Veritas NetBackup™ Virtual Appliance Documentation
- Getting to know the NetBackup Virtual Appliance
- NetBackup Virtual Appliance product description
- Preparing to deploy the appliance
- Deploying and configuring the appliance
- How to deploy and configure a NetBackup Virtual Appliance combined master and media server
- How to deploy and configure a NetBackup Virtual Appliance media server
- How to deploy and configure a NetBackup Virtual Appliance master server
- How to deploy and configure a NetBackup Virtual Appliance CloudCatalyst
- How to deploy and configure a NetBackup Virtual Appliance combined master and media server
- Post initial configuration procedures
- Appliance common tasks
- Storage management
- About NetBackup Virtual Appliance storage configuration
- About viewing storage space information using the Show command
- About OpenStorage plugin installation
- About NetBackup Virtual Appliance storage configuration
- Deduplication pool catalog backup and recovery
- Network connection management
- Managing users
- About user name and password specifications
- About authenticating LDAP users
- About authenticating Active Directory users
- About authenticating Kerberos-NIS users
- About user authorization on the NetBackup Virtual Appliance
- Creating NetBackup administrator user accounts
- Using the appliance
- About configuring Host parameters for your appliance on the NetBackup Virtual Appliance
- About Copilot functionality and Share management
- About NetBackup Virtual Appliance as a VMware backup host
- About running NetBackup commands from the appliance
- About mounting a remote NFS
- About Auto Image Replication from a NetBackup Virtual Appliance
- Monitoring the appliance
- About SNMP
- About Call Home
- Appliance security
- About Symantec Data Center Security on the NetBackup Virtual Appliance
- Setting the appliance login banner
- Upgrading the appliance
- About upgrading to NetBackup Virtual Appliance software version 3.2
- Requirements and best practices for upgrading NetBackup appliances
- Methods for downloading appliance software release updates
- NetBackup client upgrades with VxUpdate
- Appliance restore
- Decommissioning and Reconfiguring
- Troubleshooting
- About disaster recovery
- About NetBackup support utilities
- Appliance logging
- Commands overview
- Appendix A. Appliance commands
- Appendix B. Manage commands
- Appendix C. Monitor commands
- Appendix D. Network commands
- Appendix E. Reports commands
- Appendix F. Settings commands
- Appendix G. Support commands
About the NetBackup Virtual Appliance intrusion prevention system
The appliance intrusion prevention system (IPS) consists of a custom Symantec Data Center Security (SDCS) policy that runs automatically at startup. The IPS policy is an in-line policy that can proactively block unwanted resource access behaviors before they can be acted upon by the operating system.
The following list contains some of the IPS policy features:
Real-time tight confinement of the appliance operating system processes and common applications, such as the following:
nscd - which caches DNS requests to cut down on remote DNS lookups.
cron
syslog-ng
klogd
rpcd for NFS
rpc.idmapd
rpc.mountd
rpc.statd
rpcbind
Self-Protection for the SDCS agent itself to ensure that the security features and monitoring features of SDCS are not compromised.
Lock-down of access to system binaries, except by identified and trusted applications, users, and user groups.
Confinements that protect the system from the applications that try to install software, such as sbin) or change system configuration settings, such as
hosts
file.Prohibits applications from executing critical system calls such as mknod, modctl, link, mount, and so on.
Prohibits unauthorized users or applications from accessing backup data, such as
/advanceddisk
,/cat
,/disk
,/opt/NBUAppliance/db/config/data
, and so on.Restricted access to the root account by maintenance user.