Database 12 3.6 Backup msdb Database 13 3.7 Backup SiportNTAcc Database 14 3.8 Backup SiportNTAcc Transaction Log 15 3.9 Backup SiportNTAcc_Hist Database 16 3.10 SIPORT Kernel Database Backup 17 3.11 Save Backup on Tapes 19 3.12 Backup Time Schedule 19 3.13 Media Rotation 20 3.14 Tape Drive Cleaning Procedure 21

4 Restore Procedures 21

4.1 Validating Tape Drive Contents 21 4.2 Restore Procedure SIPORT Server (Disaster Recovery) 21 4.3 Restore Procedure SIPORT Databases 23

3


List of illustrations

Fig. 1 System environment 1 6Fig. 2 System environment 2 6Fig. 3 Hard disk as a backup volume 8Fig. 4 Hard disk RAID 1 + 0 8Fig. 5 Backup Workflow 9Fig. 6 Backup Jobs 10Fig. 7 Backup Master Database 11Fig. 8 Backup Job general Master Database 11Fig. 9 Backup Job steps Master Database 11Fig. 10 Backup Job schedules Master Database 11Fig. 11 Backup Model Database 12Fig. 12 Backup Job general Model Database 12Fig. 13 Backup Job steps Model Database 12Fig. 14 Backup Job schedules Model Database 12Fig. 15 Backup msdb Database 13Fig. 16 Backup Job general msdb Database 13Fig. 17 Backup Job steps msdb Database 13Fig. 18 Backup Job schedules msdb Database 13Fig. 19 Backup SiportNTAcc Database 14Fig. 20 Backup Job general SiportNTAcc Database 14Fig. 21 Backup Job steps SiportNTAcc Database 14Fig. 22 Backup Job schedules SiportNTAcc Database 14Fig. 23 Backup SiportNTAcc transaction log 15Fig. 24 Backup Job general SiportNTAcc transaction log 15Fig. 25 Backup Job steps SiportNTAcc transaction log 15Fig. 26 Backup Job schedules SiportNTAcc transaction log 15Fig. 27 Backup SiportNTAcc_Hist Database 16Fig. 28 Backup Job general SiportNTAcc_Hist Database 16Fig. 29 Backup Job steps SiportNTAcc_Hist Database 16Fig. 30 Backup Job schedules SiportNTAcc_Hist Database 16Fig. 31 Backup jobs 17Fig. 32 Backup Job general SIPORT Kernel Database 17Fig. 33 Backup Job steps SIPORT Kernel Database 17Fig. 34 Backup Job SIPORT schedules Kernel Database 17Fig. 35 Backup Command EXOS386D 18Fig. 36 Backup time schedule 19Fig. 37 Restore Procedure Server 22Fig. 38 Restore Procedure Database 23

4


This document describes the backup and archiving of data on a SIPORT Enterprise system used within a pharmaceutical environment. This includes the system components:

■ SIPORT Enterprise R1■ WINDOWS 2003 R2 Server■ Hardware (Server, Clients, Backup

media etc.)■ Software Backup Tools

Introduction

1 Abbreviations and Synonyms

FDA U.S. Food and Drug Administration

GAMP4 Good automated manufacturing practice, 4th edition. GMP guide to validate automation systems.

21 CFR, Partxxx 21 Code of Federal Regulations, Partxxx

GMP Good Manufacturing Practice

ISPE International Society for Pharmaceutical Engineering

GxP Good x Practice

x stands for:

Manufacturing

Laboratory

Engineering

Installation

NAS Network Attached Storage

Non GxP Applies to plants or partial plants not requiring validation, which can therefore be planned, installed and commissioned like a normal plant.

