Skip to main content
commvault.com commvault.com
Answer

Hyperscale hardware management interface security

  • July 11, 2025
  • 2 replies
  • 79 views
S
Byte
Forum|alt.badge.img+6

Hello everyone,

 

Our customer has this interesting question about Hyperscale security.

We were explaining WORM to him and how it protects data from deletion at software and OS level.

He asked: What if I go to a lower level? What if I connect to the hardware management interface (iLO, BMC, etc.) and delete the whole server? Does Hyperscale implement any security measure to avoid this from happening?

Indeed, BMC has some options to eject and even delete disks securely… so this would mean that Hyperscale’s WORM is not as resilient as expected… Does Hyperscale provide any mechanism at that level to avoid the execution of these actions? or would we need to rely on the security features of each hardware vendor?

Btw, this is for HyperscaleX Reference Architecture option.

 

Thanks in advance.

Best answer by Bronco

Hello All,

 

Commvault Compliance Lock (WORM) ensures that backup data cannot be deleted or modified inside Commvault, even by administrators. This protection applies at the software and OS level within the HyperScale X environment.

However, if someone were to access the hardware management interface (iLO, iDRAC, BMC, etc.) and forcibly wipe disks or remove the server itself, that falls outside Commvault’s control. HyperScale X does not override or block vendor-level BMC actions.

Best practice recommendations:

[1] Enable Compliance Lock to secure data within Commvault.

[2] Maintain an immutable copy off-cluster (e.g., using S3 Object Lock or another immutable target).

[3] Harden your hardware management interfaces (restrict access, enable MFA, isolate on a secure network).

[4] Optionally, use Multi-Person Authorization (MPA) within Commvault to add an additional layer of protection for retention changes or deletion requests.

In short, Commvault guarantees immutability within its software stack, while vendor-specific BMC/iLO security controls must be relied upon at the hardware layer.

 

Regards,

Bronco

2 replies

A
Byte
Forum|alt.badge.img+9
  • atitagain
  • Byte
  • July 12, 2025

Hi,

On my HSX clusters I disable the idrac ports on my management switch and enable when access is needed.

Bronco
Vaulter
Forum|alt.badge.img+3
  • BroncoVaulter
  • Vaulter
  • Answer
  • August 19, 2025

Hello All,

 

Commvault Compliance Lock (WORM) ensures that backup data cannot be deleted or modified inside Commvault, even by administrators. This protection applies at the software and OS level within the HyperScale X environment.

However, if someone were to access the hardware management interface (iLO, iDRAC, BMC, etc.) and forcibly wipe disks or remove the server itself, that falls outside Commvault’s control. HyperScale X does not override or block vendor-level BMC actions.

Best practice recommendations:

[1] Enable Compliance Lock to secure data within Commvault.

[2] Maintain an immutable copy off-cluster (e.g., using S3 Object Lock or another immutable target).

[3] Harden your hardware management interfaces (restrict access, enable MFA, isolate on a secure network).

[4] Optionally, use Multi-Person Authorization (MPA) within Commvault to add an additional layer of protection for retention changes or deletion requests.

In short, Commvault guarantees immutability within its software stack, while vendor-specific BMC/iLO security controls must be relied upon at the hardware layer.

 

Regards,

Bronco

S
Terms & ConditionsCookie settingsAccessibility statement