A copy of the Disaster Recovery (DR) backup can be automatically uploaded to the Commvault Cloud Services Portal, whenever a DR backup job is run. If you need to rebuild the CommServe server, and if the existing DR backups are unusable — such as after a ransomware attack — you can use the DR backup in the cloud to rebuild the CommServe server.
The following key features on uploading and retrieving DR backups from the Commvault Cloud Services Portal must be noted:
A valid Commvault Cloud Services Portal account is needed to configure DR backup uploads to the Commvault cloud.
All users in your company or organization that have an account with the Commvault Cloud Services Portal can view DR backups from the portal.
To view a list of users who have access, click the View Users option listed in the Menu available in Worldwide Dashboard > Companies in the Commvault Cloud Services website.
Only the Cloud CommCell administrators for a the company can download the files. (These users can be identified as admins in the dashboard.) If necessary, additional users can request the Cloud CommCell administrators to allow download access to the files.
DR backups are transmitted using secure http, i.e. https.
The backups are securely stored in Microsoft Azure, directly from your CommServe.
Azure uses encryption as described in https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption. (Commvault relies on Microsoft managed encryption keys.)
DR metadata will be uploaded to Azure with the help of SAS tokens, received from Commvault cloud for each job.
Note: Ensure that the URL, https://cvdrbackup1.blob.core.windows.net, is not included in the blocked list in your Web Browser.
Commvault uses the Read-access geo-redundant storage (RA-GRS) replication in Azure, to ensure that DR backups are protected within Azure.
All access to this data is tracked and audited.
5 DR backup copies, with the latest Differential copy (if any) is retained in the cloud for 90 days.