Skip to main content
commvault.com commvault.com
Solved

enabling randsomeware protection

  • August 3, 2023
  • 5 replies
  • 189 views
A
Novice
Forum|alt.badge.img+14

i saw the below note while enabling randsomware on hyperscal nodes 

 

once you initialize and deploy the hyperscale , disk libraries are already mounted on media agents right ?

 

also after rebooting the node we ran the sestatus command ,we can see permissible instead of enforcing is that okay ?

Best answer by Arunkumar P

@Ajal - Good day!

 

From the screenshot that you shared, it states that If any disk libraries or mount paths that are mounted are already present on the MediaAgent, then you need not run the protect_disk_library command.

You just need to run the script with the command enable_protection so you need to type “yes” that will consider that mount path is mounted and will be protected. If it’s not mounted or created storage pool yet but, you wanted to enable the protection then you can give the answer as “NO” so that it will enable the protection. Once the mount path was created then you to run an additional command “protect_disk_library” to protect the mount path. 

Kindly let me know if you have any queries. 

5 replies

Arunkumar P
Vaulter
Forum|alt.badge.img+7
  • Arunkumar PVaulter
  • Vaulter
  • August 5, 2023

@Ajal  - Current mode should be enforcing. Can you please check the /var/log/cvsecurity.log and see if there is any error? 

Also, run the below command and get the output. 

pstree -Z | grep -i cv

A
Novice
Forum|alt.badge.img+14
  • AjalNovice
  • Author
  • Novice
  • August 5, 2023

@Arunkumar P  when we run the first command to enable ransomeware its asking whether ti protect library disk or not, as per the document if its already mounter to media agent its not required so we pressed no option,

since once you deploy the hyperscale this get already mounted right, i am bit consufused here, do we need press yes or no to that question

just making sure what we have done is correct or not

Arunkumar P
Vaulter
Forum|alt.badge.img+7
  • Arunkumar PVaulter
  • Vaulter
  • August 5, 2023

Hi @Ajal - That’s a mistake. You should give yes because it’s mounted and needs to be protected. 

 

Run the script again to enable protection and make sure to give yes. 

A
Novice
Forum|alt.badge.img+14
  • AjalNovice
  • Author
  • Novice
  • August 5, 2023

@Arunkumar P  thank you man, the document is bit confusing, as you can see in the screenshot of my first question in the document it says if any library or mount path mounted no need to protect library

 

can you clarify what does it actually meant

Arunkumar P
Vaulter
Forum|alt.badge.img+7
  • Arunkumar PVaulter
  • Vaulter
  • Answer
  • August 7, 2023

@Ajal - Good day!

 

From the screenshot that you shared, it states that If any disk libraries or mount paths that are mounted are already present on the MediaAgent, then you need not run the protect_disk_library command.

You just need to run the script with the command enable_protection so you need to type “yes” that will consider that mount path is mounted and will be protected. If it’s not mounted or created storage pool yet but, you wanted to enable the protection then you can give the answer as “NO” so that it will enable the protection. Once the mount path was created then you to run an additional command “protect_disk_library” to protect the mount path. 

Kindly let me know if you have any queries. 

Terms & ConditionsCookie settingsAccessibility statement