DISASTER

RECOVERY
Publishing Information

Software Version 8.6

Publication date September 29, 2022

Copyright © 2005 -2022 Varonis Systems Inc.

All rights reserved.
This information shall only be used in conjunction with services contracted for
with Varonis Systems, Inc. and shall not be used to the detriment of Varonis
Systems, Inc. in any manner. User agrees not to copy, reproduce, sell, license,
or transfer this information without prior written consent of Varonis Systems, Inc.
Other brands and products are trademarks of their respective holders.
 Contents
Chapter 1: About Disaster Recovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Chapter 2: Restoring DatAdvantage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Restoring the DSP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Restoring Probe Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Restoring Shadow Databases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Restoring Collectors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 3: Repairing or Upgrading the Data Security Platform. . . . . . . . . . . . . . 9
Upgrade and Report Subscriptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Welcome and License Agreement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Main Menu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Selecting the DSP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Selecting the Required Product or Service for Upgrade/Repair. . . . . . . . . . 11
Upgrading Varonis Servers and Monitored File Servers. . . . . . . . . . . . . . . . 11
Checking Prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Deploying the Current Tasks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Finishing the Deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Installing or Upgrading the User Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Repairing the User Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Enabling History Reports for Dates Prior to Upgrade. . . . . . . . . . . . . . . . . . 14

DISASTER RECOVERY III

 About Disaster Recovery

1 ABOUT DISASTER RECOVERY

Disaster recovery is the process of restoring the DatAdvantage installation and

lost or corrupt data.

It is a complex procedure that should be performed by Varonis personnel only.

Important: Varonis is not responsible for loss of data or damage caused by

the disaster recovery procedure if it was not performed by Varonis Support
personnel.

Backup Policy

For disaster recovery to be successful, frequent back ups should be carried out,
since data can only be restored to the last time a backup was performed.
Restore can only be performed on the last backup.

In general, the DatAdvantage installation and its data can be backed up with
any software. However, all MS SQL installations in the DatAdvantage system
must use the simple recovery mode.

CAUTION: Changing the recovery mode of Varonis databases can damage

DatAdvantage's functionality and may result in loss of data.

Note: For more information about MS recovery modes, see the relevant
Microsoft documentation.

The following table describes the recommended backup policy of databases

and files:

Backup
Server Database/Files
Frequency

VrnsDomainDB

DSP C:\Program Weekly

Files\DatAdvantage\Varonis\Archive
(default)

DISASTER RECOVERY 1
Chapter 1 DISASTER RECOVERY

Backup
Server Database/Files
Frequency

Probe Varonis Weekly

Shadow databases

Note: Shadow databases have the Every

Shadow
same name as the file server they three days
monitor.

Only when
changes
N/A Configuration files
are made
to a file

Important:

Collectors and other files do not need to be backed up.

Report subscriptions are not backed up and cannot be restored.

Make sure that the archived files are included in the backup.

What You Need

To perform disaster recovery you need the following:

1. Backups of the databases you need to restore:

2. Credentials of a user with the required server roles to restore SQL databases (see
the relevant Microsoft documentation).

3. Operating system - Required if the operating system was damaged. You need the
same version and service pack that was installed on the machine before the
disaster occurred.

4. MS SQL - Required if the SQL installation was damaged. You need the same
version, service pack, and patch level that was installed on the machine before the
disaster occurred.

DISASTER RECOVERY 2
Chapter 1 DISASTER RECOVERY

5. The computer names and IP addresses of all DatAdvantage servers, as they were
named before the disaster occurred.

6. Backup of configuration files - Only required if customizations were made to your

configuration files.

DISASTER RECOVERY 3
 Restoring DatAdvantage

2 RESTORING DATADVANTAGE

This procedure provides a high level outline of how to restore DatAdvantage.

If you need to restore more than one DatAdvantage component, restore each
component in the listed order.

CAUTION: Before proceeding, make sure you have read About Disaster
Recovery, contacted Varonis Support, and fully understand the process.

To restore DatAdvantage:

1. If required, restore the operating system on all affected machines.

Important: You must restore the same version and service pack that was
installed on the machine before the disaster occurred.

2. If required, restore the SQL installation on all affected machines.

Important: You must restore the same version, service pack and patch
level that was installed on the machine before the disaster occurred.

3. Restore the DSP server.

Note: This should be performed as a standalone step when only the

DSP server needs restoring.

4. Restore all damaged Shadow databases.

Note: This should be performed as a standalone step when only Shadow

databases need restoring.

