Login - License Framework
Installation Guide for Axcient models including: x360Recover, Direct-to-Cloud
Creating Direct-to-Cloud Customers in the x360Recover Licensing Portal Page 8 2. Click the Add User button.The customer Details window displays. 3. In the customer Details window, update the following fields: a. In the customer Username field, enter the username for the new customer.This field only accepts letters, numbers, and underscore characters.
2021-06-15 —
x360Recover Direct-to-Cloud Installation Last updated: June 2021 TABLE OF CONTENTS x360Recover - Direct-to-Cloud .................................................................................3 x360Recover Components................................................................................3 Direct-to-Cloud Backups ...................................................................................4 Install the x360Recover Direct-to-Cloud agent..................................................4 Firewall Considerations ............................................................................................4 Firewall Ports ....................................................................................................4 Log in to the x360Recover Licensing Portal .............................................................5 Create Direct-to-Cloud customers in the x360Recover Licensing Portal..................7 Create a customer.............................................................................................7 Download and install the Direct-to-Cloud agent ..................................................... 10 Role of the Agent ............................................................................................ 10 Prerequisites ................................................................................................... 10 Install the Direct-to-Cloud Agent ..................................................................... 10 Silent and RMM deployment of the agent ....................................................... 18 Update Direct-to-Cloud agent settings ............................................................ 18 Log in via Single Sign On (SSO) ............................................................................ 20 Add Direct-to-Cloud clients from the vault .............................................................. 21 Create Direct-to-Cloud schedules .......................................................................... 24 Backup Types ................................................................................................. 24 Creating schedules in the Vault Web Interface ............................................... 24 Coming Soon: The Global Management Portal for Direct-to-Cloud customers ......27 Role of the Global Management Portal ........................................................... 27 Accessing the Global Management Portal ......................................................28 Connecting Vaults with the Global Management Portal for Direct-to-Cloud customers........................................................................................................ 28 Recover Direct-to-Cloud protected systems with x360Recover ............................. 30 Troubleshoot Direct-to-Cloud agent errors ............................................................. 32 Page 2 x360Recover - Direct-to-Cloud x360Recover - Direct-to-Cloud x360Recover is a patented, Chain-FreeTM, end-to-end Backup and Disaster Recovery (BDR) platform, empowering MSPs to deliver profitable, globally-managed business continuity services. As an x360Recover partner, you will protect servers and critical workstations, recover data in minutes, take advantage of multiple recovery techniques, and safeguard all your backed up data with one comprehensive solution. x360Recover Components x360Recover includes the following core components: · Licensing Portal The Licensing Portal is the central management point for custom- er and location management, and licensing and hardware orders. · Agent The agent software is installed on a protected system and performs image- based backups. · appliance The X360Recover appliance, which is deployed at a customer location, holds the backup data received from the agents. NOTE With x360Recover Direct-to-Cloud, you do not need to deploy a local appliance. · Vault The X360Recover vault receives incoming protected system data being replicated from a customer site. Vaults are designed to be multitenant. Vaults are typically deployed off-site. NOTE The Beta release of x360Recover Direct-to-Cloud only supports Axcient Storage Cloud Vaults. · Global Management Portal: The Global Management Portal (GMP) allows for centralized management of your devices and provides a single-pane-of-glass view of each protected system. Page 3 x360Recover - Direct-to-Cloud Direct-to-Cloud Backups Axcient's x360Recover Direct-to-Cloud (D2C) provides MSPs with the same full-featured, imagebased backups of traditional x360Recover, but without the expense of deploying or managing a local appliance. This user guide outlines installation steps to help you get started with the x360Recover Direct-to-Cloud agent. Install the x360Recover Direct-to-Cloud