Overview:
Organizations may need to move to a different data‑center region for latency, compliance, consolidation, or restructuring purposes. This process requires creating a new Guardz account in the desired region, then migrating data, settings, and integrated services.
This guide explains how to migrate your Guardz environment from one data‑center region to another. It includes detailed steps, prerequisites, recommended sequencing, and other special considerations.
Please note:
This migration process does involve canceling your current subscription and creating a new account in the desired region. Make sure to have all necessary information backed up before proceeding with these steps.
For Ultimate accounts that use Managed SentinelOne agents, please reach out to Support. Migration in these cases requires special handling.
You may start backing up your account, but do not cancel the account unless Support explicitly instructs you to do so.
Migration Process: Step-by-Step
1. Backing-up the Existing Account
Primary ITDR Application:
Keep a list of active users (you can export it in advance from the users page).
Cloud Data:
Keep a list of allowed assets per tenant (Security Controls > Cloud Data Protection > Assets Allow List).
Keep a list of connected Cloud Data Apps for each tenant (Security Controls > Cloud Data Protection > Connected Applications).
Email Protection:
Keep a list of allowed/blocked email addresses per tenant (Security Controls > Email Protection > Manage Block List / Manage Allow List).
Endpoint Protection:
Keep a record of your MSP global settings and policies (Security Controls > Endpoint Protection > Microsoft Defender Policy Settings).
Keep a record of the override policies from the tenants' accounts.
Guardz Agents: No need to uninstall them, you can rerun the installer once the new account is created to move ownership to the new account.
BYO SentinelOne: Disconnect the integration (you will then be able to connect it with the new account).
Organization Settings:
Keep a record of your organization settings (Branding & Customer facing info).
2. Cancelling the Current Account
Go to Subscription & Billing > 'Unassign Plan', Cancel the subscription of each tenant.
Go to the Customers page and make sure it has been removed. If not, click on 'Delete customer'.
Cancel the entire account using the 'Delete Organization' button.
3. Creating the New Account
Signing-up
Go to the Guardz Sign Up page and proceed with creating a new account in the correct database region.
ITDR Application:
Connect the primary app of Guardz and activate the licenses.
Cloud Data:
Connect cloud data applications.
After the initial scan of files ends, add the files listed above to the allowed assets.
Email Protection:
Connect email protection app.
Once done, you may add any allow/block rules.
Device Protection:
Set up global settings & policies based on the previous account.
Set up overridden settings in the tenants.
Endpoint Security deployment:
Guardz Agent:
Re-install the agent using the new organization keys There's no need to uninstall the agent using the script. All you need to do is to re-install with the new org keys.
BYO SentinelOne Agents:
Follow the steps in the following article to connect the integration: Guardz + SentinelOne Integration Guide (BYO-S1).
Organization Settings:
Set up your MSP organization settings.
Setup each customer following the above mentioned steps
Ensure all settings are configured as desired.
Subscription:
Please contact your Customer Success Manager (CSM) or Support to adjust your subscription in the new account and apply all relevant plans to your customers before the trial period ends.