Search <book_title>...

Cohesity Alta SaaS Protection Administrator's Guide

Last Published: 2025-04-07

Product(s): Veritas Alta SaaS Protection (1.0)

Introduction to Cohesity Alta SaaS Protection
1. About Cohesity Alta SaaS Protection
2. Features of Cohesity Alta SaaS Protection
3. Architecture of Cohesity Alta SaaS Protection
4. Operational workflow
5. Extra Data Backup (EDB)
API permissions
1. API permissions for Microsoft 365 workloads
2. API permissions for Gmail and Google Drive
3. System and API permissions for Salesforce
4. API permissions for Entra ID
5. App permissions of Web App
Administrator portal (Web UI)
1. About the Administration portal
2. Configure the Administration portal
3. View upgrade history
Manage users and roles
1. Role-based access control
2. Permissions tab
What is a connector?
1. What is a connector?
2. Supported SaaS workloads and backup capabilities
3. Workflow to protect data using Cohesity Alta SaaS Protection
4. Know your subscription details
5. About transient errors
6. Overview of adding connectors
7. Configure General settings
8. Configure Capture scope
9. Configure User filter
10. Configure Group filter
11. Configure Folder filter
12. Configure credentials
  1. Assign Microsoft 365 apps registration
  2. Microsoft 365 apps registration status
  3. Manually approve Microsoft 365 apps registration
  4. Approve Microsoft 365 apps using the App Consent Grant utility
  5. Microsoft 365 apps recovery
13. Configure Custom backup policy and guidelines
14. Configure Delete policy for SharePoint Online and guidelines
15. Configure Stubbing policy
16. Guidelines to configure Stubbing policy for SharePoint Online
17. Schedule a backup
18. Configure email addresses to get notifications
19. Review configuration and edit/save/initiate backup
20. Connectors page
21. Connector status
22. Edit connector configuration
23. Delete connectors
Pre-requisites for Microsoft 365 connectors
1. Pre-requisites for Microsoft 365 connectors
Protect Microsoft 365 Multi-Geo tenant
1. Considerations for adding SharePoint/Teams Sites/OneDrive connectors for Microsoft 365 Multi-Geo tenant
Protect Exchange Online data
1. Add Exchange Online connectors
2. Configure capture scope for Exchange connectors
Protect SharePoint sites and data
1. Add SharePoint connectors
2. Supported and unsupported SharePoint Settings and Types for backup and restore
3. Supported Sites and List templates for backup and restore
4. Supported SharePoint permission objects for backup and restore
5. Configuring capture scope for SharePoint connectors
6. End-user SharePoint data access in Cohesity Alta SaaS Protection
7. Run the Delete and Stubbing policies to the SharePoint Online environment
8. Limitations of SharePoint connector
Protect Teams sites
1. Add Teams site collections connectors
2. Configure capture scope for Team site collections connectors
3. Limitations of Teams site collections connector
Protect OneDrive data
1. Add OneDrive connectors
2. Configure capture scope for OneDrive connectors
Protect Teams chats
1. Add Teams chat connectors
2. Configure capture scope for Teams chat connectors
3. Limitations of Teams chat connector
Protect GoogleDrive data
1. Prerequisites to add Google Drive connectors
2. Add Google Drive connectors
3. Configure capture scope for Google Drive connectors
4. Limitations of Google Drive connector
Protect Gmail data
1. Prerequisites to add Gmail connectors
2. Add Gmail connectors
3. Configure capture scope for Gmail connectors
Protect Audit logs
1. Add Audit log connectors
2. Audit log connector limitations
Protect Salesforce data and metada
1. About Salesforce protection
2. Key considerations and prerequisites for adding Salesforce connectors
3. Add Salesforce connectors
4. Limitations of Salesforce connectors
5. Salesforce Objects not supported for backup
Protect Entra ID objects
1. Add Entra ID (Azure AD) connectors
2. Limitations for Entra ID connector
Protect Box data
