0% found this document useful (0 votes)

40 views191 pages

Ppdm1915 Admin

The PowerProtect Data Manager 19.15 Administrator Guide provides comprehensive instructions for configuring, using, and administering the PowerProtect Data Manager software, including disaster recovery procedures. It covers system maintenance, storage management, asset management, protection policies, and data restoration. The guide is intended for system administrators managing data protection across enterprises and includes important notes, cautions, and warnings throughout.

Uploaded by

gvdznnj68w

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

40 views191 pages

Ppdm1915 Admin

Uploaded by

gvdznnj68w

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 191

PowerProtect Data Manager 19.

15
Administrator Guide

November 2023
Rev. 01
Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid
the problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

© 2016 - 2023 Dell Inc. or its subsidiaries. All rights reserved. Dell Technologies, Dell, and other trademarks are trademarks of Dell Inc. or its
subsidiaries. Other trademarks may be trademarks of their respective owners.
Contents

Preface......................................................................................................................................... 8

Chapter 1: Getting Started...........................................................................................................13

Introducing the PowerProtect Data Manager software...........................................................................................13
Supported Internet Protocol versions...........................................................................................................................14
Unsupported file-system modifications........................................................................................................................ 17
References...........................................................................................................................................................................17
Terminology......................................................................................................................................................................... 17
Access the PowerProtect Data Manager UI............................................................................................................... 18
Get Started window.................................................................................................................................................... 19
UI tools and options ....................................................................................................................................................19
UI tools and options ................................................................................................................................................... 22
Dashboard .................................................................................................................................................................... 25
Export data......................................................................................................................................................................... 27
Exported fields............................................................................................................................................................. 28
Customer feedback...........................................................................................................................................................29
Provide general feedback.......................................................................................................................................... 29
Security configuration......................................................................................................................................................30
Role-based security.................................................................................................................................................... 30

Chapter 2: System Maintenance.................................................................................................. 31

Deploying and maintaining the health of PowerProtect Data Manager............................................................... 31
Deploying and updating PowerProtect Data Manager............................................................................................. 31
Licensing PowerProtect Data Manager.......................................................................................................................32
License types................................................................................................................................................................32
Add a license.................................................................................................................................................................32
Specifying the PowerProtect Data Manager host.................................................................................................... 33
Specify a vCenter server as the PowerProtect Data Manager host.............................................................. 33
Minimum privileges required for the vCenter server PowerProtect Data Manager host..........................34
Memory optimization........................................................................................................................................................34
Adjust the virtual machine memory........................................................................................................................ 35
Restricted mode................................................................................................................................................................ 35
System support..................................................................................................................................................................35
Configuring SupportAssist for PowerProtect Data Manager...........................................................................36
Telemetry Collector ................................................................................................................................................... 38
AutoSupport ................................................................................................................................................................ 39
CloudIQ reporting........................................................................................................................................................ 39
Set up the email server.............................................................................................................................................. 40
Add AutoSupport.........................................................................................................................................................40
Enabling automatic update package checks and downloads.............................................................................41
Add a log bundle........................................................................................................................................................... 41
Audit logging and monitoring system activity....................................................................................................... 41
Monitor system services and system health.........................................................................................................43
Access the open source software package information.................................................................................... 47

Contents 3
Security certificates....................................................................................................................................................48
Restarting PowerProtect Data Manager.....................................................................................................................48
System maintenance troubleshooting.......................................................................................................................... 48
Messages Catalog............................................................................................................................................................. 48

Chapter 3: Managing Storage...................................................................................................... 49

Protection storage............................................................................................................................................................ 49
PowerProtect DD Management Center automatic discovery..........................................................................49
High Availability PowerProtect DD support..........................................................................................................50
Smart Scale system pools......................................................................................................................................... 50
Add protection storage.............................................................................................................................................. 53
Edit protection storage.............................................................................................................................................. 54
Replacing protection storage................................................................................................................................... 54
Remove protection storage...................................................................................................................................... 56
Storage units...................................................................................................................................................................... 56
Storage unit limitations.............................................................................................................................................. 58
Storage unit considerations for PowerProtect DD............................................................................................. 58
Retention locking.........................................................................................................................................................58
Create a storage unit..................................................................................................................................................59
Edit a storage unit.......................................................................................................................................................60
Delete a storage unit................................................................................................................................................... 61
Enable Indefinite Retention Hold on a storage unit............................................................................................ 62
Disable Indefinite Retention Hold on a Storage Unit.......................................................................................... 62
Working with storage unit passwords.................................................................................................................... 62
Differences between storage-system and storage-unit space reporting............................................................63
Monitoring storage capacity thresholds...................................................................................................................... 63

Chapter 4: Using the PowerProtect Search Engine......................................................................64

PowerProtect Search Engine.........................................................................................................................................64
Set up and manage indexing...........................................................................................................................................65
Search Engine node deletion.......................................................................................................................................... 66
Delete an operational Search Engine node........................................................................................................... 66
Redeploy or delete a Search Engine node that failed to deploy...................................................................... 67
Delete all Search Engine nodes to remove the Search Engine cluster...........................................................67
Edit the network configuration for a Search Engine node...................................................................................... 67
Perform a search...............................................................................................................................................................68
Troubleshooting Search Engine issues.........................................................................................................................68

Chapter 5: Managing Assets........................................................................................................ 74

About asset sources, assets, and storage...................................................................................................................74
About other asset sources.............................................................................................................................................. 75
Prerequisites for discovering asset sources............................................................................................................... 76
Discovering asset sources in an opaque network................................................................................................76
Discovering asset sources in a GCVE environment............................................................................................ 76
Full discovery of application asset sources........................................................................................................... 77
Enable an asset source.....................................................................................................................................................77
Disable an asset source..............................................................................................................................................78
Delete an asset source..................................................................................................................................................... 78
Adding a Cloud Snapshot Manager tenant................................................................................................................. 78

4 Contents
Add a Cloud Snapshot Manager tenant................................................................................................................. 79

Chapter 6: Managing Protection Policies.....................................................................................80

Protection policies............................................................................................................................................................ 80
Before you create a protection policy..........................................................................................................................80
Replication triggers........................................................................................................................................................... 84
Creating or editing a protection policy.........................................................................................................................85
Modify a policy name and description, objectives, or options..........................................................................86
Changing storage targets.......................................................................................................................................... 87
Redeploying storage targets.....................................................................................................................................88
Replication to shared protection storage.............................................................................................................. 88
Add or remove assets in a protection policy.........................................................................................................88
Edit the retention period for backup copies......................................................................................................... 89
Viewing a summary of protection policies...................................................................................................................90
View assets assigned to a protection policy.........................................................................................................90
View the status of the last-run job of a protection policy................................................................................. 91
Run an asset-protection report...................................................................................................................................... 91
Add a service-level agreement.......................................................................................................................................92
Run a compliance report..................................................................................................................................................94
Disable a protection policy.............................................................................................................................................. 95
Protection jobs running for a disabled policy........................................................................................................96
Enable a disabled protection policy.........................................................................................................................96
Customize the default behavior of disabled policies.......................................................................................... 96
Delete a protection policy................................................................................................................................................97
Overview of PowerProtect Data Manager Cloud Tier............................................................................................. 97
Add a Cloud Tier objective to a protection policy................................................................................................97
Manage Cloud Tier asset copies.............................................................................................................................. 98
Restore Cloud Tier backups to protection storage.............................................................................................99
Recall and restore from Cloud Tier......................................................................................................................... 99
Extended retention for protection policies created in PowerProtect Data Manager 19.11 or earlier..........100
Manual backups of protected assets..........................................................................................................................100
Manual backups of a single protected asset........................................................................................................101
Manual replication of protected assets.......................................................................................................................101
Manual Cloud Tiering of protected assets.................................................................................................................102
Delete backup copies......................................................................................................................................................102
Retry a failed backup copy deletion...................................................................................................................... 103
Export data for deleted Oracle and SAP HANA backup copies..................................................................... 104
Remove Exchange, File System, Kubernetes, Block Volume, and SQL backup copies from the
PowerProtect Data Manager database............................................................................................................104
Removing expired backup copies................................................................................................................................ 105
Removing assets from PowerProtect Data Manager.............................................................................................105
Remove assets and associated protection copies.............................................................................................106
Protecting client assets after a client hostname change...................................................................................... 106
ifGroup configuration and PowerProtect Data Manager policies........................................................................ 106
Troubleshooting failed replication jobs....................................................................................................................... 108

Chapter 7: Restoring Data and Assets........................................................................................ 110

