Veritas NetBackup™ Flex Scale Administrator's Guide

Last Published:
Product(s): Appliances (3.0)
Platform: NetBackup Flex Scale OS
  1. Product overview
    1.  
      About Veritas NetBackup™ Flex Scale
  2. Viewing information about the NetBackup Flex Scale cluster environment
    1.  
      Accessing NetBackup Flex Scale and NetBackup
    2.  
      Accessing the NetBackup web user interface on the appliance
    3.  
      About the NetBackup Flex Scale management console
    4. About the Dashboard view
      1.  
        Viewing all the activities
    5.  
      Working with NetBackup Flex Scale APIs
  3. NetBackup Flex Scale infrastructure management
    1. User management
      1.  
        Considerations for managing NetBackup Flex Scale users
      2.  
        Adding users
      3.  
        Changing user password
      4.  
        Removing users
      5.  
        Considerations for configuring AD/LDAP
      6.  
        Configuring AD server for Universal shares and Instant Access
      7.  
        Configuring AD/LDAP servers for NetBackup services
      8.  
        Configuring additional AD/LDAP servers for managing NetBackup services/Universal Shares/Instant Access
      9.  
        Configuring AD/LDAP servers on clusters deployed with only media servers
      10.  
        Directory services and certificate management
    2.  
      Region settings management
    3.  
      About NetBackup Flex Scale storage
    4. About Universal Shares
      1.  
        Creating a Protection Point for a Universal Share
    5. Node and disk management
      1.  
        NetBackup Flex Scale network cabling
      2. Adding a node to the cluster using the NetBackup Flex Scale web interface
        1.  
          Considerations for adding a node when disaster recovery is configured
      3.  
        Adding a node using the REST APIs
      4.  
        Replacing a node in a cluster
      5.  
        Starting and stopping nodes
      6.  
        Replacing a disk
      7.  
        Viewing disk details
      8.  
        Viewing node details
    6. License management
      1.  
        Adding or removing storage licenses
      2.  
        Adding NetBackup licenses
  4. NetBackup Flex Scale network management
    1.  
      About network management
    2.  
      Modifying DNS settings
    3.  
      About bonding Ethernet interfaces
    4. Bonding operations
      1.  
        Creating a bond
      2.  
        Modifying a bond
      3.  
        Removing a bond
    5.  
      Configuring NetBackup Flex Scale in a non-DNS environment
    6. Data network configurations
      1. Network configuration on plain device (eth5)
        1.  
          Adding a data network
        2.  
          Modifying a data network
        3.  
          Deleting a data network
      2.  
        Network configuration on VLAN (eth5)
      3. Network configuration on bonded interfaces (bond0 on eth5 and eth7)
        1.  
          Adding a data network
      4.  
        VLAN on bond of eth5 and eth7 (bond0)
      5.  
        Support for multiple VLAN when disaster recovery is configured
  5. NetBackup Flex Scale infrastructure monitoring
    1. About alert management
      1.  
        Viewing information about alerts
      2.  
        Managing alerts
    2. About event notification
      1.  
        Purging events
    3. About AutoSupport and Call Home
      1.  
        Setting up email alerts
      2.  
        Setting up SNMP alerts
      3.  
        Configuring Call Home settings
    4.  
      Monitoring hardware components
    5.  
      Monitoring usage and licensed capacity using Veritas NetInsights Console
  6. Resiliency in NetBackup Flex Scale
    1.  
      Erasure coding in NetBackup Flex Scale
    2.  
      Handling split-brain scenario in NetBackup Flex Scale
    3.  
      High availability of the NetBackup primary service
    4.  
      High availability of NetBackup services
    5.  
      NetBackup catalog protection
    6. NetBackup primary service catalog protection using checkpoints
      1.  
        Performing a recovery of the catalog file system using GUI
      2.  
        Performing a recovery of the catalog file system using REST APIs
  7. EMS server configuration
    1.  
      Configuring an external BYOS media server
    2.  
      Configuring an external NBA media server
  8. Site-based disaster recovery in NetBackup Flex Scale
    1.  
      About site-based disaster recovery in NetBackup Flex Scale
    2.  
      Configuring disaster recovery using GUI
    3.  
      Clearing the host cache
    4.  
      Managing disaster recovery using GUI
    5. Performing disaster recovery using RESTful APIs
      1.  
        Establishing trust and setting up authentication
      2.  
        Configuring disaster recovery
      3.  
        Managing disaster recovery
    6.  
      Active-Active disaster recovery configuration
    7.  
      NetBackup optimized duplication using Storage Lifecycle Policies
  9. NetBackup Flex Scale security
    1. STIG overview for NetBackup Flex Scale
      1.  
        STIG-compliant password policy rules
      2.  
        Enabling STIG for NetBackup Flex Scale
      3.  
        Viewing the NetBackup Flex Scale STIG status
    2. FIPS overview for NetBackup Flex Scale
      1.  
        Viewing the NetBackup Flex Scale FIPS status
    3.  
      Managing the login banner
    4.  
      Changing the password policy
    5. Support for immutability in NetBackup Flex Scale
      1.  
        About lockdown modes
      2.  
        Selecting or changing the lockdown mode
      3.  
        Configuring immutability using GUI
    6. Deploying external certificates on NetBackup Flex Scale
      1.  
        Deploying ECA using the GUI
      2.  
        Log locations
      3.  
        Considerations for performing other operations when ECA is deployed
  10. Troubleshooting
    1.  
      Services management
    2. Collecting logs for cluster nodes
      1.  
        Uploading logs to Veritas Support
      2.  
        Downloading logs
    3.  
      Checking and repairing storage
    4. Troubleshooting NetBackup Flex Scale issues
      1.  
        If cluster configuration fails (for example because an IP address that was already in use is specified) and you try to reconfigure the cluster, the UI displays an error but the configuration process continues to run
      2.  
        Validation error while adding VMware credentials to NetBackup
      3.  
        NetBackup Web UI incorrectly displays some NetBackup Flex Scale processes as failed
      4.  
        Unable to create BMR Shared Resource Tree (SRT) on NetBackup Flex Scale Appliance
      5.  
        NetBackup configuration files are not persistent across operations that require restarting the system
  11. Appendix A. Configuring NetBackup optimized duplication
    1. Configuring a Storage Lifecycle Policy for optimized duplication
      1.  
        Creating a Storage Lifecycle Policy for optimized duplication
      2.  
        Configuring a policy to use an SLP
      3.  
        Updating the policy to reverse the replication direction
  12. Appendix B. Disaster recovery terminologies
    1.  
      VVR technology in disaster recovery
    2.  
      About response fields in the GET disaster recovery API
  13. Appendix C. Configuring Auto Image Replication
    1.  
      Auto Image Replication configuration