CIxx Computer Identifier x

WIN2003 Windows 2003 Server operating system

WINXP Windows XP operating system

LTO Line-Tape-Open

IT Information Technology

HD System volume (operating system)

HD Data volume (contains data)

HD Backup volume

HD Hard disk volume

SAN Storage Array Network

SES SOL TEC Security Systems Solution Technology Center in Karlsruhe (Germany)

SID Security Identifier

5


The described backup procedure is based on the following topology. It shows a high-end scenario using a Microsoft Server Cluster with two nodes working in fail-over mode. For external storage, two SAN are used connected to the Server Cluster with redundant Fiber Channel Switches. SIPORT will run on the Microsoft Windows Server 2003 R2 Enterprise Edition cluster with full func-tionality, even during fail-over from one node to the other. A client computer system will only see one virtual server and transmit all access data, history and configuration updates to the virtual Server.

In the given example, the possible down-time for the system is minimized.

2 System Environment

Fig. 1 System environment 1

Client …Client 1 Client 2 Client nClient … Client n-1

LAN WAN

BackupServer

Node A Node B

FiberChannelSwitch(SAN)

FiberChannelSwitch(SAN)

BackupTapeDrive

Building A Building B

StorageControler and

Storage

SAN A

StorageControler and

Storage

SAN B

Fig. 2 System environment 2

If the redundancy is not needed, the scenario can be abstracted to a stand-alone server using the local hard drives to store the data. All functions such as SIPORT Server, Backup Server, etc. can be integrated on this single server. This two nodes fail-over Cluster can be seen as one virtual Server, so there is nearly no difference to the backup strategy.

Client …Client 1 Client 2 Client nClient … Client n-1

BackupTape Drive

Server

LAN WAN

6


2.1 Backup Software

Currently you will find two suitable soft-ware products on the market fulfilling our requirements. They are:

■ CA Brightstor ArcServe■ Veritas BackupExec (Symantec)

Both software products have similar functionalities. The decision which product should be used, depends on the hardware of your server, too.

2.2 Image Software In the case of a disaster, the image of the whole server guarantees a 100% recovery of the data and configuration.There are several software solutions available for making an image of a server, the most usual ones are:

■ Symantec Ghost■ Acronis True Image

The functionalities and complexity of these products are nearly the same.

2.3 Backup Hardware The backup can be realized with different media. To find the right one is not always easy, because some preconditions have to be fulfilled:

■ Capacity of the media■ Amount of data to be backed up■ Speed of the media■ Availability of media■ Availability of spare parts ■ Accessibility

The most important of these are capacity and speed.

2.3.1 Backup Drives

When considering backup media, you can use CDs, DVDs, Blue-Ray discs, NAS, hard disks and tape drives.All of these media are able to store the information offline and in separated places.With regards to the typical amount of data to be backed-up, CDs and DVDs are not suitable, as media have to be exchanged during the backup process.

2.3.2 Tape Technologies

The first decision you have to make is the selection of the right tape tech-nology.This can be a nightmare, because com-paring the different tape technologies is like asking the question: “Is Linux better than WINDOWS?”The decision is relatively easy if we look at the amount of data which each tape technology can store as well the speed of copying data to the medium.

Tape technologies comparison

The following table compares the perfor-mance and capacity of the various tape technologies.

The comparison shows the impressive enhancement of tape technologies.In the next table we shall see how long it would take to back up 100GB and 500GB.We are not using any compression, and we have the full server performance for the backup.

* The LTO-5 is planned. The information is not final.