1. Prerequisites for Box connectors configuration
2. Add Box connectors
3. Configure capture scope for Box connector
4. Limitations of Box connector
Protect Slack data
1. Add Slack connectors
Protect Email/Message data
1. Prerequisite for Email/message connector
2. Add Email/Messages file
Configure Retention policies
1. About WORM policies
2. Ingestion WORM policies page
3. Add/edit Ingestion WORM retention policies and guidelines
4. Add/edit At-Rest WORM retention policies
5. Add/edit Deletion policies
6. View deletion history
7. How to edit the policy evaluation interval?
8. How to add a Location filter?
9. How to add a filter?
Perform backups
1. Perform on-demand/ad-hoc backup
2. Backup dashboard
3. Video tutorial for connector troubleshooting
4. View backup events
  1. About Event suppression
  2. Create event suppression rules
5. Viewing backup tasks details
View and share backed-up data
1. Browse backed-up data
2. Share data
3. Remove data sharing
Analytics
1. About analytics
2. Gain insights into storage utilization
3. Gain insights into storage utilization for Entra ID and Salesforce connectors
4. Gain insights into blocked activities, most active users, and more
5. Gain insights into data volume (size and item count) on legal hold
6. Gain insights into data volume (size and item count) saved in different Enhanced cases
7. Gain insights into data volume (size and count) under different policies
8. Gain insights into data volume (size and item count) under different Tags
9. Gain insights into data volume (size and item count) under different Tags behaviors
10. Gain insights into storage savings after deduplication and compression
11. Gain insights into data ingestion trends
Perform restores using Administration portal
1. About restore
2. Prerequisites for restore
3. Restore Exchange Online mailboxes
4. Restore SharePoint/OneDrive/Teams Sites and data
  1. Restore of OneDrive, Microsoft 365 Group, and Microsoft Teams sites
  2. Limitations of SharePoint sites and data restore
5. Restore Teams chat messages and Teams channel conversations
  1. Limitations of Teams chat data restore
6. Restore O365 audit logs
7. Restore Box data
  1. Limitations of Box data restore
8. Restore Google Drive data
  1. About the overwrite restore behavior for Box/Google Drive data
9. Restore Gmail data
10. About Salesforce Data, Metadata, and CRM Content restore and Sandbox seeding
11. About Entra ID (Azure AD) objects and records restore
12. Restore Slack data
13. Restore data to File server
14. Set default restore point
15. Configure Restore all, Restore all versions, Point-in-time, and Specific range restore options
16. Configure email addresses for notifications
17. Downloading an item
Restore dashboard
1. About Restore dashboard
2. Restore job statuses
3. How to cancel a restore job?
4. View the restore events
Install services and utilities
1. About services and utilities
2. Pre-requisites to download and install services and utilities
3. Downloading services and utilities
4. Where to install the services and utilities
5. Installing or upgrading services and utilities
6. Configuring service accounts for services and utilities
7. About the Apps Consent Grant Utility
Discovery
1. About eDiscovery/searches
2. Add search templates
3. Add Discovery cases
4. Perform ad hoc search and add data to Discovery cases
5. View data in Discovery cases
6. Edit Discovery cases
7. DeleteDiscovery cases
8. Assign Discovery cases to users
Configure Tagging polices
1. About the Tagging policy
2. Add Tags
3. Add/edit Tagging policies
4. Adding regular expressions
  1. RegEx and query examples for PII detection
Configure Tiering policy
1. About the Tiering policy
2. Add/edit Tiering policies
Auditing
1. Auditing
Manage Stors (Storages)
1. Viewing Stors (Storages)
2. Requesting a new Stor
3. General tab
4. Version control settings
5. Metadata tab
6. Statistical policies tab
7. Location-Mapping tab
8. Backup tab
9. Custodian Groups tab
10. Advanced tab
11. Analytics tab

