PowerProtect Data Manager 19.10 Cyber Recovery User Guide

PDF

Configuring DD Compliance mode retention locking

Configure the Cyber Recovery vault DD system for Retention Lock Compliance.

Prerequisites

The Cyber Recovery vault DD system must have a Retention Lock Compliance license.

For more comprehensive information about the procedures to configure Retention Lock Compliance on a DD system, see the Dell EMC DD OS Administration Guide.

About this task

DD systems support both Governance mode and Compliance mode retention locking. Compliance mode is a stricter type of retention locking, which enables you to apply retention policies at an individual file level. You cannot delete or overwrite locked files under any circumstances until the retention period expires.

NOTE

Retention Lock Compliance mode is not supported on:

  • The Cyber Recovery solution on Amazon Web Services (AWS)
  • Dell EMC PowerProtect DD3300 appliance
  • Dell EMC DP4400 Integrated Data Protection Appliance (IDPA)
  • Dell EMC PowerProtect DD Virtual Edition (DDVE) storage appliance

Steps

  1. On the Cyber Recovery vault DD system, log in as an Admin user and then add a security account with the security role: 
    # user add <account name> role security

    The security role user can be referred to as a Security Officer.

  2. Log out as the Admin user and log in again as the Security Officer user.
  3. Enable security authorization: 
    # authorization policy set security-officer enabled
  4. Log out as the Security Officer user and log in again as the Admin user.
  5. Configure the Cyber Recovery vault DD system for Retention Lock Compliance: 
    # system retention-lock compliance configure
  6. When prompted, enter the security officer credentials.
    The software updates the configuration and then reboots the Cyber Recovery vault DD system, which is unavailable during the process.
  7. Log in as the Admin user.
  8. Enable Retention Lock Compliance: 
    # system retention-lock compliance enable
  9. When prompted, enter the security officer credentials.

Results

You can perform Retention Lock Compliance operations on an MTree. You must be logged in to the Cyber Recovery vault DD system as an Admin user and provide the security officer credentials, when prompted.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\