This article shows you how Remote Profile Deployment helps you Replicate your Working Set on new host computers.
Introduction
When computing resources are affected by unauthorized or malicious activities, they are generally removed from service for investigation, remediation, reparation, and/ or disposal. This has an obvious impact to those that rely on affected resources to carry out daily activities.
SSProtect supports related needs with Remote Profile Deployment.
The Short Version
Operation is available for all SSProtect Accounts, and data Restoration executed for those with :Recover:
- Install SSProtect on a new host computer
- Login to SSProtect using target/ existing Account credentials
- If/ when prompted and when using :Recover, provide the Default/ Overflow Folder target
Why an entire article on the matter? This is an opportunity to clarify related aspects of Accounts and Profiles.
Prerequisites
This article assumes you have worked through and/ or are familiar with concepts and activities covered in the Common Tasks, Simple Administration, and Sharing/ Managing Data Walkthroughs.
STEP guidance uses Profiles created in the Walkthrough, Third Party Trust Sharing, while also referring to content and/ or state resulting from ordered execution of noted Walkthroughs. This is a matter of convenience rather than a requirement; execution is straightforward and simple.
We do not however recommend the use of production Accounts, if only to avoid the potential for inadvertent execution that has an impact on real data.
Finally, this Walkthrough does not require multiple host computers, as we will combine underlying details together with manual procedures that allow you to work on a single host.
Looking Deeper: Environments, Accounts, Profiles, and Aliases
When you Login to SSProtect, you establish a Login Session that's managed by your Profile. Your Profile contains information specific to your SSProtect Account and unique Environment. Your Environment is the unique combination of your host computer and Windows User Profile.
Details are defined in the article, Environments.
Profile data is host-resident only while you are working with an active Login Session. When you Refresh Login, Exit, or your Session duration reaches timeout, SSProtect performs Logout at which point your Profile is securely packaged and uploaded to KODiAC Cloud Services then removed from your host computer.
Note that KODiAC Cloud Services cannot access Profile details.
Prepare Your Host
For our progression, we're going to use the primary Walkthrough Test Account that holds most of the data we created in previous STEP guidance, Org1_Admin. We'll need to make some changes to illustrate one of the most important details about Remote Profile Deployment. Let's do that now.
STEP 1: Login to your Org1_Admin SSProtect Profile.
STEP 2: Navigate to the Managed Files/ Restore dialog to view your Profile's Hostlist:
If you've followed the Walkthroughs in ordered fashion, and as written, your Hostlist should be similar to that shown here. Let's compare that to the Archivelist.
STEP 3: Choose Archive... to display the KODiAC Managed Data Archive:
Let's take a closer look at these two lists.
Working Set vs. Managed Data Archive
The Hostlist represents your Working Set of, "active" files, whereas the Archivelist reflects every item you've ever managed (with :Recover enabled and while using compatible Operating Modes). Over time, these two lists will start to deviate.
For example, you may find that it's easier to trim your Working Set to remove, "unused" items for better focus. You can use the Hostlist Remove facility to achieve this result, which is in spirit the same as, "Archiving" content in other applications except that SSProtect and :Recover handle the Archive part for you.
In the present case, shown above, deviation is subtle but a natural consequence of working with Version Chains. Here, the Hostlist has two entries - original_file.txt and copied_file.txt - that are part of the same Version Chain. As such, the Archivelist shows only the most recent Version Instance, original_file.txt.
Scope Remote Profile Deployment Restore
What does Remote Profile Deployment use when Restoring content? As you'll see below, Restore uses the Working Set of the most recently used Profile associated with your Account. This is directly aligned with general Response/ Recovery operations resulting from damaged/ sabotaged Windows host computers and/ or data breach investigation, and of course you can always navigate to your Archivelist and manually Restore content from your KODiAC Managed Data Archive.
