A copy of the Disaster Recovery (DR) backup is automatically uploaded to the Commvault Cloud Services Portal, whenever a DR backup job is run. If you need to rebuild the CommServe server, and if the existing DR backups are unusable — such as after a ransomware attack — you can use the DR backup in the cloud to rebuild the CommServe server.
The following key features on uploading and retrieving DR backups from the Commvault Cloud Services Portal must be noted:
A valid Commvault Cloud Services Portal account is needed to configure DR backup uploads to the Metallic Cloud.
All users in your company or organization that have an account with the Commvault Cloud Services Portal can view DR backups from the portal.
To view a list of users who have access, click the View Users option listed in the Menu available in Worldwide Dashboard > CommCell groups in the Commvault Cloud Services website.
DR backups are transmitted using secure http, i.e. https.
The backups are securely stored in Microsoft Azure, directly from your CommServe.
Azure uses encryption as described in https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption. (Commvault relies on Microsoft managed encryption keys.)
DR metadata will be uploaded to Azure with the help of SAS tokens, received from Metallic Cloud for each job.
Note: Verify that the URLs, https://*.blob.core.windows.net and https://cvdrservices.metallic.io, are added to the allowlist. All endpoints that contain .blob.core.windows.net must be whitelisted.
Commvault uses the Read-access geo-redundant storage (RA-GRS) replication in Azure, to ensure that DR backups are protected within Azure.
All access to this data is tracked and audited.
The last successful DR backup copy of the day for the last 5 days, with the latest Differential copies (if any) are retained in the cloud for 90 days.
To modify the allowed age of the DR backups to be more than 5 days old, configure nAllowedDRBackupAgeInDays.
DR backup copies that do not satisfy the above mentioned retention criteria is cleaned up periodically. However, to prevent a good DR backup from getting deleted and replaced with newer copies, in situations where the CommServe server is compromised, this cleanup mechanism will be stopped if there is request to retrieve a DR backup copy as follows:
If there is at least one pending (not approved or rejected yet) access request submitted in the last 7 days.
If there is at least one approved request that has not expired yet.