General tab

The General tab displays the following options:

Table: General tab options

Fields	Description
Basic settings
Stor name	Displays the name of the Stor.
Stor type	Displays the type of the Stor.
State	Displays one of the following states of the Stor:
	Not Provisioned	The Stor is created but not provisioned yet. The StorDB and Azure containers for the Stor do not exist. A Stor in this state is not usable; you cannot configure policies. You can configure only limited settings.
	Provisioned	The Stor is created and provisioned. The StorDB and Azure containers exist. A Stor in this state is not usable; you cannot configure policies. You can configure only limited settings.
	Online	The Stor is created, provisioned. A Stor in this state is available for writing and reading. You can configure only limited settings.
	Online ReadOnly	The Stor is created and provisioned. A Stor in this state is available only for reading the existing content. You can configure limited settings only.
Size	Displays the size of the Stor that is same as the total size of the Blob.
Options
PII	Select the check box to enable Personal Identifiable Information (PII) detection. If PII is enabled, the Stor is evaluated according to the policy interval and the content indexing scope.
Versioning	Select the check box to enable file versioning for the Stor.
Encrypt data at	Select the check box to encrypt the data at rest. Note: Data in the rest is the data that is stored for later use.
Support storage tiering	Select the check box to support the storage tierings for the Stor.
Support pre-ingest encryption	Select the check box if the Stor supports pre-ingest encryption. The PreIngestEncrypted metadata field is added to the Stor. Note: If the pre-ingested encryption is enabled, the data in any Blobs gets decrypted during the export.
Hide from End-User Portal	Select the check box to hide the Stor from the End-User portal.
Stor-level WORM	Select the check box to enable Stor-level WORM for the Stor. Stor-level WORM provides a single WORM retention period for all content in the Stor. This setting is optionally configured on a Stor at the time of provisioning the Stor. Before performing the process of provisioning, you are required to discuss with the Cohesity Alta SaaS Protection technical support team. After a Stor is provisioned in WORM mode, the settings cannot be changed. Specify a retention period for WORM. The specified WORM retention protection is applied to all data that is archived in the Stor. After the WORM retention period is completed, the content is deleted.
Item-level WORM	Select the check box to enable Item-level WORM for the Stor. Item-level WORM supports one or more WORM retention periods on the Stor. Item-level WORM retention periods are driven by the document-level policies that are run in real time during the write process. Multiple item-level WORM policies can be used within a Stor. The setting for item-level WORM is configured on the Stor at the time of provisioning the Stor, the settings cannot be modified.
Blob replication settings
Locally Redundant Storage (LRS)	Select this option to enable Locally Redundant Storage for the Stor. LRS is the default Blob replication configuration that Cohesity Alta SaaS Protection provides. Three synchronous copies of the data are maintained in a single datacenter. LRS replicates the data within the region of the customer. To maximize durability, every request that is made for the content is replicated thrice. These three replicas are each placed in Fault Domains (FD) and Upgrade Domains (UD). The three replicas are spread across UDs and FDs to ensure that data is available even if hardware failure affects a single rack or when nodes are upgraded during a rollout.
Geo Redundant Storage (GRS)	Select this option to enable Geo Redundant Storage for the Stor. Six copies of the data are made (three synchronous copies in one datacenter + three asynchronous copies in a second datacenter). GRS replicates the data to a secondary region that is hundreds of miles away from the primary region. The data is durable even in the case of a complete regional outage or a disaster in which the primary region is not recoverable. An update is first committed to the primary region, where it is replicated three times. Then the update is replicated to the secondary region, where it is also replicated three times, across separate FDs and UDs.
Read-Access Geo Redundant Storage (RAVersion control settings -GRS)	Select this option to enable Read-Access Geo Redundant Storage for the Stor. Six copies are replicated to a second datacenter. RA-GRS maximizes availability for the storage account, by providing read-only access to the data in the secondary location, in addition to the replication across two regions that are provided by GRS. If data becomes unavailable in the primary region, the application can read data from the secondary region.
Version control settings	For more details, refer to the following topic: See Version control settings.
Policy evaluation interval in minutes	Displays an interval to auto-run the policies defined for this Stor. By default, it is 15 minutes. You can edit the values as required. Note: Each Stor have its policy evaluation interval setting. Stor that contain data, which is accessed rarely may not need frequent policy evaluation. Stor that contain data, which is accessed actively by users and has indexing, and security requirements may need a policy evaluation interval to ensure policies run closer to real time.
Policy evaluation last ran	Displays the time when the policy evaluation was last run.