5. Restore all damaged Probe servers.

Note: This should be performed as a standalone step when only Probe

servers need restoring.

6. Restore all damaged Collector servers.

Note: This should be performed as a standalone step when only

Collector servers need restoring.

DISASTER RECOVERY 4
Chapter 2 DISASTER RECOVERY

Restoring The DSP Server

Perform this task on the DSP Server that requires restoring.

To restore the DSP server:

1. When the VrnsDomainDB database is corrupt or DSP services and the

VrnsDomainDB database are corrupt, do the following on the DSP server:

Note: See Microsoft's online documentation for further information on how to

perform these steps.

a. Stop the SQL Agent service.

b. Restore the most recent backup of the VrnsDomainDB database.
c. Restart the server and verify the VrnsDomainDB database is accessible from
SQL Sever Management Studio.
d. Run the Enterprise Installer and from the Main Menu page, select Repair/
Upgrade.

Important: Contact Varonis Support personnel to verify whether you need to

complete the entire flow or the repair can be performed for the required
components only.

e. Complete the Repair/Upgrade flow.

f. If the DSP server host machine is replaced, run the Configure Your License flow
of the Enterprise Installer (on the Main Menu page, select Configuration >
License Registration).
g. Contact Varonis Support personnel to restore customized configuration files and
missing data.

Note: Varonis Support personnel will copy the custom configuration files to
the correct locations while stopping and then restarting specific services.

2. If only DSP services are corrupt, do the following:

a. Run the Enterprise Installer and from the Main Menu page, select Repair/
Upgrade.

Important: Contact Varonis Support personnel to verify whether you need to

complete the entire flow or the repair can be performed for the required
components only.

b. Complete the Repair/Upgrade flow.

DISASTER RECOVERY 5
Chapter 2 DISASTER RECOVERY

c. If the DSP server host machine is replaced, run the Configure Your License flow
of the Enterprise Installer (on the Main Menu page, select Configuration >
License Registration).
d. Contact Varonis Support personnel to restore customized configuration files.

Note: Varonis Support personnel will copy the custom configuration files to
the correct locations while stopping and then restarting specific services.

Restoring Probe Servers

Perform this task on all Probe servers that require restoring.

If the Probe collects events directly (not via a Collector), data that has not been
transferred to the file server's Shadow database is lost. Typically, this is events
created after midnight on the day the disaster occurred.

To restore Probe servers:

1. When the Varonis database is corrupt or Probe services and the Varonis database
are corrupt, do the following:

Note: See Microsoft's online documentation for further information on how to

perform this step.

a. On the Probe database machine, do the following:

i. Stop the SQL Agent service.
ii. Restore the most recent backup of the Varonis database.
iii. Restart the machine and verify the Varonis database is accessible from SQL
Server Management Studio.
b. Contact Varonis Support personnel to synchronize index data (from the
SDT_DirIDs Shadow database table to the Probe).

c. On the DSP server, run the Enterprise Installer and from the Main Menu page,
select Repair/Upgrade.

Important: Contact Varonis Support personnel to verify whether you need to

complete the entire flow or the repair can be performed for the required
components only.

d. Complete the Repair/Upgrade flow.

e. If the Probe interfaces with a Collector, contact Varonis Support personnel to
pull missing data from the Collector.

DISASTER RECOVERY 6
Chapter 2 DISASTER RECOVERY

Note: Ten days of data can be restored from the Collector.

f. Contact Varonis Support personnel to restore customized configuration files.

Note: Varonis Support personnel will copy the custom configuration files to
the correct locations while stopping and then restarting specific services.

2. If only Probe services are corrupt, do the following:

a. On the DSP server, run the Enterprise Installer and from the Main Menu page,
select Repair/Upgrade.

Important: Contact Varonis Support personnel to verify whether you need to

complete the entire flow or the repair can be performed for the required
components only.

b. Complete the Repair/Upgrade flow.

c. Contact Varonis Support personnel to restore customized configuration files.

Note: Varonis Support personnel will copy the custom configuration files to
the correct locations while stopping and then restarting specific services.

Restoring Shadow Databases

Perform this task on all Shadow databases that require restoring.

Data that has already been transferred to the Shadow database, and that was created
after the most recent backup and more than three days ago, is lost. You can change
these settings in the Management Console.

To restore Shadow databases:

1. On the Shadow database machine, do the following:

a. Stop the SQL Agent service.
b. Restore the most recent backup of the Shadow database.

