Mainframe Enablers TimeFinder SnapVX and zDP 8.5 Product Guide

Secure snapshots are an optional setting for SnapVX targetless snapshots that prevent accidental or intentional deletion of snapshots. Terminating a secure snapshot while the retention period is in effect, is not allowed. When the retention time is reached, the snapshot is automatically terminated only if there are no existing links or restore sessions. Extending the retention period is allowed but reducing it is not allowed. A nonsecure snapshot can be converted to a secure snapshot, but a secure snapshot may not be converted to a nonsecure snapshot. All SnapVX operations and rules for nonsecure snapshots regarding restores, linked target operations, and automatic expiration also apply to secure snapshots.

Secure snapshots rules and allowable SnapVX operations:

• The secure expiration time is available at the snapshot level.
• The secure expiration time cannot be zero.
• If the secure expiration time expires and the snapshot has no links or restore session, the snapshot is automatically deleted.
• If the secure expiration time expires and the snapshot is linked to a device or has a restore session, the snapshot is automatically deleted only after the linked target is unlinked or the restore session is terminated.
• If the secured snapshot expiration time expires and the snapshot is linked to a device or has a restore session, the snapshot is no longer secured and is identified as expired.
• A nonsecure snapshot can be converted to a secure snapshot by specifying a secure expiration time.
• A secure expiration time can only be extended forward in time and not set back in time from the current setting.
• A secure snapshot can be restored, renamed, linked, unlinked, set copy mode, and terminate a restore.
• A secure snapshot that fails can be terminated.

SnapVX operations that are not allowed on secure snapshots:

• Terminating the snapshot if it is activated.
• Setting the secure expiration time back in time from the current setting.

Secure snapshot rules and restrictions include:

• PowerMaxOS 5978 or HYPERMAX OS 5977 Q217SR is required to use secure snapshots.
• No new secure snapshots can be created when the storage resource pool (SRP) is above the reserved capacity.
• Secure snapshot rules and restrictions apply to both FBA and CKD devices.
• Secure snapshots are also unique in the handling of host writes and snapshots when SRP or replication cache limits are reached. Secure snapshots are intended for use in cases where data pointer-specific point-in-time images are considered the highest priority. When SRP reserved capacity is reached and a host write to a source volume requires a new allocation in the SRP, secure snapshots (unlike nonsecure snapshots) are allowed to grow past the SRP reserved capacity limit.
  • Preserving the secure snapshots also takes priority over host writes to those source volumes in the event the entire SRP runs out of available capacity. This is the intent of the secure snapshots. For example, if there were an intentional attack or a runaway application on a system that was using up all available capacity, preserving the secure snapshots allows you to restore from the secure snapshots once the situation has been resolved.

Secure snapshots are shown in the QUERY SNAPSHOT MULTI_LINE_query(YES) output as follows:

ESNP1AAI SECURE SNAPSHOT:                        YES

To make a snapshot secure, use the SECure(YES) parameter of the ACTIVATE, CONFIG, or GLOBAL command. The GLOBAL SECURE parameter and the &SECURE site option affect ACTIVATE processing only. When running a CONFIG command, the GLOBAL SECURE setting and the &SECURE site option are ignored.

To set the Time to Live (TTL) value for a snapshot, specify the EXPIration parameter on the ACTIVATE or CONFIG command. A secure snapshot must have a defined and nonzero TTL.

To view the current TTL for a snapshot, check the “TIME TO LIVE” value in the QUERY SNAPSHOT MULTI_LINE_query(YES) output.