View backup copies available for restore................................................................................................................... 110
Restoring a protection policy......................................................................................................................................... 111
Restore the PowerProtect Data Manager server .................................................................................................... 111

Contents 5
Restore Cloud Tier backups to protection storage.................................................................................................. 112
Recall and restore from Cloud Tier.........................................................................................................................112

Chapter 8: Preparing for and Recovering From a Disaster...........................................................114

About server disaster recovery.....................................................................................................................................114
Differences between server DR methods............................................................................................................ 115
System recovery for server DR.................................................................................................................................... 115
Server DR protection storage types...................................................................................................................... 115
Automatic server DR..................................................................................................................................................116
Manually configure server DR backups................................................................................................................. 116
Record settings for server DR.................................................................................................................................117
Manage PowerProtect Data Manager server DR backups.............................................................................. 118
Recover PowerProtect Data Manager from server DR backups....................................................................119
Change the IP address or hostname of a DD system....................................................................................... 123
Troubleshooting NFS backup configuration issues............................................................................................124
Troubleshoot recovery of PowerProtect Data Manager................................................................................. 125
Recover a failed PowerProtect Data Manager restore.................................................................................... 125
Disable server DR backups...................................................................................................................................... 125
Quick recovery for server DR....................................................................................................................................... 126
Quick recovery prerequisites.................................................................................................................................. 128
Identifying a remote system....................................................................................................................................129
Add a remote system for quick recovery.............................................................................................................129
Edit a remote system................................................................................................................................................ 130
Quick recovery remote view................................................................................................................................... 130
Troubleshooting failed quick-recovery jobs......................................................................................................... 131
Overview of PowerProtect Data Manager Cloud Disaster Recovery..................................................................131

Chapter 9: Managing Alerts, Jobs, and Tasks............................................................................. 132

Configure Alert Notifications........................................................................................................................................ 132
View and manage alerts................................................................................................................................................. 133
View and manage audit logs..........................................................................................................................................134
Monitoring jobs and tasks..............................................................................................................................................134
Monitor and view jobs and assets......................................................................................................................... 135
View details for protection jobs..............................................................................................................................137
View details for asset jobs....................................................................................................................................... 139
View details for system jobs and tasks................................................................................................................. 141
Filter, group, and sort jobs.......................................................................................................................................142
Restart a job or task manually...................................................................................................................................... 145
Restart a job or task automatically..............................................................................................................................145
Resume misfire jobs after a PowerProtect Data Manager update......................................................................146
Cancel a job or task......................................................................................................................................................... 147
Exporting logs................................................................................................................................................................... 148
Export logs for jobs................................................................................................................................................... 149
Export logs for assets or tasks...............................................................................................................................149
Limitations for alerts, jobs, and tasks......................................................................................................................... 150

Chapter 10: Modifying the System Settings................................................................................151

System settings................................................................................................................................................................ 151
Modify the network settings................................................................................................................................... 151

6 Contents
Synchronizing the time between PowerProtect Data Manager and other systems.................................152
Modify the user-interface time zone, system time zone, and NTP server..................................................152
Encryption in-flight....................................................................................................................................................153
Server monitoring with syslog................................................................................................................................ 156
Additional system settings....................................................................................................................................... 157
Modifying the PowerProtect Data Manager virtual machine disk settings....................................................... 157
Modify the data disk size......................................................................................................................................... 157
Modify the system disk size....................................................................................................................................159
Configure the DD system.............................................................................................................................................. 159
Virtual networks (VLANs)............................................................................................................................................. 160
Virtual network traffic types....................................................................................................................................161
Virtual network topologies.......................................................................................................................................163
Supported scenarios................................................................................................................................................. 166
Virtual network prerequisites.................................................................................................................................. 167
Configuring virtual networks................................................................................................................................... 167
Virtual network asset assignment...........................................................................................................................171
Syslog server disaster recovery .................................................................................................................................. 172
Troubleshooting the syslog connection......................................................................................................................173
No messages are transmitted to the syslog server........................................................................................... 173

Chapter 11: Managing Reports.................................................................................................... 174

PowerProtect Data Manager reporting......................................................................................................................174
Port requirements............................................................................................................................................................174
Server requirements........................................................................................................................................................174
Unsupported reporting engine vCenter operations.................................................................................................175
Known issues with the reporting engine and Report Browser............................................................................. 175
Configure and deploy the reporting engine............................................................................................................... 176
Report Browser................................................................................................................................................................ 177
Types of reporting information...............................................................................................................................180
Filtering and customizing reports........................................................................................................................... 181
Deleting the reporting engine........................................................................................................................................ 181
Managing disaster recovery of the reporting engine..............................................................................................182
Recover the reporting engine from a DR backup.............................................................................................. 182
Glossary.....................................................................................................................................185

Contents 7
Preface

As part of an effort to improve product lines, periodic revisions of software and hardware are released. Therefore, all versions
of the software or hardware currently in use might not support some functions that are described in this guide. The product
release notes provide the most up-to-date information about product features.
If a product does not function correctly or does not function as described in this guide, contact Customer Support.
NOTE: This guide was accurate at publication time. To ensure that you are using the latest version of this guide, go to the
Customer Support website.

Product naming
Data Domain (DD) is now PowerProtect DD. References to Data Domain or Data Domain systems in this guide, in the user
interface, and elsewhere in the product include PowerProtect DD systems and older Data Domain systems.
Isilon is now PowerScale. References to Isilon, Isilon products, or Isilon appliances in this guide, in the user interface, and
elsewhere in the product include PowerScale products and appliances.
In many cases the user interface has not yet been updated to reflect these changes.

Language use
This guide might contain language that is not consistent with Dell Technologies current guidelines. Dell Technologies plans to
update the guide over subsequent future releases to revise the language accordingly.
This guide might contain language from third-party content that is not under Dell Technologies control and is not consistent
with the current guidelines for Dell Technologies own content. When such third-party content is updated by the relevant third
parties, this guide is revised accordingly.

Acronyms
The acronyms that are used in this guide might not be familiar to everyone. Although most acronyms are defined on their first
use, a definition is not always provided with later uses of the acronym. For a list of all acronyms and their definitions, see the
glossary at the end of the guide.

Website links
The website links used in this guide were valid at publication time. If you find a broken link, provide feedback on the guide, and a
Dell Technologies employee will update the link in the next release as necessary.

Purpose
This guide describes how to configure, use and administer the Dell PowerProtect Data Manager software. This guide also
includes disaster recovery procedures. Procedures specific to asset protection are provided in the individual user guides.

Audience
This guide is intended for the host system administrator who is involved in managing, protecting, and reusing data across the
enterprise by deploying PowerProtect Data Manager software.

8 Preface
Revision history
The following table presents the revision history of this guide.

Table 1. Revision history

Revision Date Description
01 November 21, 2023 Initial release of this guide for PowerProtect Data Manager
version 19.15.

Compatibility information
Software compatibility information for the PowerProtect Data Manager software is provided by the E-Lab Navigator.

Related documentation
The following publications are available at Customer Support and provide additional information:

Table 2. Related documentation

Title Content
PowerProtect Data Manager Administrator Guide This guide describes how to configure, use and administer the
Dell PowerProtect Data Manager software. This guide also
includes disaster recovery procedures. Procedures specific to
asset protection are provided in the individual user guides.
PowerProtect Data Manager Deployment Guide This guide describes how to deploy and license the Dell
PowerProtect Data Manager software.
PowerProtect Data Manager Release Notes This guide contains information about new features, known
limitations, environment, and system requirements for the Dell
PowerProtect Data Manager software.
PowerProtect Data Manager Security Configuration Guide This guide describes security information related to the
deployment, configuration, administration and use of the Dell
PowerProtect Data Manager software.
PowerProtect Data Manager Amazon Web Services This guide describes how to deploy the Dell PowerProtect
Deployment Guide Data Manager software to Amazon Web Services (AWS).
PowerProtect Data Manager Azure Deployment Guide This guide describes how to deploy the Dell PowerProtect
Data Manager software to Microsoft Azure.
PowerProtect Data Manager Google Cloud Platform This guide describes how to deploy the Dell PowerProtect
Deployment Guide Data Manager software to Google Cloud Platform (GCP).
PowerProtect Data Manager Cloud Disaster Recovery This guide describes how to deploy the Dell Cloud Disaster
Administration and User Guide Recovery (Cloud DR) solution, protect virtual machines in the
AWS or Azure cloud, and run recovery operations.
PowerProtect Data Manager Cyber Recovery User Guide This guide describes how to install, update, patch, and
uninstall the Dell PowerProtect Cyber Recovery software.
PowerProtect Data Manager File System User Guide This guide describes how to configure and use the Dell
PowerProtect Data Manager software with the File System
agent for file-system data protection.
PowerProtect Data Manager Kubernetes User Guide This guide describes how to configure and use the Dell
PowerProtect Data Manager software to back up and restore
namespaces and PVCs in a Kubernetes cluster or Tanzu
Kubernetes cluster.

