CommVault with Storage WORM enabled

  • 4 January 2023
  • 3 replies

Badge +7

Hi, We’re planning to use Commvault with on-prem disk storage that has the WORM feature enabled. At this moment, we know that when using WORM on the storage side, Commvault WORM must be also configured (WORM Copy property). I had an open Incident 221229-281 to describe additional settings. The support reply is to run a workflow, but this is specific to Storage Pools. That is not our case. We’re planning to use WORM with Secondary Copies with deduplication. We can’t use Storage Pools right now, because we already have some copies bound with a Global Deduplication Policy. What other settings do we need to? 

Below I have a list of things that need to be done.

Could you confirm if is this correct and add something to it if necessary? 

  1. Check WORM Copy property 


  1. Disable the CV option “Prevent Accidental Deletion”



  1. Have Scalable Resources enabled during the aux copy job (same source)
  2. Follow the steps here ( before running the first aux copy (same source)
  3. Set the WORM retention on the storage side to be twice the Storage Policy copy retention (I read another article that states to set the retention to 3x the Storage Policy Copy retention)
  1. Set DDB seal frequency to the same value as Storage Policy Copy retention

And what about the Start New Media and Mark Media Full On Success options (Auxiliary Copy Job Options) to prevent reusing? 



On Storage side. 



I think that I should Disable Automatically Delete since Commvault should purge the data after data aging. Right?

What about Lockout Wait Time (hours)



3 replies

Userlevel 4
Badge +12

Hello @Eduardo Braga 

Before enabling WORM at the storage we would recommend sealing the DDB store and then before any new activity to this storage, run WORM workflow.

  1. Hardware WORM lock should be set to twice as long as copy retention.
  2. All dependent copies of the DDB must have same retention.
  3. DDB seal frequency will be set to same as copy retention in days value 
  4. Micro pruning will be disabled on all mount paths.

Thank you,

Badge +7

Hello, I have some more very important questions in addition to the list above.

  1. Does Commvault somehow update the access and modification times of your data structures on disk library when working or not with deduplication and WORM Copy enabled? 

We are reviewing the storage documentation and just learned that, in a few words, the system protects Commvault files according to their timestamps and internal clocks. If Commvault updates the access and/or modification times of your data structures, the Storage System can reset those timestamps to pre-determined values. 

  1. After Commvault writes data to their files, the Storage System automatically locks files after two hours by default. Is it sounds good? 

Since we are thinking of working only with secondary copies (with dedupe enabled), in theory, only Auxiliary Copy jobs will write data to Mount Paths. Unless processes (or threads) open files for writing data and don't finish their work within a reasonable amount of time I don't see how this can cause us problems.

Of course we must remeber and understand some points: 

  1. There might be some issues when set Manual Retention End Time for jobs
  1. With Full + Incrementals Backup schema, we should consider that the Storage System should protect Commvault files counting days from the last Incremental. 
  1. Delete or Delete Data by Browsing from those WORM copies not possible

Does anyone have anything to add?

Userlevel 4
Badge +12

Hello @Eduardo Braga 

These shouldn’t be updated. The point of WORM is that once the file is written it cannot be modified until the Lock retention is up.


Thank you,