TechnologyRelease Year

Tape capacity uncompressed

Tape speed uncompressed

Tape capacity compressed

DAT 24 (DDS-3) 1996 12 GB 1 MB/s 24 GB

DAT 40 (DDS-4) 1999 20 GB 3 MB/s 40 GB

DAT 72 (DDS-5) 2003 36 GB 3 MB/s 72 GB

DLT 8000 1999 40 GB 6 MB/s

SDLT 320 2002 160 GB 16 MB/s

DLT VS80 2001 40 GB 3 MB/s

LTO-1 2000 100 GB 20 MB/s 200 GB

LTO-2 2002 200 GB 40 MB/s 400 GB

LTO-3 2005 400 GB 80 MB/s 800 GB

LTO-4 End 2007 800 GB 120 MB/s 1,6 TB

LTO-5 * Tba. 1,6 TB 180 MB/s 3,2 TB

7


Technology100 GB 500 GB

No. of tapes Duration * No. of tapes Duration *

DAT 24 (DDS-3) 9 28 hours 42 142 hours



DLT 8000 3 5 hours 13 24 hours

SDLT 320 1 2 hours 4 9 hours

DLT VS80 3 9 hours 4 47 hours

LTO-1 1 1,4 hours 5 7 hours

LTO-2 1 0,7 hours 3 3,5 hours



2.3.3 Hard Disk Drives

The hard disk can be used for backup storage to speed up the backup time.As offline storage, this is not the best solution, because you have to install it, or you have to mount or dismount the disk.To make the backup on different hard disks you have to install an additional HD, or you need hot-plug HDs which can easily be exchanged. However, hot-plug HDs should be exchanged only in the event of a fault.

The used HD must have enough space to store all backup data.If one HD is not sufficient to store all the data, more HDs have to be installed. Then a RAID 1 + 0 or a RAID 0 only can be built.

RAID 1 + 0 is the combination of RAID 0 (stripping) and RAID 1 (mirroring)With RAID 0, we enhance the capacity of the HDs, and with the RAID 1 we have the security and reliability of the system.

RAID 1 + 0 has a higher performance compared to other RAID levels like RAID 5. RAID 5 is much slower in writing data to the HDs than RAID 1 + 0.

RAID 1 + 0 can lose one HD per RAID 1 and the system will still work.However, the capacity of the RAID 1 + 0 is unsatisfactory, because 50% of the total HD capacity is lost.

Fig. 3 Hard disk as a backup volume

Fig. 4 Hard disk RAID 1 + 0

Example to Fig. 4:

RAID 1 (1) = 300GBRAID 1 (2) = 300GBRAID 1 (3) = 300GB -------------- 900GB / 2 = 450GB gross capacity

Even if you make the backup on a HD or on a HD RAID, you must store the backups in another physical location, or on the server. In the “worst case” you could lose all data as result of hardware crash, fire, flood, etc.

The strategy must include the facility for external storage. Another possibility is to store the backups on a separate server on the network. This solution is more reliable, but it also needs a reliable network installation.

* The question is whether the server is able to serve the required speed to the tape drive.

ServerRAID 1

RAID 1

Single HD

ServerRAID 1

RAID 1

HD Pool withhot plug HD's

ServerRAID 1

RAID 1

RAID 1(1)

RAID 1(2)

RAID 1(3)

RAID 0

8


3.1 Backup Responsibilities / Logs

The operator / backup administrator is responsible for all the backups, backup verification and tape changing. All performed actions are recorded in a backup log.The backup log is a manual, paper-based log, and will show the inserted tape and contains the successfully verified back-ups. Any remarks, e.g. tape replace-ments, will also be noted, along with the physical location of off-site tapes. Backup logs will be archived for a period of 24 months.

3.2 Creating Images Creating an image is done for all com-puters after the final configuration, and forms the basis for a disaster recovery.The image of a computer includes all software, configuration, and files, and is a 1:1 copy of the whole hard disk. The image must be repeated if any static files have changed on the system.The bootable CD establishes a network connection to the backup server. Thus, the image is made directly via the net-work and stored on the backup server. An MD5 checksum file is stored together with the image in the image folder.This MD5 checksum file is used to check, whether the data is correct, and to ensure that nothing was corrupted during the copying of the image file.

The image must be updated after any of the following:■ Installing new programs on the

computer■ Installing a patch on the computer■ Installing a hotfix on the computer■ Installing a service pack on the

computer■ Changing the configuration of the

computer or programs■ Before and after change of hardware■ In any case which could have an

influence on the integrity of the installation

The workflow below shows how we create an image.

All images are saved with the backup software on a tape and removed from the backup server.