Preface 9
Table 2. Related documentation (continued)
Title Content
PowerProtect Data Manager Microsoft Exchange Server User This guide describes how to configure and use the Dell
Guide PowerProtect Data Manager software to back up and restore
the data in a Microsoft Exchange Server environment.
PowerProtect Data Manager Microsoft SQL Server User This guide describes how to configure and use the Dell
Guide PowerProtect Data Manager software to back up and restore
the data in a Microsoft SQL Server environment.
PowerProtect Data Manager Oracle RMAN User Guide This guide describes how to configure and use the Dell
PowerProtect Data Manager software to back up and restore
the data in an Oracle Server environment.
PowerProtect Data Manager SAP HANA User Guide This guide describes how to configure and use the Dell
PowerProtect Data Manager software to back up and restore
the data in an SAP HANA Server environment.
PowerProtect Data Manager Network-Attached Storage This guide describes how to configure and use the Dell
User Guide PowerProtect Data Manager software to protect and recover
the data on network-attached storage (NAS) shares and
appliances.
PowerProtect Data Manager Virtual Machine User Guide This guide describes how to configure and use the Dell
PowerProtect Data Manager software to back up and restore
virtual machines and virtual machine disks (VMDKs) in a
vCenter Server environment with VMware vSphere Storage
APIs – Data Protection (VADP) or the Transparent Snapshots
Data Mover (TSDM).
PowerProtect Data Manager Storage Array User Guide This guide describes how to configure and use the Dell
PowerProtect Data Manager software to protect and restore
data on PowerStore storage arrays.
VMware Cloud Foundation Disaster Recovery With This guide provides a detailed description of how to
PowerProtect Data Manager perform an end-to-end disaster recovery of a VMware Cloud
Foundation (VCF) environment.
PowerProtect Data Manager Public REST API documentation This documentation contains the Dell Dell Technologies APIs
and includes tutorials to guide you in their use.
vRealize Automation Data Protection Extension for Data This guide describes how to install, configure, and use the
Protection Systems Installation and Administration Guide vRealize Data Protection Extension.

Typographical conventions
The following type style conventions are used in this guide:

Table 3. Style conventions

Formatting Description
Bold Used for interface elements that a user specifically selects or clicks, for example, names of
buttons, fields, tab names, and menu paths. Also used for the name of a dialog box, page,
pane, screen area with title, table label, and window.
Italic Used for full titles of publications that are referenced in the text.
Monospace Used for:
● System code
● System output, such as an error message or script
● Pathnames, file names, file name extensions, prompts, and syntax.
● Commands and options
Monospace italic Used for variables.

10 Preface
Table 3. Style conventions (continued)
Formatting Description
Monospace bold Used for user input.
[] Square brackets enclose optional values.
| Vertical line indicates alternate selections. The vertical line means or for the alternate
selections.
{} Braces enclose content that the user must specify, such as x, y, or z.
... Ellipses indicate non-essential information that is omitted from the example.

You can use the following resources to find more information about this product, obtain support, and provide feedback.

Where to find product documentation

To find the latest documentation, navigate to the PowerProtect Data Manager Info Hub or type www.dell.com/ppdmdocs in
your browser, or scan the following QR code on your mobile device.

Where to get support

The Customer Support website provides access to product licensing, documentation, advisories, downloads, and how-to and
troubleshooting information. The information can enable you to resolve a product issue before you contact Customer Support.
To access a product-specific page:
1. Go to the Customer Support website.
2. In the search field of the Identify your product or search support pane, type a product name, and then select the
product from the list that appears.

Support Library
The Support Library contains a knowledge base of applicable solutions that you can search for either by solution number (for
example, KB000xxxxxx) or by keyword.
To search the Support Library:
1. Go to the Customer Support website.
2. From the Support Library pane, click Find Articles.
3. In the Support Library search field, type either the solution number or keywords. Optionally, you can limit the search to
specific products by typing a product name in the search box, and then selecting the product from the list that appears.

Contact Customer Support

To view available support options:
1. Go to the Customer Support website.
2. From the Contact Support pane, click Contact Support.
3. On the Contact Information page, click the link for the relevant support type.

Preface 11
Service requests
To obtain in-depth help from a support agent, submit a service request. To submit a service request:
NOTE: You must have a valid support agreement. For details about either an account or obtaining a valid support
agreement, contact a sales representative.
1. Go to the Customer Support website.
2. From the Service Requests pane, click View Service Requests.
3. Click the Create New Service Request button to create a new service request.
To review an open service request:
1. Go to the Dell Customer Support website.
2. On the Support tab, click Service Requests & Dispatch Status, and sign into your account.
3. On the Service Requests page, click View All Service Requests.

Dell Community
For peer contacts, conversations, and content on product support and solutions, go to the Dell Community. Interactively engage
with customers, partners, and certified professionals online.

How to provide feedback

Feedback helps to improve the accuracy, organization, and overall quality of publications. You can send feedback to
[email protected].

12 Preface
1
Getting Started
Topics:
• Introducing the PowerProtect Data Manager software
• Supported Internet Protocol versions
• Unsupported file-system modifications
• References
• Terminology
• Access the PowerProtect Data Manager UI
• Export data
• Customer feedback
• Security configuration

Introducing the PowerProtect Data Manager software

PowerProtect Data Manager software is an enterprise solution that provides software-defined data protection, deduplication,
operational agility, self-service, and IT governance.
PowerProtect Data Manager key features include the following:

Key features Software-defined data protection with integrated deduplication, replication, and reuse
Data backup and recovery self-service operations from native applications that are combined with central
IT governance
Multicloud optimization with integrated Cloud Tiering
SaaS-based monitoring and reporting
Modern services-based architecture for ease of deployment, scaling, and updating

PowerProtect Data Manager integrates multiple data-protection products within the Data Protection portfolio to enable data
protection as a service, providing the following benefits:

Benefits Enables data-protection teams to create data paths with provisioning, automation, and scheduling to
embed protection engines into their data-protection infrastructure for high-performance backup and
recovery
Enables backup administrators of large-scale environments to schedule backups for the following asset
types from a central location on the PowerProtect Data Manager server:
● VMware virtual machines
● File systems
● Kubernetes clusters
● Microsoft Exchange Server and Microsoft SQL Server databases
● Oracle databases
● SAP HANA databases
● Network-attached storage (NAS) shares
● PowerStore block volumes
Provides an agent-based approach to automatically discover and protect databases on an application
server
Enables self-service and centralized protection by:
● Monitoring service-level objectives (SLOs)
● Identifying violations of recovery-point objectives (RPOs)

Getting Started 13
Supports deploying an external VM Direct Engine that is optimized to move data with high-capacity
backup streams
Comes with a basic embedded VM Direct Engine that has the following functions and capabilities:
● It is automatically used as a fallback proxy for performing backup and restore operations when an
external VM Direct Engine fails, is disabled, or is unavailable
● It has a limited capacity for performing backup streams
● It can work with virtual-machine crash-consistent protection policies that use the Transparent
Snapshot Data Mover (TSDM) protection mechanism
● It enables the Search Service used by PowerProtect Search
Supports PowerProtect Search, which enables backup administrators to quickly search for and restore
VM and NAS file copies
Supports the vRealize Automation DP extension, which enables the automatic provisioning of virtual
machines and on-demand backups and restores
Integrates with Cloud Disaster Recovery (Cloud DR), including workflows for Cloud DR deployment,
protection, and recovery operations in the AWS and Azure clouds
Integrates with PowerProtect Cloud Snapshot Manager to view PowerProtect Cloud Snapshot Manager
jobs, alerts, and reports from a consolidated PowerProtect Data Manager dashboard
Integrates with PowerProtect Cyber Recovery to protect the integrity of a PowerProtect Data Manager
environment from cyber threats
Provides a RESTful API interface that allows PowerProtect Data Manager to be monitored, configured,
and orchestrated:
● Existing automation frameworks can be integrated
● New scripts can be quickly written
● Easy-to-follow tutorials are provided

Supported Internet Protocol versions

PowerProtect Data Manager and its components support IPv4 and IPv6 addresses in certain configurations.

Table 4. Supported configurations

Component Internet Protocol
PowerProtect Data Manager IPv4 only or both IPv4 and IPv6
core
PowerProtect Data Manager IPv4 only
cloud deployments (AWS, NOTE: Despite other entries in this chart to the contrary, if PowerProtect Data Manager
Azure, GCP) is deployed to a cloud environment, no component in the cloud can use IPv6.