About lockdown modes

Lockdown mode is one of the features of ransomware protection. The lockdown mode protects your cluster data from internal and external threats by securing all the external endpoints from unauthorized access. Access to all the services is protected and authenticated.

NetBackup Flex Scale lockdown mode offers additional security levels to protect your appliance and data, in addition to the hardened, secure operating environment that comes out of the box.

Lockdown mode provides the following benefits:

  • It prevents unauthorized access or modification to the underlying operating system (OS). Once the lockdown mode is enabled, administrators cannot make changes to the OS or the internal components. If you need access to the OS for emergency operations, you must contact Veritas Technical Support to obtain a Support Key and temporarily unlock the appliance. This functionality prevents unauthorized changes even if a malicious user gains access to stolen credentials.

  • It gives the appliance users options for managing WORM (Write Once Read Many) data. Your data is protected from being encrypted, modified, and deleted using WORM properties.

Different lockdown modes provide different level of granularity for WORM and retention. The NetBackup Flex Scale appliance support three lockdown modes.

  • Normal mode:

    This is the default mode of the cluster if the lockdown mode is not specified during installation. In this mode, WORM and retention capabilities are disabled. User cannot create worm STU in this mode.

  • Enterprise mode:

    In this mode, WORM and data retention features are enabled. User can choose to create WORM enabled STU. Also, in this mode user has the option to remove the retention locks and expire image data. The user can extend the retention period but cannot reduce the retention period.

    The retention time period can be extended from the NetBackup primary container only if the user has the NetBackup administrator role.

    Retention can be disabled or retention lock can be removed using the MSDP Restricted Shell only if the user has the appliance administrator role.

    After removing the images retention locks from the MSDP Restricted Shell, the user still cannot expire images from the NetBackup Administration Console, but can expire the images from the NetBackup primary server using the following command:

    /usr/openv/netbackup/bin/admincmd/bpexpdate -backupid n155-h201.cdc.veritas.com_1631842421 -d 0 -copy 1 -try_expire_worm_copy

  • Compliance mode:

    In this mode, WORM and data retention features are enabled. The user can extend the retention period. The user does not have the option to remove retention locks and expire image data before the predefined time. Once appliance lockdown mode is set to compliance, user does not have the option to delete data until it is expired.

Veritas strongly recommends that you enable enterprise lockdown mode to prevent unauthorized access to the OS, even if you do not plan to create WORM storage instances.