Note: Shadow databases have the same name as the file server they
monitor.

c. Restart the machine and verify that the Shadow database is accessible from
SQL Sever Management Studio.
2. On the DSP server, do the following:
a. Run the Enterprise Installer and from the Main Menu page, select Repair/
Upgrade.

DISASTER RECOVERY 7
Chapter 2 DISASTER RECOVERY

Important: Contact Varonis Support personnel to verify whether you need to

complete the entire flow or the repair can be performed for the required
components only.

b. Complete the Repair/Upgrade flow.

3. Contact Varonis Support personnel to pull all data created after the most recent
backup of the Shadow database.

Note: Up to three days of data can be restored.

Restoring Collectors
Perform this task on all Collectors that require restoring.

Data that has not been transferred to the Varonis database on the relevant Probe is
lost. Typically, this is events created during the same hour the disaster occurred.

To restore Collectors:

1. On the DSP server, run the Enterprise Installer and from the Main Menu page,
select Repair/Upgrade.

Important: Contact Varonis Support personnel to verify whether you need to

complete the entire flow or the repair can be performed for the required
components only.

2. Complete the Repair/Upgrade flow.

3. Contact Varonis Support personnel to restore customized configuration files.

Note: Varonis Support personnel will copy the custom configuration files to the
correct locations while stopping and then restarting specific services.

DISASTER RECOVERY 8
 Repairing or Upgrading the Data Security Platform

3 REPAIRING OR UPGRADING THE

DATA SECURITY PLATFORM

You can run the Varonis Repair/Upgrade flow or the Report Deployment tool to
repair and upgrade the Data Security Platform.
Before beginning any installation or upgrade, it is strongly recommended to
ensure the most updated Microsoft hotfixes and patches that suit your server
versions are installed on each server.

Upgrade And Report Subscriptions

With the introduction of report templates, the process of upgrading the Data
Security Platform requires reviewing existing report subscriptions to identify the
relevant template or create one if necessary.
This process may be time-consuming and customers may want to defer it to a
later stage to complete the upgrade quickly.

Important: Reports and subscriptions cannot be used until this process is

completed.

To defer this process and perform it later via the Repair/Upgrade flow (or the
internal Report Deployment tool):

Before upgrading vrnsdomainDB:

update keyvalue
set value = 'None'
where [key] = 'rpcstate'

Before running the Repair/Upgrade flow (or the Report Deployment tool):

update keyvalue
set value = 'Installed'
where [key] = 'rpcstate'

Welcome And License Agreement

Perform this procedure to start the Enterprise Installer.

To start the Enterprise Installer:

DISASTER RECOVERY 9
Chapter 3 DISASTER RECOVERY

1. Navigate to the installation folder and double-click setup.exe.

The Welcome page is displayed.
2. Click Next.
The License Agreement page is displayed.
3. To accept the agreement, select I agree and click Next (otherwise, click Cancel).

Main Menu

To select the required workflow:

1. Complete the previous pages of the Enterprise Installer, until you reach the Main
Menu.
2. Select Repair/Upgrade to repair or upgrade a Data Security Platform product or
service.
3. Click Next.

Selecting The DSP Server

The DSP Server Selection page allows you to select the DSP Server and set the
required parameters.

To select the DSP Server:

1. Complete the previous pages of the Enterprise Installer, until you reach the DSP
Server Selection page.
2. Set the following parameters:
Database Server - Type the name of the required DSP Server database
instance or select it from the drop-down list. If the relevant server is not listed,
click the Browse button to locate it.
Authentication - Select the required authentication type, which can be either
Windows or SQL.
User name - Type the user name for the DSP database.
Password - Type the password.

Important: If you plan to select the Maintain Database Passwords flow and
change the sa credentials used to access the DSP Server, you must enter the
new credentials on this page of the wizard - even though you have not yet
changed them. The credentials you enter here are stored, and appear on the

DISASTER RECOVERY 10
Chapter 3 DISASTER RECOVERY

Database Security Configuration page when you set the database credentials
for the sa account.

3. Click Next.

Selecting The Required Product Or Service For Upgrade/

Repair
The Product Selection page of the wizard allows you to select the Data Security
Platform product or service you want to install, update, or remove.

To select the required Varonis products:

1. Complete the previous pages of the Enterprise Installer, until you reach the Product
Selection page.
2. Select the product or service you want to work.

Note: To install the Data Classification Engine in an environment with existing

Varonis products, first run the Repair/Upgrade flow and select Data
Classification from the product list. Then, install the DCE from the Management
Console.