VM Direct, TSDM, and Search IPv4 only or IPv6 only

NOTE: Virtual machines that are backed up must use the same protocol that VM Direct
uses. Virtual machines can use both IPv4 and IPv6, even though VM Direct and TSDM
cannot.

Application agents integrated NOTE: If both IPv4 and IPv6 are configured and the PowerProtect Data Manager FQDN
with PowerProtect Data is used, the agent uses IPv6 for network communication.
Manager:
● File System IPv4, IPv6, or both
● Microsoft Exchange Server IPv4 only or both IPv4 and IPv6
● Microsoft SQL Server IPv4, IPv6, or both
(Application Direct)
● Microsoft SQL Server (VM IPv4 only or IPv6 only
Direct) NOTE: Only the Microsoft SQL Server agent supports VM Direct.

14 Getting Started
Table 4. Supported configurations (continued)
Component Internet Protocol
● Oracle RMAN IPv4, IPv6, or both
● SAP HANA IPv4, IPv6, or both
Stand-alone application agents IPv4 only
Network-attached storage IPv4, IPv6, or both
(NAS)
Storage arrays (PowerStore) IPv4 only
Kubernetes IPv4 only
PowerProtect Data Manager IPv4 or IPv6
management
PowerProtect DD IPv4 or IPv6
communication
Report Browser IPv4 only
NOTE: If PowerProtect Data Manager is configured to use both IPv4 and IPv6,
configuring an NTP server and setting a time zone is required for accurate date and time
information in reports.

SupportAssist IPv4, IPv6, or both

Syslog Log Server Gateway IPv4 or IPv6

The following limitations and considerations apply.

Communication with components

If PowerProtect Data Manager is configured to only use one protocol, all components it communicates with must also use
that protocol. If some components that PowerProtect Data Manager communicates with use IPv4 and others use IPv6.
PowerProtect Data Manager must be configured to use both IPv4 and IPv6.

DD systems and DDVE

If a DD system or a DDVE instance uses only IPv6, the required IPv6 interface must be manually selected when a protection
policy is added or edited.

Network-attached storage and DD-system storage units

If the storage unit of a protection policy is different or changed from the destination asset source, you must assign a network
to the destination asset for a successful restore. For example, if your source asset is backed up in an IPv6 network, you must
assign an IPv6 network to the destination asset for the restore to be successful.
To assign a network for the destination asset, perform the following steps:
1. In the PowerProtect Data Manager UI, select Infrastructure > Assets > NAS.
2. Select the destination asset, click More Actions and select Assign Network. The Assign Network page appears.
3. Select a network from the Network Label list, click Save.
4. If a restore failed because of the wrong destination address, retry the operation.

Disaster recovery
Recovering a PowerProtect Data Manager server might result in a conflict with protection-policy configurations. For instance, if
the recovered server is configured to use only IPv4, a protection policy that is configured to use IPv6 cannot run.

Getting Started 15
Name resolution
Name resolution and reverse IP lookup must be configured to ensure the following:
● Fully qualified domain names of PowerProtect Data Manager, its components, and DD components resolve to a valid IPv4 or
IPv6 address.
● If both IPv4 and IPv6 addresses are used for DD, both addresses resolve to the same FQDN.
● All IPv4 and IPv6 addresses are valid and reachable.
● The FQDNs of application-agent hosts that use FQDN as their preferred host address resolve to a valid IPv4 or IPv6
address.
● Each application-agent host that uses FQDN as its preferred host address resolves the FQDN of PowerProtect Data
Manager to an IP address of the same protocol that it uses. For example, if a host uses IPv4, it resolves the FQDN of
PowerProtect Data Manager to an IPv4 address.

Server updates
IPv6 is only supported with new deployments of PowerProtect Data Manager 19.12 or later. Using IPv6 after updating from
PowerProtect Data Manager 19.11 or earlier is unsupported.

Search Engine indexing and adding IPv6 to an IPv4-only system

NOTE: Search Engine is not used in Storage arrays (PowerStore).

If you add IPv6 to an IPv4-only system, indexing from any existing Search Engine cluster becomes unavailable. After adding
IPv6, you must delete all IPv4 Search Engine nodes to remove the Search Engine cluster, and then add new IPv6 nodes to a new
cluster.
Unlike other PowerProtect Data Manager components, if IPv6 is used with a Search Engine, the FQDN of all Search Engine
nodes and related DD systems must always resolve to an IPv6 address and never to an IPv4 address.

Storage Policy Based Management

If using vCenter or ESXi 7.0u2 or earlier with only IPv6, SPBM providers must be added using their PowerProtect Data Manager
FQDN.

Service Unavailable messages with the vSphere Client

PowerProtect plug-in
If vCenter uses the vSphere Client PowerProtect plug-in with IPv6 and the vCenter host is added to PowerProtect Data
Manager using its IPv6 address or FQDN, Service Unavailable messages might be seen for the protected virtual machine.
Backups and restores of the protected virtual machine are unaffected, and these messages can be ignored.

Uncompressed IPv6 formatting

Network interfaces that exist on a DD 7.4.x or earlier system and that are configured to use an uncompressed IPv6 format
cannot be discovered. An example of an uncompressed IPv6 format is 2620:0000:0170:0597:0000:0000:0001:001a.
An example of a compressed IPv6 format is 2620:0:170:597::1:1a. To use these network interfaces, reconfigure them to
use either an IPv4 address or a compressed IPv6 address, and then initiate a discovery.

16 Getting Started
Unsupported file-system modifications
Files and directories on PowerProtect Data Manager and PowerProtect DD systems should only be modified according to
documentation and guidance.
Performing any of the following file-system operations that have not been documented in a product guide or communicated by
Customer Support is unsupported:
● Adding, removing, editing, or otherwise modifying a file or directory
● Manually mounting a DD file system with anything other than read-only permissions
● Altering a file-system procedure
● Replacing a command in the step of a file-system procedure with a different command

References
Some procedures in this document reference other publications for further details.
For a list of PowerProtect Data Manager publications, see "Related documentation" in the preface.
For information about DD Virtual Edition, see the following publications at Customer Support:

Table 5. Related PowerProtect DD Virtual Edition documentation

Title
PowerProtect DD Virtual Edition in VMware Cloud Installation and Administration Guide
PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide
PowerProtect DD Virtual Edition on Premise Installation and Administration Guide
PowerProtect DD Virtual Edition in Azure Installation and Administration Guide
PowerProtect DD Virtual Edition in Amazon Web Services Installation and Administration Guide

Terminology
Familiarize yourself with the terminology for the PowerProtect Data Manager user interface and documentation.
The following terminology list provides more information about names and terms that you should know to use PowerProtect
Data Manager:

Application Application agents are installed on application or database host servers to manage protection using
Agent PowerProtect Data Manager. These agents are commonly known as DD Boost Enterprise Agents
(DDBEAs) for databases and applications.
Application- A virtual machine protection policy that includes additional application-aware data protection for
aware Microsoft SQL Servers. An application-aware virtual machine protection policy provides the ability to
quiesce the application during virtual machine image backup to perform a full backup of Microsoft SQL
Server databases. You can also schedule Microsoft SQL Server log backups for the virtual machines in the
policy.
Asset Assets are objects in PowerProtect Data Manager for which you want to manage protection, including
virtual machines, databases, and file systems.
Asset source Assets that PowerProtect Data Manager protects reside within asset sources, which include vCenter
servers, application or database hosts, and file servers.
Cloud Tier Cloud Tier storage can be added to a protection storage system to expand the deduplication storage
storage capacity onto less expensive object storage in public or private object storage clouds, including secure
Elastic Cloud Storage appliances.
Copy A PowerProtect Data Manager copy is a point-in-time backup copy of an asset.
Copy map The PowerProtect Data Manager Copy Map is a visual representation of backup copy locations on your
protection storage and is available for all protected assets that have copies.

