Exporting configuration from existing MailGate appliance and restoring it on a new one.

Resolution

1. Prerequisites:

Before copying an existing configuration from one MailGate appliance and restoring it on a new one, both must be running on the same MailGate version and patch level. Any attempt to restore a configuration backup from an older version to a new one or vice versa will produce an error.

If the existing MailGate box runs on an older version, it must first be upgraded to match the version of the new box. Please refer to the Release Notes document for the version you are upgrading to and make sure that the appliance model is supported (hardware wise) on that particular MailGate version.

During any backup \ restore operation Incoming Mail must be stopped. This is done under Relay Policies > General Settings > Mail Flow.

2. With Secure Collaboration:

2.1. When MailGate is licensed for Secure Collaboration (either Secure Mailbox or Secure Folder or both) the Secure Collaboration Backup option allows you to transfer the system configuration backup, including Relay Policies, Content Policies and User Configuration, on one hand, and Secure Collaboration Packages, files and metadata information on another.

2.2. In order to generate a Secure Collaboration Backup, an External Storage for Backup needs to be configured under: Administration > System Settings > Secure Collaboration Backup. On this page you need to insert the address of the External Backup Storage and the Access Protocol. The backup can be performed either manually or on a schedule.

2.3. Two important items are not included in the backup and need to be handled manually:

a) The Master keys for encryption/decryption of Secure Packages must be exported. These are located under Administration > Certificates > Secure Collaboration Keys.

b) The local TLS\SSL certificate

NOTE: The Export option under Administration > Certificates > Local > TLS Certificate will only export the public key. This is useful for providing the key to remote parties for certificate trust purposes. For new installations of MailGate, you will need to import the TLS\SSL certificate pair (in PFX or P12 format) which also contains the private key. This file should be available offline in a safe place.

2.4. Once the Secure Collaboration Backup is created, in order for it to be restored on the new MailGate box, the same External Storage for Backup has to be configured for use with the new MailGate to allow access to the files.

2.5. Before clicking on Restore Selected Backup button on the Secure Collaboration Backup page, the Master Key for encryption must first be imported.

2.6. The backup will restore a system backup along with all Secure Collaboration packages, files and metadata. Any information or settings on the server will be completely removed during the restore process and overwritten by the ones contained in the backup.

NOTE: Please note that the system backup does not include the network configuration of the appliance (IP address, Subnet Mask and Gateway), its hostname or DNS servers.

3. Without Secure Collaboration (with or without restoring messages):

3.1. If MailGate is not licensed for Secure Collaboration, you can transfer a system backup over to a new appliance and also restore messages from few days back.

3.2. The system backup file is generated under Administration > System Settings > System Backups. The Backup Now button will generate a .mgd file which contains:

a) Relay Policies , Content Policies and User Configuration (if Backup All Settings is selected)

b) Content Policies and Policy Objects (if Backup Only Content Policy Settings is selected).

3.3. Once the backup configuration file is generated it can be uploaded through the Admin UI of the new box under Administration > System Backups, by browsing to the .mgd file and clicking the Restore Now button.

3.4. MailGate also allows restoring messages for few days back (if these were previously backed up using the Automatic SFTP Message Setup option). If an SFTP server is configured and the Backup Messages From Previous Day option is selected, MailGate will backup the messages that are stored on the file system for the last 24 hours. Each day a new file is generated.

NOTE: Stored messages depend on the Message Archiving configuration under Administration > System Settings.

3.5. To restore the messages, you need to choose the exact period and click Restore Now button.

IMPORTANT: The Restore operation will delete all existing messages on the system, not only the messages for the selected time range. Messages can only be restored to an appliance that has the same appliance ID or on a new appliance where the license matches exactly the one of the old appliance.