Rollback is not documented. Generally there would be no requirement for this, if ransomware protection did appear to be causing issues then workaround while those issues were investigated would simply be to pause protection.
The key thing when enabling ransomware protection and following the steps for this is to ensure both commands are run consecutively before rebooting so:
./cvsecurity.py enable_protection -i InstanceID
./cvsecurity.py protect_disk_library -i instanceID
and only reboot at step 5 (as per https://documentation.commvault.com/11.21/expert/126092_configuring_ransomware_protection_for_hyperscale_mediaagent.html) if there were any issues / errors seen running either command then engage support before rebooting.
Also only work on 1 node at a time and wait for that node to come back up successfully before enabling protection on the next.
It is possible to rollback if needed, however again if this was required please engage Support for guidance / assistance.
Thanks, Peter.
I will put that in the “Rollback plan”: Pause ransomware protection and engage support. :-)
Also your other recommendations are noted. It’s documented like that and we will stick to the instructions.