Getting Started 17
Discovery An internal process that scans asset sources to find new assets to protect, and scans infrastructure
components to monitor their health and status.
Instant Access PowerProtect Data Manager virtual machine backup copies can be accessed, mounted, and booted
directly from the protection storage targets as running virtual machines. This operation is called Instant
Access. Copies can also be moved to a production VMware datastore using vMotion. PowerProtect
Data Manager Virtual machine application-aware backup copies can be mounted directly from protection
storage as running Microsoft SQL Server databases, which includes the ability to roll forward log backups.
These Microsoft SQL Server database disks can also be moved to a production VMware datastore using
vMotion.
PowerProtect An agent that is included in PowerProtect Data Manager and installed on each application agent host
Data Manager server so that you can monitor and manage the application agent through PowerProtect Data Manager.
agent
Protection policy Used to configure and manage the entire life cycle of backup data, which includes backup types, assets,
backup start and stop times, backup devices, and backup retention.
Service-level An optional policy that you can layer on top of a protection policy. An SLA performs additional checks
agreement (SLA) on protection activities to ensure that protection goals meet the standards of an organization. SLAs are
made up of one or more service-level objectives.
Service-level A definable rule that sets the criteria for recovery-point objectives (RPOs), encryption, and the location
objective (SLO) of backups according to company requirements.

Access the PowerProtect Data Manager UI

PowerProtect Data Manager provides a web-based UI that you can use to manage and monitor system features and settings
from any location over a network.

Steps
1. From a host that has network access to the PowerProtect Data Manager instance, use the latest version of Google Chrome
or Microsoft Edge to connect to the instance:
https://<instance_hostname>
NOTE: You can specify the hostname or the IP address of the instance.

2. Log in with your username and password.

Usernames follow the format user[@domain], where domain is an optional identifier that associates the user with a
particular identity provider.
For example: jsmith or administrator@test-lab.
● If you do not supply a domain, the authentication service checks the default identity provider.
● If you supply a domain, the authentication service consults the external identity provider for that domain and determines
whether to allow the login.
● If multi-factor authentication (MFA) is enabled, the Multi-Factor Authentication dialog box prompts you for a
passcode. PowerProtect Data Manager verifies this passcode with the MFA service before allowing the login.
NOTE:

If you log in with an expired password, reset the password immediately. Clicking Cancel, closing the browser, or
navigating away from the page before changing your password disables your credentials for subsequent logins. If you log
in and receive a prompt to change your password because of outdated login credentials, provide your current password,
a new password, and confirmation of the new password to continue.
When the identity provider validates the credentials, the authentication service issues a user token. The PowerProtect Data
Manager UI uses the token information to authorize activities.
Unless you have changed the system configuration, the default identity provider is the local identity provider.
The PowerProtect Data Manager Security Configuration Guide provides more information about the available user roles and
their associated permissions. The associated roles for an account determine what parts of the UI a user can see and use, and
what operations a user can perform.

18 Getting Started
If this is your first time accessing the PowerProtect Data Manager UI, an unsigned certificate warning might appear in the
web browser.
The security certificate that encrypts communication between the PowerProtect Data Manager UI and the web browser is
self-signed. A self-signed certificate is signed by the web server that hosts the secure web page. There is nothing wrong
with this certificate. This certificate is sufficient to establish an encrypted channel between the web browser and the server.
However, it is not signed by a trusted authority.

The Get Started window appears with configuration options that are required on first deployment. To skip this window and
go right to the Dashboard, click Launch.
From the Dashboard window:
● The left pane provides links to the available menu items. Expand a menu item for more options.
● The icons in the PowerProtect Data Manager banner provide additional options.
NOTE: Note that after 30 minutes of inactivity, this interface might fail to respond or you might see one of the
following errors:
● 401: Authentication Required
● 503: Unknown Error

To resolve any of these issues, refresh your browser and log in. If you logged in before, you need to log in again.

Get Started window

The Get Started window provides configuration options that are required when the PowerProtect Data Manager system is first
deployed. This window continues to display by default each time you log in until you click Launch.
You can access the Get Started window at any time, or view any getting started options that have yet to be configured, by

clicking , and then selecting Getting Started.

The Get Started window enables you to configure or edit the following menu items:

Table 6. PowerProtect Data Manager Get Started menu items

Options Description
License Launches the License window, which prompts you to add a license file to PowerProtect Data
Manager. Once a license is uploaded, you can view license details, such as capacity usage and
software ID.
Support Launches the Support window, which enables you to configure SupportAssist, AutoSupport,
and set up the email server for application notifications and messages.
Assets Launches the Asset Sources window, where you can enable any of the asset source types
that PowerProtect Data Manager supports. After enabling an asset source, you can add and
register the source for the protection of assets.
Storage Launches the Add Storage window, where you can add a PowerProtect DD System or
PowerProtect DD Management Center as protection storage for primary backup and replicated
copies.

UI tools and options

Learn about the tools, windows, and banner options available in the PowerProtect Data Manager UI.

PowerProtect Data Manager UI tools and windows

The following table describes the tools and windows in the PowerProtect Data Manager UI left navigation pane.

Getting Started 19
Table 7. PowerProtect Data Manager tools
Menu item Description
Click Dashboard to view the overall state of the PowerProtect Data Manager system.

Dashboard

Click Health to view a score for the overall PowerProtect Data Manager system health (Good,
Fair, or Poor).
Health

Click Infrastructure to:

● View and manage all assets:
○ VMware virtual machines
Infrastructure
○ File systems
○ VMAX storage groups
○ Kubernetes clusters
○ Microsoft Exchange Server databases
○ Network Attached Storage (NAS)
○ Microsoft SQL Server databases
○ Oracle databases
○ SAP HANA databases
○ Block volumes
● Add vCenter and application and File System host asset sources.
● View and manage Integrated Storage.
● Add a VM Direct Engine for virtual machine data protection.
● Manage the vSphere Installation Bundle (VIB) for virtual machine crash-consistent data
protection performed with the Transparent Snapshot Data Mover (TSDM) protection
mechanism.
● Manage registration of Oracle RMAN agent, Microsoft application agent, SAP HANA agent,
and File System agent.
● View and manage Cloud Disaster Recovery.
● Create and manage a Search Cluster.
● Add PowerProtect Cloud Snapshot Manager tenants as asset sources for jobs, alerts, and
reports.
Click Protection to:
● Add protection policies to back up assets.
● Manage service-level agreements (SLAs).
Protection
● Add, edit, and delete protection rules for asset inclusion in policies.
● Add, edit, and delete file exclusion templates for File System protection policies.
Click Restore to:
● View asset copy location details and initiate a Restore operation.
Restore ● Manage Instant Access Sessions.
● Use the File Search feature to find and restore virtual machine file copies.
Click Alerts to:
● View and acknowledge alerts and events.
Alerts ● Filter alerts by critical, warning, and informational status, and specify the time range.
● View and examine Audit logs.
● Export audit logs to .csv files.
● Set audit log boundaries.
● Configure alert notifications.

There is also a banner UI option, represented by , which provides links that enable you to
view all unacknowledged alerts.

20 Getting Started
Table 7. PowerProtect Data Manager tools (continued)
Menu item Description
Click Administration to:
● Configure users and roles.
● Set password credentials and manage key chains.
Administration
● View and replace certificates.
● Add external identity providers.
● View and manage resource groups.
Click Reports to access the PowerProtect Data Manager Report Browser and Reporting
Engine.
Reports

Click Jobs to manage jobs, view by protection or system, filter, and view details.

Jobs

Banner UI options
The following table describes the icons in the PowerProtect Data Manager UI banner.

Table 8. Banner UI options

Option Description
Click to provide customer feedback.

Click to enter search criteria to find assets, jobs, logs, and alerts.

The number next to this icon indicates the critical unacknowledged alerts over the last 24
hours.

Click to expand for more information about unacknowledged alerts, including:

● The total number of alerts (all statuses — critical, warning, or informational) that have yet
to be acknowledged, or just the unacknowledged alerts from the last 24 hours (marked
with the New tag).
● The number of critical alerts that have yet to be acknowledged, or just the unacknowledged
critical alerts from the last 24 hours (marked with the New tag).

Within this menu, click any of these links to open the Alerts window, where you can view
specific details about these unacknowledged alerts.

Click to restore assets from replicated copies through quick recovery. This icon only appears
when the system receives replicated metadata from a source system.
Click to configure and manage PowerProtect Data Manager system network, time zone, and
NTP settings, DR backups, security, licenses, updates, authentication, agent downloads, and
support, and to access the Get Started window.
Click to obtain more information about PowerProtect Data Manager, access Customer
Support, or view the REST API documentation.
Click to log out, and log in as a different user, or change the current user password.

Click to launch CloudIQ, APEX Backup Services, Cloud Snapshot Manager, or vProtect.

Getting Started 21
UI tools and options
Learn about the widgets, windows, and banner options available in the PowerProtect Data Manager UI.

Dashboard
The Dashboard is visible when you log in to the PowerProtect Data Manager UI, and can be accessed from the left navigation
pane. This window provides a high-level view of the overall state of the PowerProtect Data Manager system through widgets.
The following table describes each widget.

