Veritas NetBackup™ Appliance Release Notes

STIG feature enabled by default

In this release, the STIG feature is enabled by default. Upgrades to version 5.3 enable STIG automatically, even if it was not enabled before the upgrade. The upgrade preflight check and the Appliance Upgrade Readiness Analyzer tool do not check for STIG password compliance. You are not prompted or required to change passwords before or during the upgrade.

Unique passwords required for administrator and maintenance user accounts

This release enforces the requirement to have unique passwords for the administrator user and maintenance user accounts. You cannot use the same password for these accounts. For new version 5.3 deployments, the initial configuration process shows an error message if you attempt to use the same password for these accounts. For upgrades to version 5.3, the upgrade preflight check and the Appliance Upgrade Readiness Analyzer tool do not check if the current passwords match. This behavior honors the current password expiration cycle and does not require that you change passwords to upgrade.

New antimalware feature

This release adds antimalware protection. This feature lets you manage the detection and removal of malware on the appliance. Any suspected malware files are quarantined for you to inspect and verify. Reports of malware detection are sent to the Veritas LiveUpdate server.

Antimalware automatic protection is enabled by default. For complete details, see the following:

NetBackup Appliance Commands Reference Guide

NetBackup Appliance Security Guide

New multifactor authentication feature

This release adds multifactor authentication for appliance user logins. When a local user account is configured for multifactor authentication, they are required to log in with their password and an additional 6-digit code. Configuration is supported using the NetBackup Appliance Shell Menu (shell menu). For complete details, see the following:

NetBackup Appliance Commands Reference Guide

NetBackup Appliance Security Guide

New password age management feature

This release adds a password age feature that lets you manage the following parameter settings that will apply to all local users:

For complete details, see the following:

NetBackup Appliance Commands Reference Guide

NetBackup Appliance Security Guide

NetBackup license renewal removed from appliance

In this release, you can no longer add or renew NetBackup licenses on the appliance. Instead, you must use the NetBackup Web UI for NetBackup license management. For details, see the following:

NetBackup Web UI Administration Guide

Veritas Entitlement Management System (VEMS) User's Guide:

https://www.veritas.com/support/en_US/article.100048764

Automatic appliance upgrades through System Health Insights portal

This release adds support for automatic appliance upgrades through the System Health Insights portal. Automatic upgrades are supported for appliances that use software versions 5.3 and later. For complete details, see the System Health Insights User Guide.

Support for NFS Kerberos Universal shares

This release supports the use of NFS Kerberos Universal shares, including for high availability (HA) setups. For complete configuration details, see the following article:

https://www.veritas.com/support/en_US/article.100060273.html

Command prefix changes for NetBackupCLI users

This release enables the following command prefixes for NetBackupCLI users:

New option to shutdown storage shelves during appliance shutdown

This release adds the ability to shut down the connected storage shelves when you shut down the appliance. The option appears as a prompt when you run the Support > Shutdown command. If you select this option, the storage shelves are shut down before the appliance. You can also select either a GRACEFUL or a FORCE shutdown for the storage shelves. For complete details, see the NetBackup Appliance Commands Reference Guide.

Destructive storage commands removed

This release disables the following shell menu commands:

Manage > Storage Erase

Support > Storage Reset

Support > RAID Clear

Support > RecoverStorage

If you need to perform any of these destructive storage operations, contact Veritas Technical Support for assistance and refer them to article number 100058476.

New option to manage NetBackup Appliance licenses

You can now manage the appliance license through the NetBackup Appliance Web Console. For details, see the NetBackup Appliance Administrator's Guide.

Starting with this release, for new installations only, the global data-in-transit encryption (DTE) feature is enabled by default in a "preferred on" mode in the global security settings on the primary server. When enabled, this feature may cause a performance degradation of data transfer rates of 10% or more. The amount of degradation is based on the number of streams that are backed up and the architecture of the clients.

For details about the DTE feature, refer to the NetBackup Security and Encryption Guide for version 10.3.

For details about whether to have the feature enabled or disabled on a NetBackup Appliance, see the NetBackup Appliance Capacity Planning and Performance Tuning Guide for version 5.3.