3 Backup Procedures

Fig. 5 Backup Workflow

Create an image

Close all programs andswitch off the computer

Boot the computer inWINDOWSsafe mode

Create an MD5 checksum file for the folder;

Siemens

Start the image programand create an image.

Copy the data vianetwork directly to the

backup server

Shut downthe computer and boot

from the boot CD

image file stored on thebackup server

9


3.3 SQL Database Backup

The SQL databases are located on the SAN. For the Database backup, the Microsoft SQL Server Agent is used, which has defined jobs, listed below:

Full backup of the:■ Master database■ Model database■ msdb database■ SiportNTAcc database■ SIPORTNTAcc_Hist database

and backup of the SiportNTAcc cc data-base transaction log.

Fig. 6 Backup Jobs

The full backup of the master, model and msdb database from the Microsoft SQL server 2005 are scheduled once a day. The transaction log is not backed up, because there are not normally many changes to be made and the databases are in „simple recovery mode“. With each backup the corresponding files in the backup folder of the SAN are overwritten.The full backup of the SiportNtAcc data-base is also done daily. With each backup the existing file in the backup folder of the SAN is overwritten. The backup of the transaction log of the SiportNTAcc database is scheduled for a cyclic run hourly, starting 00:15 am. The transac-tion log backups are appended to the last full backup of the SiportNTAcc data-base.The full backup of the SiportNtAcc_Hist database is done daily. With each backup the existing file in the backup folder of the SAN is overwritten. The transaction log is not backed up because the data-base is in “simple recovery model”.All backups are written to the MSSQL\backup folder located on the SAN. This folder will be saved with the backup software on a tape. The procedure isdescribed in a following section.

10


3.4 Backup Master Database

The full backup of this database is done daily at 20:00. Because the database is in simple mode there are no transaction logs to save. The backup overwrites the existing backup file. If a problem occurs and the backup fails, a log entry is created in the SIPORT Error logbook.

The backup is written to the MSSQL\backup folder located on the SAN. This folder will be saved with the backup soft-ware on a tape. The procedure is descri-bed in a following section.

Fig. 7 Backup Master Database

Fig. 8 Backup Job general Master Database

Fig. 9 Backup Job steps Master Database

Fig. 10 Backup Job schedules Master Database

BackupMaster Database

Succeed

Start

NO

YES

End

Reportbackup failure

11


3.5 Backup Model Database

The full backup of this database is done daily at 20:05. Because the database is in simple mode there are no transaction logs to save. The backup overwrites the existing backup file. If a problem occurs and the backup fails, a log entry is crea-ted in the SIPORT Error logbook.

The backup is written to the MSSQL\backup folder located on the SAN. This folder will be saved with the Backup software on a tape. The procedure is described in a following section.

Fig. 11 Backup Model Database

Fig. 12 Backup Job general Model Database

Fig. 13 Backup Job steps Model Database

Fig. 14 Backup Job schedules Model Database

BackupModel Database

Succeed

Start

NO

YES

End


12


3.6 Backup msdb Database

The full backup of this database is done daily at 20:10. Because the database is in simple mode there are no transaction logs to save. The backup overwrites the existing backup file. If a problem occurs and the backup fails, a log entry is crea-ted in the SIPORT Error logbook.


Fig. 15 Backup msdb Database

Fig. 16 Backup Job general msdb Database

Fig. 17 Backup Job steps msdb Database

Fig. 18 Backup Job schedules msdb Database

Backupmsdb atabase

Succeed

Start

NO

YES

End


13


3.7 Backup SiportNTAcc Database

The full backup of this database is done daily at 05:45. Prior to the backup, an integrity check and an attempt to shrink the database file size are done. The backup overwrites the existing backup file. If a problem occurs and the backup fails, a log entry is created in the SIPORT Error logbook.


