Hello Team,
I would like to know all the cyber security features of Commvault backup solution for a tender I’m working on.
Please do not just share the online links but I need an expert who has designed / implemented all the security features to give me a short summary on how to achieve following:
- In-line Malware Scan → How to achieve this while taking the backup from source?
- In our case we are using two tier of storage Short-term for daily & weekly backup (Commvault HSX Nodes) & Long-Term for monthy and yearly (Object based storage or Tape) → What are the different and most effective way to achieve air-gap for both the storage tier.
- Immutability is required for both short-term and long-term (planning to go with Commvault software immutability, since the hardware immutability increases the storage size too much) → What is the best practices to achieve immutability for two tier of storage.
- HSX nodes - How to completely protect the HSX nodes? Cause if anyone gain access to these nodes, they can list the file system and can delete the data. → I understand the root access is not given to use and Commvault support can do it ondemand basis, however what are the different ways to completely secure & lockdown the HSX nodes?
- What are the best practices to protect the Media Agent, CommServe & ThreatScan appliances? → MFA, etc etc.
- Apart from the Commvault Solution security → Can suggest other ways to protect the whole solution like at the network switch or at the storage end what all needs to be done to lockdown and secure the whole backup solution?
Any other things that I would have missed, please feel free to include if it is required for security measures. Thank you in advance!