This article shows you how to request, acquire, and decrypt :xRecovery Offline Archive content.
This article summarizes the :xRecovery procedures that you can use to work with Archive content. For additional information and insight on :xRecovery configuration, behavior, and security, refer to the article, :xRecovery Archive.
Requesting the Archive
To request an :xRecovery Archive:
- Click the SSProtect notification icon
- Choose Offline Archives from the context menu
- Check All Versions if you want every version of scoped files, else leave unchecked
- Check Entire Organization, else enter the target Account's Username (email address)
- Choose Request
DefiniSec Support will contact an appointed representative from your Organization to authorize the transaction, then proceed to create the Archive for you to download. Once this process completes, you will receive notification via email that the data is ready for you.
Acquiring the Archive Keys
You will need three resources to download and access content:
- A Shared Access Signature, required to download the Archive
- An Archive Key file, used when accessing Archive content
- A Secret, required to access the Archive Key file that unlocks content
Return to the :xRecovery Panel and choose Get Keys to download the Archive Key file. You will be prompted for a target name and location for the download. This file will be used together with the Secret to access offline content, and at that time it must be called ArchiveKey and placed together with protected offline content. See below for more.
Cloud Archive Resources for Access
After you save the Archive Key file, you will be returned to the UI with one or two edit controls that contain the information necessary to access/ download secure Archive content.
If you see two controls, your Archive is stored using Amazon Web Services. in this case, you will need both an S3 Container Name (top control) and also the associated access Credentials (Key/ Key Secret combination in the bottom control), as shown:
If however you only see one control, your Archive is stored using Microsoft Azure. In this case, you will only need the displayed Azure Shared Access Signature (SAS) URI for access/ download.
In either case, copy content and store it securely (perhaps in a document saved to removable media) before choosing Clear SAS to securely remove this data from your host computer.
Losing SAS Resource Details
When you click Clear SAS, the associated resources/ credentials are permanently destroyed. If you do not have access to a copy of this information, the Archive is useless. As such, to gain access to the requested content, you will have to submit a new request resulting in the creation of an entirely new and separate Archive.
Azure - Downloading the Archive
To download your Azure-stored Archive, use any Azure-compatible application with the URI you obtained. Once you have downloaded content, you should remove it from Azure Storage (Delete).
AWS - Downloading the Archive
To download your AWS-stored Archive, use the S3 Container and Key/ Secret combination with any S3-compatible application. The URL and Key/ Secret are formatted as follows:
S3 Bucket URL: xrecovery-<type>-<organization>-<location>-secdefini-com
Key String: <Key Access ID>.<Key Secret>
<type> is <stag|prod> depending on your use and provider, and
<location> informally depicts the Amazon S3 Bucket Endpoint, i.e. uswest1, useast1, etc.
Note that S3 materials are automatically removed after 24 hours.
Archive Access Stipulations
Azure content is available for 1 hour after the point in time that you choose Get Keys in the procedure above. Amazon S3 content provides access for 24 hours starting when you receive email notification that your Archive is available for download.
In both cases, you MUST download Archive content from a host computer that presents the same public IP address as that provided when you chose Get Keys in the procedure above.
Managed Media Archive Delivery
For large Archives, we can work with you to deliver content using managed media (for example AWS Snowball). Contact Support for details.
Isolating the Archive Key and Archive Files
Copy the Archive Key file you stored in the acquisition phase, above, to the folder that contains downloaded content. Move the resulting folder to a physically isolated host computer that has the :Foundation Client installed, then remove the Archive from the host you used to download content. Be sure to clear content from the Recycle Bin as well.
Decrypting Archive Content
To access Archive plaintext content, you will need an additional Secret delivered over the phone by DefiniSec Support staff to pre-determined, authorized contacts for your Organization/ Account. Once you have this secret, you can proceed as follows:
- Exit the :Foundation Client using the context menu from the notification panel icon
- Start the :xRecovery Access Panel using the Desktop shortcut
- Enter the secret given over the phone in the Archive IV edit box (top left)
- Browse to the folder holding transferred files to set the Archive Folder
- Choose Open to see a list of files: Files will not (yet) present plaintext filenames
Decrypting Archive Filenames
Filenames are encrypted in the cloud, which you can decrypt with keys you Exported before starting this operation:
- Browse to your exported Organization .ssp keyfile to set the Keystore
- Enter the Passphrase for your .ssp keyfile
- Choose Import to display the Real Filename entries with the list
Decrypting Archive Content
Once you have entered the proper credentials to enumerate plaintext filenames, use the Account dropdown to filter results to a specific User, if desired. You can further refine results with the Filter controls.
In the top right, choose the method you wish to use for naming plaintext files/ results. As you click the various options, you will see the associated results in the information panel to assist you in choosing the proper approach.
When ready to proceed, select one or more target files with a combination of shift/ control-click operations, then choose Decrypt. On completion, the list's state will list plaintext state for each file. This state is not retained if you restart the :xRecovery Access Panel, though plaintext files will remain in their associated locations.
Use the Open Folder button to launch File Explorer in the root Decryption folder, then drilldown to review plaintext materials as you wish.
Refer to the article, Using the :xRecovery Access Panel, for further insight.
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to email@example.com, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v9.6.6 of the :Foundation Client