Fig. 20 Backup Job general SiportNTAcc Database

Fig. 21 Backup Job steps SiportNTAcc Database

Fig. 22 Backup Job schedules SiportNTAcc Database

Fig. 19 Backup SiportNTAcc Database

Check Database

Succeed

Start

NO

YES

End


YES

YES

NO

NO

Succeed

Succeed

Shrink Database

BackupSiportNTAcc

Database

14


3.8 Backup SiportNTAcc Transaction Log

The transaction log backups are done hourly starting at 00:15. The backups are appended to the last full backup. If a problem occurs and the backup fails, a log entry is created in the SIPORT Error logbook.


Fig. 23 Backup SiportNTAcc transaction log

Fig. 24 Backup Job general SiportNTAcc transaction log

Fig. 25 Backup Job steps SiportNTAcc transaction log

Fig. 26 Backup Job schedules SiportNTAcc transaction log

BackupSiportNT

transaction log

Succeed

Start

NO

YES

End


15


3.9 Backup SiportNTAcc_Hist Database

The full backup of this database is done daily at 02:45. Because the database is in simple mode there are no transaction logs to save. Prior to the backup, an inte-grity check and an attempt to shrink the database file size are done. The backup overwrites the existing backup file. If a problem occurs and the backup fails, a log entry is created in the SIPORT Error logbook.


Fig. 28 Backup Job general SiportNTAcc_Hist Database

Fig. 29 Backup Job steps SiportNTAcc_Hist Database

Fig. 30 Backup Job schedules SiportNTAcc_Hist Database

CheckSipotNTAcc_Hist

Database

Succeed

Start

NO

YES

End


YES

YES

NO

NO

Succeed

Succeed

Shrink Database

BackupSiportNTAcc_Hist

Database

Fig. 27 Backup SiportNTAcc_Hist Database

16


3.10 SIPORT Kernel Database Backup

The SIPORT Kernel database consists of single files located in the EXOS386D folder on the SAN. Because these files are locked by the SIPORT Kernel, they can not be saved directly. The backup of SIPORT Kernel database is initiated by the SQL Server Agent. Therefore a job Siport_Kernel_Backup is created on the SQL Server. The backup is executed at three hour intervals between 00:30 and 21:30.


Fig. 31 Backup jobs

Fig. 32 Backup Job general SIPORT Kernel Database

Fig. 33 Backup Job steps SIPORT Kernel Database

Fig. 34 Backup Job SIPORT schedules Kernel Database

The batch program copies all database files from the original EXOS386D to an EXOS386D_sav folder to avoid the locked file problem. In this EXOS386D_sav folder. The single files are compressed into an archive file using the program Info-ZIP. With this batch the last 7 back-ups are kept and the oldest is replaced, resulting in a total of 8 backup files.

17


The following shows an example of the backup.cmd:

Fig. 35 Backup Command EXOS386D

All backups are written to the EXOS386D_sav folder located on the SAN. This folder will be saved with the Backup software on a tape. The procedure is described in a following section.

18


3.11 Save Backup on Tapes

The backups on the local hard drives are fast to create and allow quick access in case of a needed recovery. To ensure that the backups are also available in case of a disaster recovery, and also to increase the covered back-up period, it is very important to store all backups to external media. This media is for example a FibreCAT TX24 drive with LTO-3 tapes. The LTO-3 tape allows 400GB of uncom-pressed data and 800GB of compressed data to be stored on a single tape. Since the daily backups to be saved do not exceed this storage capacity, it is enough to use one tape per day. The tape drive is equipped with 2 cartridges of 12 slots for tapes. For the backups, 11 slots are used. We need 6 slots for the daily backup tapes from Saturday to Thursday, 3 slots for the weekly backup tapes, one slot for the monthly backup tape, and one slot for the cleaning tape. For redundancy, the second cartridge is also used and equipped with 10 tapes. On these addi tional tapes the daily backups are mirrored. The media rotation is described in a following section.