agent This guide outlines installation and configuration tasks, including: · Accessing the x360Recover Licensing Portal, · Creating customers, · Installing the x360Recover Direct-to-Cloud agent, · Creating schedules, and · Recovery Options. Firewall Considerations Firewall Ports Direct-to-Cloud agents require several ports to be open for outbound internet connections between the protected system and the Cloud vault: TCP 443 (Https/TLS) TCP 9079 (Thrift/TLS - Endpoint Manager) TCP 9082 (Thrift/TLS Cloudserver) TCP 9090 (Thrift/TLS Backup Manager) Note: On Axcient-hosted vaults with Scale-Out Cloud, the Cloudserver service is located directly on a storage node in our datacenter. Storage nodes are assigned dynamically, at the time of protected system registration. If you must secure outbound traffic explicitly for protected systems, you can locate the assigned storage node URL in aristos.log for each protected endpoint. Important: Storage node locations within our datacenter are subject to change without notification. Page 4 Logging In to the x360Recover Licensing Portal to Support Direct-toCloud Customers Log in to the x360Recover Licensing Portal As a first step, you need to create customers in the x360 Licensing Portal. If you have already set up your customers, you can skip this step. To log in to the x360Recover Licensing Portal: 1. Open any web browser and navigate to https://licensing.replibit.com. 2. In the License Management window, enter login credentials: a. In the Username field, enter the Partner Account username. b. In the Password field, enter the password that was assigned to you when you completed your initial x360Recover Onboarding training session. Your Partner username and password are case sensitive. 3. Click the Login button. 4. If you have forgotten your password, click the Forgot Password link. Your pass- word will be sent to the email address specified when your Partner account was created. Page 5 Logging In to the x360Recover Licensing Portal to Support Direct-toCloud Customers Page 6 Creating Direct-to-Cloud Customers in the x360Recover Licensing Portal Create Direct-to-Cloud customers in the x360Recover Licensing Portal When you are ready, you can create a customer account within the Licensing Portal. NOTE You should only create one customer account for each customer that you support. Create a customer Please consider the following when creating customers: · When you create a customer, you will be prompted to configure a username and password for the account. These credentials may be used when logging into the vault to recover data. We recommend recording the username and password. You can optionally share these credentials with the customer if they will be performing selfservice restores from an off-site vault. · Each customer account must be configured with a unique username. You cannot create two customer accounts with the same username within the x360Recover Li- censing Portal. · If you need to recover a lost password, click the Change Password button to reset the password. To create a customer: 1. From the x360Recover License Management left pane menu, click to expand User Management and then select Users. Page 7 Creating Direct-to-Cloud Customers in the x360Recover Licensing Portal 2. Click the Add User button. The customer Details window displays. 3. In the customer Details window, update the following fields: a. In the customer Username field, enter the username for the new customer. This field only accepts letters, numbers, and underscore characters. You can- not add spaces or other special characters. b. In the customer Company Name field, enter the name of the company. c. In the customer Password field, enter a complex password. You must confirm this password in the customer Confirm Password field. d. In the customer Email Address field, enter an email address for the customer. e. In the Locations field, enter one or more Locations for the customer. Separate each Location with a comma. This field only accepts letters, numbers, and underscore characters. You cannot add spaces or other special characters. NOTE Do not assign additional licenses to the customer for Direct-toCloud protected systems. Direct-to-Cloud licensing is billed on a usage basis independent of the Licensing Portal. Assigning additional licenses here will result in double-billing for your Direct-to-Cloud endpoints. Page 8 Creating Direct-to-Cloud Customers in the x360Recover Licensing Portal Page 9 Downloading and Installing the Direct-to-Cloud Agent Download and install the Direct-to-Cloud agent After you log in to the vault, you can begin to download and install the Direct-to-Cloud agent software on protected systems. Role of the Agent The agent is software installed on a protected system. The agent performs the back- up and sends the backup data to the vault. Consider the following important notes about the agent: · The agent software must be installed on each system that needs to be protected. · The Direct-to-Cloud agent cannot currently be installed over an existing agent. If an agent has been previously installed, it must be uninstalled. You must also delete the existing agent folder (typically located at C:\Program Files (x86)\Replibit). Failure to