Veritas Flex Appliance Getting Started and Administration Guide

Last Published:
Product(s): Appliances (2.1.4, 2.1.3, 2.1.2, 2.1.1, 2.1)
Platform: Flex Appliance OS
  1. Product overview
    1.  
      Introduction to Veritas Flex Appliance
    2.  
      Flex Appliance terminology
    3.  
      About the Flex Appliance documentation
  2. Release notes
    1.  
      Flex Appliance 2.1 new features, enhancements, and changes
    2.  
      Flex Appliance 2.1.1 new features, enhancements, and changes
    3.  
      Flex Appliance 2.1.2 new features, enhancements, and changes
    4.  
      Flex Appliance 2.1.3 new features, enhancements, and changes
    5.  
      Flex Appliance 2.1.4 new features, enhancements, and changes
    6.  
      Supported upgrade paths to this release
    7.  
      Operational notes
    8.  
      Flex Appliance 2.1 release content
    9.  
      Flex Appliance 2.1.1 release content
    10.  
      Flex Appliance 2.1.2 release content
    11.  
      Flex Appliance 2.1.3 release content
    12.  
      Flex Appliance 2.1.4 release content
  3. Getting started
    1.  
      Initial configuration guidelines and checklist
    2.  
      Performing the initial configuration
    3.  
      Adding a node
    4.  
      Accessing and using the Flex Appliance Shell
    5.  
      Accessing and using the Flex Appliance Console
    6.  
      Managing the appliance from the Appliance Management Console
    7.  
      Setting the date and time for appliance nodes
    8.  
      Common tasks in Flex Appliance
  4. Managing network settings
    1.  
      Creating a network bond
    2.  
      Deleting a network bond
    3.  
      Configuring a network interface
    4. Managing the appliance Fibre Channel ports
      1.  
        Viewing the devices that are connected to the Fibre Channel ports
    5.  
      Changing DNS or Hosts file settings
  5. Managing users
    1.  
      Overview of the Flex Appliance default users
    2.  
      Changing the password policy
    3. Managing Flex Appliance Console users and tenants
      1.  
        Adding a tenant
      2.  
        Editing a tenant
      3.  
        Removing a tenant
      4.  
        Adding a local user to the Flex Appliance Console
      5.  
        Connecting a remote user domain to the Flex Appliance Console
      6.  
        Importing a remote user or user group to the Flex Appliance Console
      7.  
        Editing a remote user domain in the Flex Appliance Console
      8.  
        Changing a local user password in the Flex Appliance Console
      9.  
        Expiring local user passwords in the Flex Appliance Console
      10.  
        Removing users from the Flex Appliance Console
      11.  
        Managing user authentication with smart cards or digital certificates
    4.  
      Changing the hostadmin user password in the Flex Appliance Shell
    5.  
      Changing the sysadmin user password in the Veritas Remote Management Interface
  6. Using Flex Appliance
    1. Managing the repository
      1.  
        Adding files to the repository
      2.  
        Removing the current appliance upgrade or update package from the repository
    2.  
      Creating application instances
    3.  
      Managing application instances from Flex Appliance and NetBackup
    4. Managing application instances from Flex Appliance
      1.  
        Resizing instance storage
      2.  
        Editing instance network settings
      3.  
        Assigning Fibre Channel ports to an instance
      4.  
        Unassigning Fibre Channel ports from an instance
      5. Managing application add-ons on instances
        1.  
          Installing application add-ons
        2.  
          Uninstalling application add-ons
        3.  
          Changing the application add-on installation order
      6.  
        Viewing instance performance metrics
      7.  
        Clearing a configuration error status on an application instance
    5. Upgrading application instances
      1.  
        Warnings and considerations for instance rollbacks
    6.  
      Updating an application instance to a newer revision
    7. About Flex Appliance upgrades and updates
      1.  
        Upgrading Flex Appliance
      2.  
        Updating Flex Appliance
      3.  
        Updating the firmware
  7. Appliance security
    1.  
      Security overview
    2. About lockdown mode
      1.  
        Changing the lockdown mode
    3.  
      Using a sign-in banner
    4.  
      Using an external certificate
  8. Monitoring the appliance
    1.  
      Registering an appliance
    2. Configuring alerts
      1. About AutoSupport and Call Home
        1.  
          Configuring Call Home
      2.  
        Configuring email alerts
      3.  
        Configuring SNMP alerts
      4.  
        Setting the threshold values for disk usage alerts
    3. Viewing the hardware status
      1.  
        Viewing node information
      2.  
        Viewing Primary Storage Shelf information on a Veritas 53xx Appliance
      3.  
        Viewing Expansion Storage Shelf information on a Veritas 53xx Appliance
      4.  
        Viewing Storage Shelf information on a Veritas 5250 Appliance
    4.  
      Viewing hardware faults
    5.  
      Viewing system data
    6.  
      Forwarding logs
    7.  
      Providing access for external monitoring
    8.  
      Revoking access for external monitoring
  9. Reconfiguring the appliance
    1.  
      Performing a factory reset
    2.  
      Performing a reimage
    3.  
      Recovering storage data after a factory reset or a reimage
    4.  
      Performing a storage reset
    5.  
      Removing a node
    6.  
      Viewing or resetting the storage shelf order on a Veritas 5250 Appliance
  10. Troubleshooting guidelines
    1.  
      General troubleshooting steps
    2.  
      Generating a One-Time Password and unlocking access in lockdown mode
    3.  
      Gathering logs

About lockdown mode

Flex Appliance lockdown mode offers additional security levels to protect your data. You can use lockdown mode to create WORM storage instances that prevent your data from being encrypted, modified, or deleted.

WORM is the acronym for Write Once Read Many. Any data that is saved on these instances is protected with the following security measures:

  • Immutability

    This protection ensures that the backup image is read-only and cannot be modified, corrupted, or encrypted after backup.

  • Indelibility

    This property protects the backup image from being deleted before it expires. The data is protected from malicious deletion.

Flex Appliance includes the following lockdown modes:

  • Normal mode

    This mode is the default mode of the appliance. Normal mode does not support WORM storage.

  • Enterprise mode

    This mode adds additional access restrictions but retains a level of flexibility. In this mode:

    • You can create WORM storage instances and also delete them, including any existing data.

    • Any administrator can delete WORM storage instances if there is no immutable data. However, only the default admin user can delete them if immutable data is present.

    • When you delete a WORM storage instance as the default admin user, the instance can be running or stopped. When you delete a WORM instance as any other user, the instance must be running so that the system can verify that there is no immutable data present.

    • To change from enterprise mode to normal mode, you must first delete all WORM storage instances.

  • Compliance mode

    This mode adds the highest level of access restrictions. In this mode:

    • You can create WORM storage instances. You can delete the instances only if there is no immutable data present.

    • Any administrator can delete WORM storage instances if there is no immutable data.

    • When you delete a WORM storage instance, the instance must be running so that the system can verify that there is no immutable data present.

    • To change from compliance mode to enterprise mode or normal mode, you must first expire all data on the WORM storage instances, and then delete the instances.

In both enterprise mode and compliance mode, storage reset is disabled.

Warning:

Lockdown mode does not block access to the remote management (IPMI) port. Veritas recommends that you set up your network to restrict access and only allow security administrators or the users that manage the physical hardware to use the port.

The appliance must be in lockdown mode before you can create WORM storage instances. See Changing the lockdown mode.

For more information on creating and managing WORM storage instances, see the NetBackup Application Guide for Flex Appliance.