- Notes, cautions, and warnings
- Preface
- Introduction
- Security Quick Reference
- Product and Subsystem Security
- Authentication
- Login security settings
- User and credential management
- Updating the SSL security certificate
- Authentication to external systems
- Authorization
- RBAC privileges
- Network security
- Data security settings
- Cryptography
- Electromagnetic Radiation Isolation
- Auditing access
- Syslog logging
- Alerting
- Serviceability
- Log management
- Manual Cyber Recovery vault security
- Miscellaneous Configuration and Management
Dell PowerProtect Cyber Recovery 19.13 Security Configuration Guide
Enable Retention Lock Governance for Security Officer authorization
As a best practice, enable Retention Lock Governance mode for deployments that do not support Retention Lock Compliance mode or if you do not have a license for Retention Lock Compliance.
About this task
If you initially configure or update to a DD system that is running DD OS 7.8 or DD OS 7.9 that does not support Retention Lock Compliance (that is, Data Domain Virtual Edition), it is recommended that you enable security authorization with Retention Lock Governance. After you enable security authorization, reverting locks on files requires dual-authentication. This dual-authentication adds an extra layer of protection.
Steps
- Log in to the DD system as sysadmin.
-
Type the following command:
sysadmin@hostname# system retention-lock governance security-auth enable
-
When prompted, enter the sysadmin password, Security Officer credentials, and verify that you want to enable Retention Lock Governance:
Please enter sysadmin password to confirm 'system retention-lock governance security-auth enable | disable': This command requires authorization by a user having a 'security' role. Please present credentials for such a user below. Username: ddso Password: Do you want to enable Security Officer authorization for retention-lock governance? (yes|no) [no]: yes
Security Officer authorization is enabled for Retention Lock Governance.
-
Verify that security authorization is enabled with Retention Lock Governance:
sysadmin@hostname# system retention-lock governance security-auth status
Results
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\