Table 9. PowerProtect Data Manager Dashboard

Dashboard widget Description
Jobs | Protection This widget provides a color-coded status of backup, restore, and system jobs that are in
progress or have been performed in PowerProtect Data Manager over a specified period. Jobs
Jobs | Restore
| Protection displays by default, showing jobs performed over the last 24 hours.
Jobs | System Click the three vertical dots at the top of the widget to:
Jobs | Asset Level ● Select Protection, Restore, System or Asset Level to switch the jobs view in the
widget.
● Choose the time period for the jobs that you want to view (last 24 hours, last 3 days,
last 7 days, or all). Once a time period is selected, the widget updates to display only jobs
performed within that time period.
Click a color in the chart to view details about jobs with a specific status, or click the links next
to each status. This opens the appropriate Jobs window, which is filtered to display the jobs
that match the selected status and time period. From this window, you can manage jobs, view
more details, and search jobs.

Assets | Count Details in this widget include the number of protected assets, unprotected assets, and
excluded assets for each asset source that has been added and enabled in PowerProtect
Assets | Size
Data Manager. You can also view the total number of assets for each asset source, and the
total size of these assets. Assets | Count displays by default, and the asset types are sorted
based on the percentage of the total asset count that is unprotected, or the total size of the
unprotected assets for the asset source, depending on the view.
Click the three vertical dots at the top of the widget to:
● Select Count or Size to switch the assets view in the widget.
● Select one or more asset sources from the list. You can display asset statistics for a single
asset source, multiple asset sources, or all asset sources.
Hover over a color to view the exact number of protected, unprotected, and excluded assets
and the total size of these assets. Click a color to open the Infrastructure > Assets window,
which is filtered to display the assets that match the selected status.

Health This widget provides a score for the overall PowerProtect Data Manager system health (Good,
Fair, or Poor). Health details and status are provided for the following categories:
● Components: Identifies the state of hardware and software services, such as Running or
Failed.
● Configuration: Identifies whether any aspects of the PowerProtect Data Manager
configuration are incomplete, such as System Support configuration.
● Capacity: Identifies the provisioned and currently allocated size of the associated storage
system.
● Performance: Identifies key performance indicators, such as memory use.
● Data Protection: Identifies key protection indicators, such as service-level agreements not
being met and disaster-recovery backup copies not being present.
Click View All to view more details about the system health issues for all categories.

Compliance This widget provides compliance verification statistics for protection policies that are linked to
a Service Level Agreement (SLA). The widget also identifies the number of assets within these
policies that are compliant and noncompliant.

22 Getting Started
Table 9. PowerProtect Data Manager Dashboard (continued)
Dashboard widget Description

Click the three vertical dots at the top of the widget to select one or more asset sources from
the list. You can display compliance statistics for a single asset source, multiple asset sources,
or all asset sources. By default, the total count and number of protection policies for compliant
and noncompliant assets displays for all asset sources.
Click View All to open the Protection > SLA Compliance window, where you can view more
details about the specific policies and assets that are noncompliant.

Capacity | Active Tier and This widget displays the license capacity status of the for the active tier and cloud tier. The
Capacity | Cloud Tier bar graph displays the used license capacity and available license capacity of the appliance.
Click the three vertical dots at the top of the widget to select and view Active Tier or Cloud
Tier information. By default, the widget displays Capacity | Active Tier.
Click View All to open the Infrastructure > Storage window, where you can view more
details about specific protection storage systems.

Space Optimization This widget provides information about how efficient the active tier storage capacity is on the
PowerProtect Data Manager. Efficiency is determined based on the size of precompression
data that is compared with the size of postcompression data on the system.
Click the three vertical dots at the top of the widget to select a system from the list. The
widget updates to display space optimization statistics for the selected system.

PowerProtect Data Manager UI tools and windows

The following table describes the tools and windows in the PowerProtect Data Manager UI left navigation pane.

Table 10. PowerProtect Data Manager tools

Menu item Description
Click Dashboard to view the overall state of the PowerProtect Data Manager system.

Dashboard

Click Health to view a score for the overall PowerProtect Data Manager system health (Good,
Fair, or Poor).
Health

Click Infrastructure to:

● View and manage all assets:
○ VMware virtual machines
Infrastructure
○ File systems
○ Kubernetes clusters
○ Microsoft Exchange Server databases
○ Network Attached Storage (NAS)
○ Microsoft SQL Server databases
○ Oracle databases
○ SAP HANA databases
● Add vCenter and application and File System host asset sources.
● View and manage Integrated Storage.
● Add a VM Direct appliance with the VM Direct protection engine for virtual machine data
protection.
● Manage the vSphere Installation Bundle (VIB) for virtual machine crash-consistent data
protection performed with the Transparent Snapshot Data Mover (TSDM) protection
mechanism.

Getting Started 23
Table 10. PowerProtect Data Manager tools (continued)
Menu item Description
● Manage registration of Oracle RMAN agent, Microsoft application agent, SAP HANA agent,
and File System agent.
● View and manage activities that are related to storage such as file system, cloud tier, cloud
units, disks, usage, replication targets, and Dell Cloud Disaster Recovery.
● Create and manage a Search Cluster.
● Add PowerProtect Cloud Snapshot Manager tenants as asset sources for jobs, alerts, and
reports.
Click Protection to:
● Add protection policies to back up assets.
● Manage service-level agreements (SLAs).
Protection
● Add, edit, and delete protection rules for asset inclusion in policies.
● Add, edit, and delete file exclusion templates for File System protection policies.
Click Restore to:
● View asset copy location details and initiate a Restore operation.
Restore ● Manage Instant Access Sessions.
● Use the File Search feature to find and restore virtual machine file copies.
Click Alerts to:
● View and acknowledge alerts and events.
Alerts ● Filter alerts by critical, warning, and informational status, and specify the time range.
● View and examine Audit logs.
● Export audit logs to CSV files.
● Set audit log boundaries.
● Configure alert notifications.

There is also a banner UI option, represented by the icon, which provides links that enable
you to view all unacknowledged alerts.

Click Administration to:

● Configure users and roles.
● Set password credentials and manage key chains.
Administration
● Add external identity providers.
● View and manage resource groups.

Click Reports to access the PowerProtect Data Manager Report Browser and Reporting
Engine.
Reports

Click Jobs to manage jobs, view by protection or system, filter, and view details.

Jobs

Banner UI options
The following table describes the icons in the PowerProtect Data Manager UI banner.

Table 11. Banner UI options

Option Description
Click to enter search criteria to find assets, jobs, logs, and alerts.

The number next to this icon indicates the critical unacknowledged alerts over the last 24
hours.

24 Getting Started
Table 11. Banner UI options (continued)
Option Description

Click to expand for more information about unacknowledged alerts, including:

● The total number of alerts (all statuses—critical, warning, or informational) that have yet
to be acknowledged, or the unacknowledged alerts from the last 24 hours (marked with the
New tag).
● The number of critical alerts that have yet to be acknowledged, or the unacknowledged
critical alerts from the last 24 hours (marked with the New tag).
Within this menu, click any of these links to open the Alerts window, where you can view
specific details about these unacknowledged alerts.

Click to restore assets from replicated copies through quick recovery. This icon only appears
when this system receives replicated metadata from a source system.
Click to configure and manage PowerProtect Data Manager default network, time zone, and
NTP settings, DR backups, security, licenses, agent downloads, and support.
Click to log out or change the current user password.

Click to obtain more information about PowerProtect Data Manager or access Customer
Support.
Click to launch Cloud Snapshot Manager.

Dashboard
The Dashboard is visible when you log in to the PowerProtect Data Manager UI, and can be accessed from the left navigation
pane.
The Dashboard window provides a high-level view of the overall state of the PowerProtect Data Manager system through six
widgets. The following table describes each widget.

Figure 1. Dashboard widgets

Table 12. PowerProtect Data Manager Dashboard

Getting Started 25
Table 12. PowerProtect Data Manager Dashboard (continued)
Dashboard widget Description

Jobs | Asset Level ● Select Protection, Restore, System or Asset Level to switch the jobs view in the
widget.
● Choose the time period for the jobs that you want to view (last 24 hours, last 3 days,
last 7 days, or all). Once a time period is selected, the widget updates to display only jobs
performed within that time period.

Click a color in the chart to view details about jobs with a specific status, or click the links next
to each status. This will open the appropriate Jobs window, which is filtered to display the jobs
that match the selected status and time period. From this window, you can manage jobs, view
more details, and search jobs.