To store the backups on the tape drive and to perform the tape change, Backup software installed on the Backup Server is used. The Backup Server establishes a connection to a shared folder from the cluster’s active node, giving access to all the backup files. The streaming to tape is activated twice; for the tape in the first cartridge, and for the tape used as a mirror in the second cartridge.

The files streamed to tape are:

1 MASTERDmp.bak2 MODELDmp.bak3 MSDBDmp.bak4 Siportntacc_dmp.bak5 Siportntacc_hist_dmp.bak6 backup_001.zip

Fig. 36 Backup time schedule

3.12 Backup Time Schedule

19


3.13 Media Rotation

For the media rotation the GFS (Grand-father, Father, Son) method is used being the most popular tape rotation algorithm. With this method, 21 tapes are needed per year using one cartridge. 10 tapes are stored in the tape changer cartridge at the same time. The backups from Saturday to Thursday are each stored on a single tape. The backups on Fridays are stored on 4 tapes, depending on the week of the month. The backups of the first three weeks, and also the last Friday of the month, are each stored on a single tape. The backup tape of the last Friday in the month is removed from the tape changer, stored in a secured place and replaced by a new tape. Once a year, the tapes used for the backups from Saturday to Thursday and for the first three weeks in a month are replaced by new ones.

With the option of using the second cart-ridge for mirroring the backups, a total of 42 tapes is needed per year.

This method ensures the permanent availability of backups from the last 7 days, from the Fridays up to three weeks prior and from the last Fridays in a month up to 12 months back.

This method also ensures that a single tape is not used more than 47 times.

The following table shows the use of the tapes in one cartridge, the second cartridge is used in the same way. The grey cells indicate show when a tape change has to be performed.

Week Saturday Sunday Monday Tuesday Wednesday Thursday Friday

1 Sat T1 Sun T2 Mon T3 Tue T4 Wed T5 Thu T6 Week1 T7



4 Sat T1 Sun T2 Mon T3 Tue T4 Wed T5 Thu T6 Month1 T10
















































20


3.14 Tape Drive Cleaning Procedure

The Autoclean option of the FibreCAT TX24 enables the library to automatically perform tape drive cleaning without operator intervention. When Autoclean is enabled, the library monitors the cleaning requirements of the tape drive. When a tape drive indicates it needs cleaning, the library loads the cleaning cartridge into the tape drive. After the cleaning cycle is completed, the tape

4.1 Validating Tape Drive Content

The daily backups stored on the tapes are validated regularly twice weekly with Backup software by loading the tape to the tape drive and checking whether if the expected content is shown by the program. By restoring one of the ZIP archives to a folder at the backup server and testing the zip-file integrity with the command line option ‘zip –T <archive name>’ it is ensured that the files on the tape can be used for restoring purposes.

The created images of the servers have to be validated by the MD5 checksum which is located together with the image on the tape.

4 Restore Procedure

4.2 Restore Procedure SIPORT Server (Disaster Recovery)

A variety of factors can result in a server being restored: hardware crash, failure of installation software which blocks the machine, a virus, corrupted files, incom-patible updates, service packs, hot fixes etc.

Because the SIPORT SERVER is a Micro-soft Server Cluster which has to be equipped with an external storage system, the databases are not stored locally on the server. Therefore recovery is done by re-establishing the operating system and application functionality. It is assumed that the databases on the SAN are still in good condition.

With the images that were made before and during the ongoing operation, the whole server can be restored. The appropriate image has to be restored to the backup server.

The image creation program has to be booted from the CD to restore from the image. The program connects to the backup server via the network to access

the image file, and recreates the local hard drive of the server. After restoration, the server is restarted in Windows save mode to ensure a minimum number of running programs. The MD5 checksum check is performed and stored to the Siemens folder. If the check is ok, the integrity of the image is granted. The Security Identifier (an alphanumeric character string commonly known as SID) is a unique name assigned by a Win-dows Domain controller during the log-on process. It is used to identify an object such as a user or a computer or a group of users in a network of 2000/2003 systems. The SID changes regularly every 21 days. If the SID is older than 21 days, the authority check will fail, because the SID has become invalid. In such a case, the server has to be removed from the Domain Active Directory and re-assigned to the domain, the server will get a new SID.

drive unloads and ejects the cleaning cartridge, and the library resumes operation. The cleaning cartridge must be installed in the lowest cell available in the library.

