Dell EMC Avamar 19.7 Release Notes

Common Vulnerabilities and Exposures (CVE) list

Avamar engineering addresses Common Vulnerabilities and Exposures (CVE) in operating system patch releases (also known as OS Rollup releases). A list of all CVEs addressed is provided in the Security Advisory for each OS Rollup release.

Remove test data

Before starting the server or starting a new node for the first time, ensure that all test data is removed from /data*/partitions. In particular, if you ran disk tests before startup, you might need to delete directories that are named QA.

Do not use the avmgr command

Improper use of the avmgr command line utility can destroy all access to data in the Avamar system. Use this command only at the explicit direction of Customer Service.

Vulnerability scanning

As part of every Avamar release, the product is scanned for vulnerabilities using at least two common vulnerability assessments tools. This release was scanned with Foundstone and Nessus. Various customers scan the Avamar solution by using tools such as eEye Retina without issue. However, it is possible that the usage of other port/vulnerability scanners might cause disruption to normal operation of the Avamar server. Therefore, it might be necessary to disable scanning of the Avamar server when problems occur.

Avamar 7.2 and later scalability limits for virtualization support

The scalability limits of each Avamar 7.2 and greater with Data Domain integrated solution are approximately:

• 5000 virtual machine clients
• 180TB provisioned virtual machine storage
• 72 concurrent backup proxy client stream instances (not proxy virtual machines)

These limits are applicable only when the backup data is sent to the Data Domain system and assume that the Data Domain is correctly specified to support the backup, restore, and, if applicable, replication activities. These limits may be impacted if additional client types are backed up to the Avamar/Data Domain solution. These limits may be further limited by the overall performance of the VMware environment, including the performance of the Avamar Virtual Edition server, if applicable.

Customers who plan to operate near these limits should validate their deployments with their account representative.

VMware image proxies are not available for backups when they are in sleep mode and you restart the MCS

If you stop the MCS and do not restart the MCS within 5 minutes, then VMware image proxies go into a sleep mode for 40 minutes. When you restart the MCS, it might take some time until all proxies reconnect to the MCS and are available for backups. This issue can occur when performing backups after a rollback.

To ensure that all proxies are available, open the avagent.log file on each proxy, and ensure that the following messages appear at the bottom of the log:

yyyy-mm-dd hh:mm:ss avagent Info <5964>: Requesting work from 10.2.345.678
yyyy-mm-dd hh:mm:ss avagent Info <5264>: Workorder received: sleep
yyyy-mm-dd hh:mm:ss avagent Info <5996>: Sleeping 15 seconds

The messages indicate that the proxy can connect to the MCS. The avagent.log file is available in the /usr/local/avamarclient/var directory.

AMS replication after an IP address change

If you change the IP address that you use for replication with Avamar and one or more Data Domain systems, then the first replication after the change uses Automated Multistreaming (AMS) replication. Subsequent replications use Virtual Synthetic Replication (VSR).

Original Bytes are displayed as twice the original size

The Original Bytes value appears as twice the original size when you run the Data Domain filesys show compression command in the Avamar namespace on the Data Domain system.

Token based authentication notes