Assets | Count and Assets | Details in this widget include the number of protected assets, unprotected assets, and
Size excluded assets for each asset source that has been added and enabled in PowerProtect
Data Manager. You can also view the total number of assets for each asset source, and the
total size of these assets. Assets | Count displays by default, and the asset types are sorted
based on the percentage of the total asset count that are unprotected, or the total size of the
unprotected assets for the asset source, depending on the view.

Click the three vertical dots at the top of the widget to:

● Select Count or Size to switch the assets view in the widget.

● Select one or more asset sources from the list. You can display asset statistics for a single
asset source, multiple asset sources, or all asset sources.
Hover over a color to view the exact number of protected, unprotected, and excluded assets
and the total size of these assets. Click a color to open the Infrastructure > Assets window,
which is filtered to display the assets that match the selected status.

Click View All to open the Protection > SLA Compliance window, where you can view more
details about the specific policies and assets that are non-compliant.

Capacity | Active Tier and This widget displays the capacity status of the DD protection storage systems that are
Capacity | Cloud Tier associated with this instance of PowerProtect Data Manager for the active tier and cloud
tier. Based on the available capacity on each DD system, a color coded bar graph displays the
number of systems that are Good (>20% available), Fair (<20% available), or Poor (<10%).

Click the three vertical dots at the top of the widget to:

26 Getting Started
Table 12. PowerProtect Data Manager Dashboard (continued)
Dashboard widget Description
● Select Active Tier or Cloud Tier to switch between a view of protection storage systems
for the active tier and cloud tier in the widget. By default, the widget displays Capacity |
Active Tier.
● Select a DD system from the list. The widget updates to display capacity statistics for the
selected DD system. You can only display capacity statistics for one system at a time.

Click View All to open the Infrastructure > Storage window, where you can view more
details about specific protection storage systems.

Space Optimization This widget provides information about how efficient the active tier storage capacity is on
individual DD systems associated with this instance of PowerProtect Data Manager. Efficiency
is determined based on the size of pre-compression data compared with the size of post-
compression data on the system.

Click the three vertical dots at the top of the widget to select a DD system from the list. The
widget updates to display space optimization statistics for the selected DD system.

Export data
PowerProtect Data Manager enables you to export and save table data in CSV format.

Prerequisites
In the PowerProtect Data Manager UI, browse to a window that includes the Export All functionality.

About this task

The following table lists the windows that support the Export All functionality.

Table 13. Supported windows

Menu item Window
Health Health
Infrastructure Assets
Application Agents
Protection Protection Policies

You can also export records for assets that are assigned to a protection
policy. Select a protection policy to view its details, and then click the asset
count link next to Assets.

SLA Compliance
Protection Rules

You can also export records for assets that are applied to a protection rule.
Click the link in the Assigned Assets Count column for the protection rule.

Restore Assets
Alerts System
Administration Access Control > Users/Groups

Access Control > Resource Groups

You can also export records for assets that are assigned to a resource group.
Click next to the resource group, and then click View Assets in the right
pane.

Getting Started 27
Table 13. Supported windows (continued)
Menu item Window
Audit Logs
Jobs Protection Jobs
System Jobs
System Settings Messages Catalog

Steps
1. (Optional) Filter and sort the information that appears in the table.
2. In the window, click Export All to export the data to a .csv file.
NOTE: Filters applied to the table in the Protection Policy window are not applied to the exported .csv file. Exported
protection records include all data that is shown in the table. Download the Excel file to sort and filter the protection
results.

Exported fields
The following tables list the fields that are exported using the Export All functionality. The fields are exported in CSV format.

Table 14. Exported fields

Resource Exported fields
Jobs Asset Name, Host, Component Type, Component Description,
Schedule Frequency, Job ID, Status, Description, Job Type,
Sub Type, Asset Type, Assets, Start Time, End Time, Duration,
Next Scheduled, Policy Name, Data Transferred, Storage
System, Asset Size, Data Compressed, Average Throughput,
Total Compression Factor, Reduction Percentage

Application Agents Host Name, IP, Registration Status, OS, Agent Type, Current
Version, Update Status, Port, Application Version, Created
Date, Registered Date, Throttling Status, CPU Throttling

Alerts Message ID, Details, Recommended Action, Severity,

Date, Summary, Category, Status,Component Type, Component
Description

Messages Catalog Message ID, Message, Details, Recommended Action, Severity,

Resource Groups Name, Description, Created At, Number of Resources

SLA Compliance Name, Compliance Type, Policies At Risk, Objectives out of

Compliance, Impacted Assets

System Health Issues Deduction, Issue, Category, Component, Remediation, Date

Users User/Group Name, Type, First Name, Last Name, Email Address,
Roles and Resources, Added Date

The following fields are common to each asset type:

ID, Status, Asset Type, Sub Type, Protection Policy ID, Protection Policy, Protection,
Size, Protection Capacity Size, Protection Capacity Time, Last Copy, Network, Protection
Rule Name, Resource Group Name
The following table lists the fields that are unique to each asset type.

28 Getting Started
Table 15. Exported fields for asset types
Resource (asset type) Exported fields
VMware Virtual Machines Name, Tags, Operating System, Apps, Disk Excluded, vCenter,
Protection Mechanism, ESX Host Name, VM BIOS Uuid, Resource
Pool, VM Folder, Data Center

Kubernetes Namespace, Labels, Age, Cluster, PVCs Excluded, Storage Class

Name, Volume Mode, PVC Namespace

Microsoft SQL Server Name, Protection Engine Flow, Host Type, Host/Cluster/Group
Name, Application Server ID, Application Server Name

Oracle Name, Host/Cluster/Group Name, Host Type, OS Type,

Application Server Name, Application Server ID, SID, Data
Guard Name, Data Guard Role, Protocol, Backup Technology

Microsoft Exchange Server Name, Host/Cluster/Group Name, Host Type, Application Server
Name, Application Server ID

SAP HANA Name, Host/Cluster/Group Name, Host Type, Application Server

Name, Application Server ID

File System Name, OS Type, File System Type, Host Name, Host Operating
System

NAS Name, Asset Source, Appliance Name, Array Type, Server

Name/IP, Protocol, File Stubs, File System Path, File System
Name

Block Volumes Name, Asset Source, Appliance Name, Replication Destination

Customer feedback
Use the customer feedback feature in the PowerProtect Data Manager UI to report your satisfaction with PowerProtect
Data Manager, provide feedback, and send requests for enhancements. Customer feedback is used to improve the customer
experience.

Provide general feedback

Use the following procedure to report your satisfaction with PowerProtect Data Manager and provide feedback.

Steps
1. Log in to the PowerProtect Data Manager UI.

2. From the banner, click .

The customer feedback survey opens in a new window.
NOTE: In environments with limited external connectivity, such as dark sites, an error appears in the web browser and
the customer feedback survey is not displayed.

3. (Optional) Complete the fields in the customer feedback survey, and when finished, click Submit.
You have the option to rate your satisfaction with PowerProtect Data Manager and make a recommendation for how to
improve the customer experience. You also have the option to provide an email address so that can follow up with you
regarding your feedback.
NOTE: Customer contact information is not used for marketing purposes.

Getting Started 29
Security configuration
A separate guide provides some server configuration tasks which are intended specifically for PowerProtect Data Manager
security administrators, whose role may be separate from the PowerProtect Data Manager host system administrator.
The PowerProtect Data Manager Security Configuration Guide provides detailed instructions for all security-related tasks,
including but not limited to:
● Port requirements for and between the following components:
○ PowerProtect Data Manager
○ Configured DD systems
○ VM Direct Engines (embedded and external)
○ Application-agent hosts
○ Web and REST API clients
○ Callhome (SupportAssist)
○ ESXi
○ vCenter
● Configuring identity providers
● Managing local and external user accounts
● Changing and resetting passwords
● Assigning users and groups to roles and associated privileges
● Managing credentials for local and remote components
● Creating resource groups to define scopes of authority
● Managing security certificates, where applicable

Role-based security
PowerProtect Data Manager provides predefined user roles that control access to areas of the user interface and to protected
operations. Some PowerProtect Data Manager functionality is reserved for particular roles and may not be accessible from
every user account.
By using the predefined roles, you can limit access to PowerProtect Data Manager and to backup data by applying the principle
of least privilege.
The PowerProtect Data Manager Security Configuration Guide provides more information about user roles, including the
associated privileges and the tasks that each role can perform.

30 Getting Started
2
System Maintenance
Topics:
• Deploying and maintaining the health of PowerProtect Data Manager
• Deploying and updating PowerProtect Data Manager
• Licensing PowerProtect Data Manager
• Specifying the PowerProtect Data Manager host
• Memory optimization
• Restricted mode
• System support
• Restarting PowerProtect Data Manager
• System maintenance troubleshooting
• Messages Catalog

Deploying and maintaining the health of PowerProtect

Data Manager
In order for PowerProtect Data Manager to function as efficiently as possible, you should deploy and maintain it according to
recommended guidelines.