The cleaning option of the backup application has to be turned OFF. The cleaning cartridge has to be replaced each 6 months.

21


If the functionality check of the cluster node shows no problems, the cluster resources are online, and the attached clients can connect, the restore is done.

Close all programs andswitch off the server

Restoring a Server

Start the server viaboot CD

Start the image tool andrestore the whole

image

Start the server inWINDOWS safe mode

and check theMD5 check sum

MD5check sum ok?

Is the SIDolder than 21 days?

Start the server

Check connectionand software

Server is restored

False

True

True

False

Make a test on anotherserver to ensure the

integrity and conducta risk analysis

Delete server from theactive directory at the

WINDOWS DomainController to get

a new SID

Remove server from theDomain and restart the

server

Join the server to thedomain and restart the

server

Start the server

Fig. 37 Restore Procedure Server

22


4.3 Restore Procedure SIPORT Databases

If one of the databases on the SAN gets corrupted, or data is lost by any accident like application problems or human failure, it is necessary to restore the data as close as possible in a status as prior to the error occurrence.The SIPORT Server functionality is not available when restoring SIPORT data-bases, except for the SiportNTAcc_Hist database containing only archived data. The connected workstations are notallowed to (and cannot) make changes in the system. Therefore all SIPORT services and the SQL Server Agent have to be ter-minated. The SIPORT Kernel has to be stopped manually. The database backups have to be retrie-ved from the tape, and placed in the backup folder on the SAN.The restoring of the needed databases of the Microsoft SQL Server is covered by the SQL Server Books Online installed on the SIPORT Server. The described proce-dures apply to the master, model, and msdb Database. The SiportNTAcc_Hist database keeping the archived logs of the SACS is in simple mode i.e. no transactions are logged to the database. This effects the restoration so that only the last good backup has to be restored. There is no additional action to perform; the not yet included logs are automatically taken over from the SiportNTAcc database by the archive creating procedure.The SiportNTAcc database transaction log is backed-up hourly and appended to the last full backup. This allows the operator to go back in one-hour-steps to the time before the problem occurred. The full backup and all transaction log backups up to the time when the pro-blem occurred are restored with the SQL Server Management Studio. The exact procedure is also covered in the Server Books Online installed on the SIPORT SERVER.

By replacing the SiportNTAcc Database it also becomes necessary to restore the SIPORT Kernel Database as close as possible to the time when the problem occurred. The appropriate backup can be opened by the Windows Explorer and the included database files are copied to the EXOS386D folder on the SIPORT Server.

Restoring a Database

Is restore ofSiportNTAcc

Database is restored

True

False

Terminate the servicesand close all programs

Restore the backupsfrom tape to disk

Start SQL ServerManagement Studio

Restore the full backupand necessary

transaction logs

Extract the SIPORTKernel databases from

zip archive to theEXOS386D folder

Start the services

Fig. 38 Restore Procedure Database

23


www.siemens.com/buildingtechnologies-pharma

Siemens Switzerland LtdBuilding Technologies GroupInternational HeadquartersGubelstrasse 22CH-6301 ZugTel. +41 41 724 24 24Fax +41 41 724 35 22

Siemens Building Technologies Security SystemsSES SOL TeCSiemensallee 84D-76187 KarlsruheTel. +49-721-595-3103Fax +49-721-595-8191

The information in this document contains general descriptions of technical options available,which do not always have to be present in individual cases. The required features should thereforebe specified in each individual case at the time of closing the contract.

Subject to change • Order no. 0-92104-en •© Siemens Switzerland Ltd • Printed in Switzerland • xxxxx Ni/Ah


Data Backup

Documents

Transcript of Data Backup