remove the previous agent files will prevent the Direct-to-Cloud agent from registering with the vault. · Backups of protected systems are image-based. · Supported platforms include most Windows workstation and server editions. · You can install and uninstall agent software without the need to reboot the target device, reducing the impact to the customer environment. Prerequisites As an administrator, you will install the agent onto each protected device that you support. We recommend leaving third party backup solutions installed while the initial full backup is being completed and adjust scheduling so that the existing backups run during business hours and the x360 agent runs outside of business hours until completed, to avoid any gap in backup coverage. Install the Direct-to-Cloud Agent You can download the agent from the Users tab of the vault. Page 10 Downloading and Installing the Direct-to-Cloud Agent NOTE The installation file is valid for 14 days from the time of download. Installing from an expired agent installer file will fail and register invalid token errors within the log file. 1. Open a Web browser, navigate to the Vault Web interface, and log in. Page 11 Downloading and Installing the Direct-to-Cloud Agent NOTE Each Axcient Cloud vault has a unique URL that is provided during onboarding. If you do not have this URL, please contact Axcient Support. 2. In the Vault Web interface, click the Users tab. NOTE The Users tab reflects the list of customers created in the Licensing Portal. If your customers are not displaying in the Users tab, we recommend syncing the vault with the Licensing Portal. 3. Locate the appropriate client and click the Download link Page 12 Downloading and Installing the Direct-to-Cloud Agent NOTE Do not rename this file. The installation file downloaded from this page contains temporary token and identifying information embedded in the filename. NOTE The installation file is valid for 14 days from the time of download. Installing from an expired agent installer file will fail and register invalid token errors within the log file. 4. Click the installation file to initiate the installation process. Page 13 Downloading and Installing the Direct-to-Cloud Agent 5. After reading the agreement, select I accept the agreement. Click the Next button to continue. Page 14 Downloading and Installing the Direct-to-Cloud Agent 6. Accept the default installation folder. Click the Next button to continue. 7. When prompted, enter the Volumes to back up. Click the Next button to continue. NOTE You do not need to enter an IP address. NOTE You can optionally enter an access control password. If you enter a password, the vault will prompt you for this password before you begin a system recovery. We recommend setting a unique password to enhance security. Page 15 Downloading and Installing the Direct-to-Cloud Agent 8. When you are ready, click the Install button to begin installation. 9. When installation completes, click Finish to exit. Page 16 Downloading and Installing the Direct-to-Cloud Agent 10. After several minutes, the Vault Web interface will display the newly protected system in the Protected Systems tab. A full backup will automatically initiate based on your schedule settings. Page 17 Downloading and Installing the Direct-to-Cloud Agent Silent and RMM deployment of the agent The Direct-to-Cloud agent can be silently deployed through RMM or other tools as follows: msiexec /i <agent file> /quiet Optional parameters include: · BACKUP_VOLUMES=<Drv>,<drv>... · PASSWORD=<encryption passphrase> For example: msiexec /i <agent file> /quiet BACKUP_VOLUMES=C,D,E PASSWORD=password123 Update Direct-to-Cloud agent settings In certain circumstances, you might need to update x360Recover agent settings after the installation process. For example, you can update the following details in the aristos.cfg file: · A list of Backup Volumes. · The IP address of the Vault. To update x360Recover agent settings: 1. From the Services app on the target machine, stop and disable the agent service. 2. Navigate to the agent installation folder (typically C:\Program Files (x86)\). 3. Open the aristos.cfg file with administrative privileges. Page 18 Downloading and Installing the Direct-to-Cloud Agent 4. Update settings in the aristos.cfg file. For example: a. Edit the Backup_Volumes line to update the list of volumes that you wantto back up. b. When you are finished, save the file and restart the agent service. Page 19 Creating Direct-to-Cloud Schedules Log in via Single Sign On (SSO) 1. In the Vault Web interface, click the Vaults tab. 2. Click on a vault. Page 20 Creating Direct-to-Cloud Schedules 3. Click the Vault GUI button. 4. This will log you into the vault directly, without prompting you to enter a username and password. Add Direct-to-Cloud clients from the vault To add a client: 1. In the Vault Web interface, click the Clients tab. Page 21 Creating Direct-to-Cloud Schedules 2. Click the Add Client button. 3. The Create New Client User popup will appear. 4. Fill in the Client User Name and Company field, and then click the Create User button to continue. Page 22 Creating Direct-to-Cloud Schedules 5. You will then see a processing popup. This displays as the new account is created. 