Solved

Rollback "Configuring Ransomware Protection for a HyperScale MediaAgent"

  • 15 April 2021
  • 2 replies
  • 29 views

Badge +3

Hi all,

 

Configuring Ransomware Protection for a HyperScale MediaAgent is documented here:

https://documentation.commvault.com/11.23/expert/126092_configuring_ransomware_protection_for_hyperscale_mediaagent_02.html . This includes taking a backup of /etc/fstab.

 

Pausing and Resuming the Ransomware Protection is documented here:

https://documentation.commvault.com/11.23/expert/126097_pausing_and_resuming_ransomware_protection.html

 

However, we also nee a “rollback plan” in case we run into issues and want to rollback to the previous state (before enabling Ransomware Protection). Any documentation on that?

 

Thanks!

icon

Best answer by Peter Brooks 15 April 2021, 14:01

Rollback is not documented. Generally there would be no requirement for this, if ransomware protection did appear to be causing issues then workaround while those issues were investigated would simply be to pause protection.

 

The key thing when enabling ransomware protection and following the steps for this is to ensure both commands are run consecutively before rebooting so:

./cvsecurity.py enable_protection -i InstanceID

./cvsecurity.py protect_disk_library -i instanceID

and only reboot at step 5 (as per https://documentation.commvault.com/11.21/expert/126092_configuring_ransomware_protection_for_hyperscale_mediaagent.html) if there were any issues / errors seen running either command then engage support before rebooting.

Also only work on 1 node at a time and wait for that node to come back up successfully before enabling protection on the next.

 

It is possible to rollback if needed, however again if this was required please engage Support for guidance / assistance.

View original

2 replies

Badge

Rollback is not documented. Generally there would be no requirement for this, if ransomware protection did appear to be causing issues then workaround while those issues were investigated would simply be to pause protection.

 

The key thing when enabling ransomware protection and following the steps for this is to ensure both commands are run consecutively before rebooting so:

./cvsecurity.py enable_protection -i InstanceID

./cvsecurity.py protect_disk_library -i instanceID

and only reboot at step 5 (as per https://documentation.commvault.com/11.21/expert/126092_configuring_ransomware_protection_for_hyperscale_mediaagent.html) if there were any issues / errors seen running either command then engage support before rebooting.

Also only work on 1 node at a time and wait for that node to come back up successfully before enabling protection on the next.

 

It is possible to rollback if needed, however again if this was required please engage Support for guidance / assistance.

Badge +3

Thanks, Peter.

I will put that in the “Rollback plan”: Pause ransomware protection and engage support. :-)

Also your other recommendations are noted. It’s documented like that and we will stick to the instructions.

Reply