NetBackup™ Web UI Cloud Object Store Administrator's Guide

Integration with NetBackup's role-based access control (RBAC)

The NetBackup web UI provides the Default cloud object store Administrator RBAC role to control which NetBackup users can manage Cloud object store operations in NetBackup. You do not need to be a NetBackup administrator to manage Cloud object stores.

Management of Cloud object store accounts

You can configure a single NetBackup primary server for multiple Cloud object store accounts, across different cloud vendors, as required.

Authentication and credentials

Wide emphasis on security. For protecting a single Azure Blob Storage account, the storage account and access key must be specified. To protect the Azure blob storage account, the supported authentication mechanisms are Access key, Service Principal, and Managed Identity. For all S3 API-compliant cloud vendors, the Access key and Secret Key are supported. For Amazon S3, the Access Key, IAM role, and Assume role (for cross-AWS account) mechanisms of authentication are supported.

Backup policy

A single backup policy can protect multiple S3 buckets or Azure blob containers from one Cloud object store account.

Intelligent selection of cloud objects

Within a single policy, NetBackup provides flexibility to configure different queries for different buckets or containers. Some buckets or containers can be configured to back up all the objects in them. You can also configure some buckets and containers with intelligent queries to identify objects based on:

Scalable solution

In addition to full backup, NetBackup also supports different types of incremental schedules for faster backups. Accelerator feature is also supported for the Cloud object store policies.

Enable checkpoint restart in the policy to be able to restart a failed or suspended job, right from the point that it stopped. You do not need to repeat the entire data transfer from the start of the job.

Granular restore

NetBackup makes it easy to restore all objects in a bucket or container. It also lets you select which objects to restore by using a prefix, folder, or object-based views.

You can narrow down a selection of backup images for restoration in NetBackup by providing a date and time range.

Restore options

NetBackup supports adding an arbitrary prefix to all objects when restoring. Consequently, it restores objects with a distinct name when it is desired to avoid any interference with the original objects. The Azure Data Lake files and directories, however, do not require a prefix. Instead, the files and directories are restored to a specified alternate location.

By default, NetBackup skips overwriting objects that already exist in the Cloud object store to conserve bandwidth and cloud costs. You can modify this default behavior by using the Overwrite option, thereby enabling the restoration of copies to overwrite the copies stored in the Cloud object store.

Alternate location restores

You can select the objects for restoration:

Scale-out support

NetBackup Cloud object store protection supports configuring NetBackup Snapshot Manager (NBSM) as a backup host in addition to a media server.

With the scale-out server option, you can manage many buckets in your Cloud object store. You do not need to configure multiple backup hosts, and create multiple policies to distribute the load across these backup hosts. NetBackup Snapshot Manager is capable of deploying as many datamover containers as necessary during operation, and then reducing them when the protection tasks are completed.

Object lock

This feature lets you retain the original object lock properties and also provides an option to customize the object lock properties. If you use object lock properties on objects that have been restored, you can't delete those objects until the retention period is over, or the legal holds are removed. You can use the Object lock and retention properties without any configuration during policy creation and backup.