6. The new client will appear in the list of clients. Click the download symbol to the left of Windows Agent to retrieve the installer for the new client. Page 23 Creating Direct-to-Cloud Schedules Create Direct-to-Cloud schedules When the agent is installed on a protected system, you can create schedules and apply these schedules to protected systems. All schedules are created and maintained within the vault. Schedules allow for full flexibility when defining your Recovery Point Objectives for each customer and protected system. x360Recover supports a Recovery Point Objective (RPO) of 15 minutes for systems that require industry-leading RPOs. All schedules are created and maintained within the vault. You can create schedules for the Initial Backup and Incremental Backups. Backup Types When you create a schedule, you define two types of backups: · · The initial backup (also called a full backup) copies all sectors of the image. · Incremental backups (also called snapshots) back up changes only, saving time and disk space. You cannot schedule an incremental backup unless you have completed the Initial backup (full backup). Because x360Recover is chain-free, snapshots are not dependent on previous snapshots. Creating schedules in the Vault Web Interface Within the Vault Web interface, you can use the Schedules page to define initial back- up schedules and ongoing incremental snapshot schedules. You can create an unlimited number of schedules and assign them to different machines according to special requirements or technical limitations. You can also adjust the initial backup schedule to run during certain hours of the day and pause at other hours of the day to limit user impact during office hours. After a schedule is created, you must assign the schedule to a protected system from the protected systems page. To create a schedule: 1. Log in to the Vault Web interface. 2. In the left-hand navigation menu, click the Schedules tab. 3. In the Schedules page, click the Add Schedule button. Page 24 Creating Direct-to-Cloud Schedules 4. In the Add Schedule page, enter information about the new Schedule: a. In the Name field, enter a descriptive name for the schedule. For example, you might create a scheduled titled, Critical, for servers that require 15-minute incremental backups; and Non-Critical for servers that only require incremental backups every hour. b. Ensure the Enabled checkbox is selected to activate this new schedule. If the schedule is not enabled but later assigned to a protected system, backups for the protected system will be disabled. c. Optionally, click the Default checkbox to assign this schedule as the default schedule for all protected systems. d. In the Initial Backup section, define a Start Time and End Time for the first, full initial backup. This timeframe allows you to limit the impact of the initial backup on the user experience. e. In the Incremental Backup section, you can optionally use the drop-down menu to change the Incremental Backup type from Internal to Manual. The Manual setting allows you to create snapshots at specific times instead of intervals. f. If you selected Interval in the drop-down menu, define a Start Time, End Time, and Interval for all future incremental backups. Page 25 Creating Direct-to-Cloud Schedules g. Click the Save button when you are finished. The schedule is now created and will be listed in the Schedules page. You can manage and edit schedules in the Schedules page. 5. After the schedule is created, you can assign the schedule to a protected system. a. In the left-hand navigation menu, click the Protected Systems tab. b. Find the protected system and use the Schedule drop-down menu to select the appropriate Schedule. The schedule is now assigned to the protected system. Page 26 Coming Soon: The Global Management Portal for Direct-to-Cloud Customers Coming Soon: The Global Management Portal for Direct-to-Cloud customers NOTE Coming Soon: Direct-to-Cloud support within the Global Management Portal is scheduled to be part of a future release. You can also access the RMC to manage Direct-to-Cloud Customers. The x360Recover Global Management Portal (GMP) is a multitenant, centralized portal that delivers secure, remote access to your Vaults and protected systems. With its single pane of glass architecture, the GMP streamlines administrative tasks, significantly reducing the total time required to manage your devices and reports. Role of the Global Management Portal The GMP is the central management point, providing a single-pane-of-glass view of each of your Vaults, as well as the protected systems they protect. With the GMP, you can perform the following: · Remotely access all connected Vaults. · View dashboard and reporting details. · Review health checks. · Review trouble checks. · View historical storage utilization. Page 27 Coming Soon: The Global Management Portal for Direct-to-Cloud Customers Accessing the Global Management Portal When you replicate to the Axcient Cloud, you will be given a GMP virtual machine in the cloud free of charge. You will receive login credentials when you onboard as a new Partner. 