Note: To download and use the (new) DatAdvantage GUI and the Varonis Web
Interface, Solr must also be installed. Selecting the Install DatAdvantage GUI
and Install Web UI checkboxes enables access to the Solr installation wizard.

3. Click Next.

Upgrading Varonis Servers And Monitored File Servers

The Data Security Platform Configuration page allows you to upgrade Varonis servers,
databases, and monitored file servers.

To upgrade Varonis servers, databases, and monitored file servers:

1. Complete the previous pages of the Enterprise Installer, until you reach the Data
Security Platform Configuration page.
2. To find or update user credentials for each server, do the following:
a. To find a specific server, type the name of the server in the Search Server text
box, and click Apply.

DISASTER RECOVERY 11
Chapter 3 DISASTER RECOVERY

b. To find servers using a specific type of account credentials, select the required
type from the Credentials type drop-down list, and click Apply.
c. To find servers for which there are no user credentials, select the Show only
empty checkbox, and click Apply.

Note: You can combine any of the search methods to filter the list of servers.

Only servers that match your search criteria are displayed in the Server Name
column.
3. To add or edit server credentials:
a. Select the server you want to edit, and click Edit Credentials.
b. In the Credentials dialog box, set the user name and password of the user
account.
4. To clear credentials, select the required server, and click Clear Credentials.
5. To prevent upgrading or removing any agents, select the following options as
necessary in the Agent Options pane:
SharePoint agent
Varonis FileWalk agent

Note: The Data Security Platform supports data deduplication on Windows

2012 when both the CIFS and the Varonis FileWalk methods are in use. To
enable use of the Varonis method, the agent needs to be upgraded.

Directory Services proxy agents

Other file server agents
6. Click Next.

Checking Prerequisites

To check the prerequisites required for deployment:

1. Complete the previous pages of the Enterprise Installer, until you reach the Check
Prerequisites page.
2. Click Next.

Deploying The Current Tasks

You can deploy currently defined tasks.

To deploy the current tasks:

DISASTER RECOVERY 12
Chapter 3 DISASTER RECOVERY

1. Complete the relevant pages of the Enterprise Installer, until you reach the
Deployment Progress page.
2. Click Install.
The selected products and services are installed.
3. To continue defining resource and options with the Enterprise Installer, click Next.

Finishing The Deployment

When the deployment is finished, you can return to the main menu, view an error log,
or close the Enterprise Installer.

To finish the deployment:

Select the relevant option from the Installation Complete page:

Return to Main Menu

Show Error Log

Close the Enterprise Installer; alternatively, click Finish.

Installing Or Upgrading The User Interface

The Select Installation Folder page allows you to install or upgrade the user interface.

To install or upgrade the UI:

1. Navigate to the GUI installation folder and double-click setup.exe to start the
Enterprise Installer.
The Welcome page is displayed.
2. Click Next.
The License Agreement page is displayed.
3. To accept the agreement, select I agree and click Next. Otherwise, click Cancel.
The Select Installation Folder page is displayed.
4. On this page, set the following parameters:
a. Click the Browse button to select the folder in which to install the DatAdvantage
UI.
b. Click Disk Cost to view available space and required space for each physical
drive.
c. Select whether to install the DatAdvantage UI for yourself or for anyone who
uses the computer.

DISASTER RECOVERY 13
Chapter 3 DISASTER RECOVERY

5. Click Next.
The Confirm Installation page is displayed.
6. Click Next to begin the installation.
When it is finished, the Installation Complete page is displayed.
7. Click Close.
The UI Enterprise Installer exits.
8. Double-click the DatAdvantage icon on the desktop to start DatAdvantage.
9. Configure the required DSPs.

Repairing The User Interface

The Repair function allows you to repair problems that occur with the user interface.

To repair problems that occur with the UI:

1. Navigate to the GUI installation folder located and double-click setup.exe to start
the Enterprise Installer. A page is displayed prompting you to repair or remove the
installed application.
2. Click Repair.
3. Click Next.
The Ready to repair page is displayed.
4. Click Repair. The repair progress is displayed.
When it is finished, the Installation Complete page is displayed.

Enabling History Reports For Dates Prior To Upgrade

The history reports (reports 3e and 4k) can be generated out of the box on all data
stored starting from the same version in which the history reports were first included.

To enable generating history reports for dates prior to upgrade:

Run the following script from vrsnDomainDB:

exec spUpgradeForReport4l

DISASTER RECOVERY 14