This is in fact why we call the operation, Remote Profile Deployment - we are placing the most recently, active content on the new host such that you can, "continue" working despite disruptions, supporting a primary goal of maintaining secure availability.
Prepare For Deployment
To prepare for Deployment using the same host computer, let's first make our Hostlist more obviously different than the Archivelist, then we'll remove resources before we execute.
STEP 4: Return to the Hostlist and select the files beginning with the word, "Test", then choose Remove. Choose Yes in response to the confirmation request, which should provide results as follows:
STEP 5: Click Open Folder to display Working Set content and prepare for our next step:
Notice that Remove renders the overlay icon Yellow; this is by design, since the target file is no longer in the Working Set and recognized as, Owned by the active Account. This changes the first time you execute a Managed Open operation using the Owner Account; on Save/ Close the file is added to the Hostlist/ Working Set and the overlay icon turns Red.
STEP 6: Rename the folder C:\TestData to C:\TestData_old. We'll use this for reference.
Finally, let's remove the local Profile:
STEP 7: Dismiss the Hostlist and Refresh Login. Choose Advanced... from the Login dialog:
You may have noticed the Recovery checkbox. This allows you to perform Login using an Archived instance of your Profile data, a fallback mechanism should Login fail due to data corruption (sabotage). To-date, this has never been necessary though if required, contact Support to coordinate proceedings.
STEP 8: Choose Profiles... to navigate to the Profile display:
STEP 9: From the Profile dropdown, choose Org1_Admin, the Alias we provided for the first Test Account we created.
STEP 10: Notice that the Caption changes each time you change the Profile - this allows you to verify the Account email address (identity) and associated Organization. Make note of the email address associated with Org1_Admin - for us, definisec+test1@gmail.com.
IMPORTANT: Though we refer to the operation as Remote Profile Deployment, you must properly identify the associated Account by its' email address, as you'll see below. Make sure you have this before executing the next step.
STEP 11: Choose Edit... then Delete, click Yes to execute the operation, and finally Done to navigate back to the Login dialog.
Remote Profile Deployment
At last, we can execute the procedure.
STEP 12: From the Login dialog, choose Register Existing... in the Profile dropdown. This will switch your UI to the Register dialog:
STEP 13: Enter your Account's email address for Username, then your Login Password and click Register to authenticate. You will be presented with the 1st Time Use dialog for :Recover Restore:
STEP 14: Choose Yes and your content will be Restored to your host computer, in this case using the same Default/ Overflow Folder you'd configured before. Restore operation will be accompanied by the familiar Status/ Progress UI elements, and on completion SSProtect will return you to the Login dialog so you can re-enter your Password to proceed.
Note that the Login dialog presents your Profile using the default naming convention rather than the Alias you used before, despite that we're operating on the same host computer. Before proceeding, let's re-configure the Alias for Walkthrough reference consistency.
STEP 15: From the Login dialog, choose Advanced... then Profiles... to navigate to the Profiles dialog. Click Edit and enter Org1_Admin in the New Name edit control, then Save and Done to return to the Login dialog.
Remote Profile Deployment Commentary
When you execute Remote Profile Deployment using a host computer that hasn't previously been used with your Account, 1st Time Use progression first prompts you to set your Default Folder. This is necessary because Restore operation utilizes this location as a point of indirection, further described in the article, Managing Host Data.
Our execution skipped this step not because we performed manual operations to, "pretend" we'd not deployed here before, but because SSProtect retains the association very specifically due to the fact that settings are independent from the Windows User Profile being used (which means the value cannot change without impact to other Profiles on the same host).
Finally, navigate to C:\TestData and compare content with our backup in C:\TestData_old, your Hostlist, and your Archivelist: Notice that results reflect your Hostlist/ Working Set. This is specifically acquired from the last-used Profile for your Account.
:Expand Automation
Refer to the article of the same name, in the :Recover section, for :Expand details that allow you to automate this procedure.
Additional Resources
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v10.7.1 of the :Foundation Client