1. Navigate to the URL provided to you. If you are a Private Cloud partner, navigate to the URL configured when you installed the GMP. 2. When prompted, type your Username and your Password and then click the Login button. If Multi-Factor Authentication (MFA) has been enabled for your environment, you will also be prompted to enter an MFA Token. 3. In the GMP Web interface, you can now browse and manage settings. Connecting Vaults with the Global Management Portal for Direct-to-Cloud customers In the GMP, the Users page allows you to create an API key so that you can integrate each Vault with the GMP. When you create a user in the Users page, the GMP automatically generates an API key that you can use for integration purposes. Page 28 Recovering Direct-to-Cloud Protected Systems with x360Recover 1. In the GMP, click the Users tab. The Users page displays, showing a list of all previously generated API keys. NOTE You can optionally share Customer-specific user credentials to allow the Customer to log in and view their Managed Devices. Most partners, however, choose not to share these credentials. If you are interested in sharing user credentials with a Customer, please contact Axcient Support for advice and best practices. 2. Option 1: In most cases, simply record the admin API key that is automatically generated for the GMP admin user during the provisioning process. You can optionally use this admin API key to integrate each Vault that you sup- port. 3. Option 2: Alternatively, for management purposes, you can generate a new API key for each customer that you support. This approach is especially useful if you plan to give your customer login access to the GMP. Please contact Axcient Sup- port for more information regarding this process. To create an API key: a. Click the Add button. The Add page displays, prompting you to create a new username and password for the user. b. In the Username field, enter a unique username for the customer. c. In the Password field, enter a complex password for the customer. d. In the Role field, select customer to indicate this is a customer user. e. Click the Submit button when you are finished. The system will automatically generate a new API key for this customer. Record this API key. Page 29 Recovering Direct-to-Cloud Protected Systems with x360Recover Recover Direct-to-Cloud protected systems with x360Recover As an MSP, you have a lot riding on service level agreements (SLAs) for the clients you support. x360Recover helps you meet these SLAs, with multiple recovery options, helping you restore client data and applications faster than traditional file-based back- up and restore tools. x360Recover gives you multiple options to restore lost or corrupted files, temporarily run critical workstations or servers, or permanently recover from a site-wide disaster. To access recovery options: 1. Log in to the vault. 2. Click the Protected Systems menu item. 3. To access recovery options, click the protected system name. In the Protected System Details page, you can: a. Click the Schedule button schedule a full or incremental backup. b. Click the Run Analysis Tool button to collect event-related information and submit to Axcient Support. Page 30 Recovering Direct-to-Cloud Protected Systems with x360Recover c. Find a snapshot and click the Mount button to browse and recover files from the snapshot. d. Click the Export button to create a virtual disk export for download and for failback from the cloud. e. Click the iSCSI button to virtualize a protected system in the Axcient Continuity Cloud for cloud failover. Page 31 Troubleshooting Direct-to-Cloud Agent Errors Troubleshoot Direct-to-Cloud agent errors If you are experiencing registration issues, please check the following: · Network connectivity--The agent must be able to communicate with the vault. If networking errors or other issues interfere with this communication process, the agent will not successfully register with the vault. · Previous Installations--The Direct-to-Cloud agent cannot currently be installed over an existing agent. If an agent has been previously installed, it must be uninstalled. You must also delete the existing agent folder (typically located at C:\Program Files (x86)\Replibit). Failure to remove the previous agent files will prevent the Direct-to-Cloud agent from registering with the vault. · Firewall considerations--The agent needs to communicate outbound on the internet to the vault on the following ports: 443, 9079, 9082, and 9090. Firewall Considerations Firewall Ports Direct-to-Cloud agents require several ports to be open for outbound internet connections between the protected system and the Cloud vault: TCP 443 (Https/TLS) TCP 9079 (Thrift/TLS - Endpoint Manager) TCP 9082 (Thrift/TLS Cloudserver) TCP 9090 (Thrift/TLS Backup Manager) Note: On Axcient-hosted vaults with Scale-Out Cloud, the Cloudserver service is located directly on a storage node in our datacenter. Storage nodes are assigned dynamically, at the time of protected system registration. If you must secure outbound traffic explicitly for protected systems, you can locate the assigned storage node URL in aristos.log for each protected endpoint. Important: Storage node locations within our datacenter are subject to change without notification. Page 32