Deploying and updating PowerProtect Data Manager

You can deploy PowerProtect Data Manager, update it to the latest version, and install other important package updates.

Update paths
CAUTION: If recommended guidelines are not followed, the update of PowerProtect Data Manager or one of its
components can fail.
When deploying or updating PowerProtect Data Manager, see the PowerProtect Data Manager Deployment Guide. It contains
detailed instructions and guidelines that must be followed in certain environments and configurations.
Updating from PowerProtect Data Manager versions 19.11 through 19.14 to version 19.15 is supported.

Security advisories
CAUTION: If the latest Dell security advisories (DSAs) are not followed, PowerProtect Data Manager can be
exposed to security vulnerabilities.
To review the latest DSAs, search for PowerProtect Data Manager at the Dell Technologies Security Advisories and
Notices website.

System Maintenance 31
Licensing PowerProtect Data Manager
PowerProtect Data Manager can be licensed in several different ways. This section describes the different types of available
licenses and how to install a license.
For more information about licensing, see the PowerProtect Data Manager Deployment Guide.

License types
There are several different types of licenses, and they can provide licensing for different periods of time.
The available license types are described in the following table.

Table 16. License types

License type Description
Trial The license that is used by default when PowerProtect Data Manager is deployed.
It enables full use of the product without adding a license key for up to 90 days.
When the trial period ends, PowerProtect Data Manager continues to operate with
full functionality so that you can add a permanent license.
NOTE: A trial license does not allow the use of SupportAssist.

Front-end protected capacity by The primary model of licensing, which is based on the capacity that you want to
terabyte (FETB) protect. For example, you can purchase a 100-TB license, which enables you to
protect up to 100 TB of data.
Socket-based This license is based on the number of asset hosts that you want to protect, and
it applies to every type of protection job. A license is required for each CPU socket
on every physical asset-source host where protected assets exist. If a virtual asset
is protected, count the number of CPU sockets on the physical host of the virtual
machine. In cluster environments that protect NAS, storage array, file system,
database, or virtual machine assets, you must count the number of CPU sockets of
each active host in the cluster.

Perpetual and term-based (subscription) licenses

Licensed software is offered with perpetual or term-based licenses. Your quote identifies whether your license rights are
perpetual or term-based.
A perpetual license enables you to use the software while you are in compliance with the terms of the license agreement.
A term-based license enables you to use the software for a specified time, while you are in compliance with the terms of the
license agreement. At the end of the license term, you must stop using the software, extend the license term, or purchase a
new license.

Add a license
You can add a license file to PowerProtect Data Manager and view license details, such as capacity usage and software ID
number.

Prerequisites
To obtain the XML license file from the license management website, you must have the License Authorization Code (LAC),
which is emailed from . If you have not received the LAC, contact your Customer Support representative.

About this task

To review existing license information, go to Settings > License.
To add a license, perform the following steps:

32 System Maintenance
Steps

1. From the PowerProtect Data Manager user interface, click , and then select License.
2. On the License window, perform one of the following actions:
● Copy and paste the text from the license file into the text box.
● Click Upload File, browse to the location of the license file and select the file, and then click Open.
The license file content appears in the License window.
3. Click Apply.

Results
A message appears in the License window to confirm that the license is successfully added.

Specifying the PowerProtect Data Manager host

When you specify a vCenter server as the PowerProtect Data Manager host, it allows the vCenter server to perform operations
unique to PowerProtect Data Manager.
The PowerProtect Data Manager host performs several operations, including the following:
● Virtual-machine configuration and other system activities.
● Taking a PowerProtect Data Manager snapshot, if required during a software update.
● Allowing memory that is assigned to PowerProtect Data Manager to be automatically increased as necessary when
performing a software update.
● Enabling Cloud Disaster Recovery (Cloud DR) in order to increase required PowerProtect Data Manager CPU and memory.
A vCenter host is a prerequisite for Cloud DR, as specified in the Cloud Disaster Recovery tab of the Infrastructure >
Asset Sources window in the PowerProtect Data Manager user interface.

Specify a vCenter server as the PowerProtect Data Manager host

You select a vCenter server to be used as the PowerProtect Data Manager host from those already added or discovered.

About this task

Perform the following operations:

Steps

1. From the PowerProtect Data Manager user interface, click , and then select Hosting vCenter.
The Hosting vCenter window appears.
2. Choose from one of the following options:
● Enter FQDN/IP—Select this option to manually enter the fully qualified domain name or IP of the vCenter server, the
port number, and to select the vCenter Host Credentials. The Host Credentials list is populated with vCenter servers
that have already been added and discovered in PowerProtect Data Manager. If the host vCenter credentials do not
appear in the list, select Add Credentials to enter this information.
● Select FQDN/IP from asset sources—Select this option to obtain the host vCenter server information automatically
from a vCenter asset source that has already been added and discovered in PowerProtect Data Manager.
3. Click Save.

Results

If the host vCenter server is added as an asset source in PowerProtect Data Manager, is displayed next to this vCenter
server in the Infrastructure > Asset Sources window.

System Maintenance 33
Minimum privileges required for the vCenter server PowerProtect
Data Manager host
The user account associated with the vCenter server that is specified as the PowerProtect Data Manager host must have the
following minimum privileges. These privileges are required for functions related to software installation and updates, virtual
machine snapshots and rollback, and configuring virtual machine memory.

Setting vCenter 6.7 and later required privileges PowerCLI equivalent required privileges
Global ● Manage custom attributes ● Global.ManageCustomFields
● Set custom attributes ● Global.SetCustomField
Network ● Assign network ● Network.AssignNetwork
Permissions ● Modify permission ● Authorization.ModifyPermissions
Sessions ● Impersonate user ● Sessions.ImpersonateUser
● Message ● Sessions.Message
● Validate session ● Sessions.ValidateSession
● View and stop sessions ● Sessions.ViewandStopSessions
Virtual Machine ● Change Configuration > Add or remove device ● VirtualMachine.Config.AddorRemoveDevice
● Change Configuration > Change CPU count ● VirtualMachine.Config.CpuCount
● Change Configuration > Change Memory ● VirtualMachine.Config.Memory
● Change Configuration > Change Settings ● VirtualMachine.Config.Settings
Virtual Machine ● Snapshot Management > Create snapshot ● VirtualMachine.State.CreateSnapshot
● Snapshot Management > Revert to snapshot ● VirtualMachine.State.RevertToSnapshot
● Snapshot Management > Remove snapshot ● VirtualMachine.State.RemoveSnapshot
● Snapshot Management > Rename snapshot ● VirtualMachine.State.RenameSnapshot

NOTE: A complete list of the privileges required for a dedicated vCenter user account is provided in the PowerProtect Data
Manager Virtual Machine User Guide.

Memory optimization
You can use adjust the amount of memory that is assigned to the PowerProtect Data Manager virtual machine in order to
optimize server performance.
The following table indicates the default amount of memory assigned to the PowerProtect Data Manager virtual machine in a
standard environment. The default values are the minimum recommended values.

Table 17. PowerProtect Data Manager memory requirements

Deployment type Memory Swap space Cores
Default 32 GB 8 GB 10
With the Cloud Disaster Recovery (Cloud DR) 36 GB 8 GB 14
Add-On

The recommended number of cores is 14. Also consider the following:

● Depending on the environment, increasing the amount of memory can increase performance.
● If low-memory alerts are seen, increase the amount of memory.
● If you are deploying PowerProtect Data Manager to a virtual machine in a cloud Marketplace environment, it is automatically
assigned 32 GB of RAM. This amount of memory should not be changed after it is deployed.
● Most of the services from PowerProtect Data Manager are memory intensive. When the available physical memory drops to
a certain threshold value, these services start leveraging swap memory. If swap memory resides on a slow disk, then there
can be significant impact on the Java Garbage Collection activity from each of these services when memory that has not
been recently used needs to be swapped into physical memory.

34 System Maintenance
● It is recommended to configure swap memory on a solid-state drive (SSD). During deployment of the PowerProtect Data
Manager server, use the SSD data store to avoid the high latency disk impact from swap and metadata operations.
NOTE: For help with optimizing memory, contact your Customer Support representative.

Memory and updating from an earlier version of PowerProtect Data

Manager
Features in the current version of PowerProtect Data Manager might require more memory than required in previous versions.
When updating from an earlier version of PowerProtect Data Manager, ensure that you increase the amount of assigned
memory as necessary.

Adjust the virtual machine memory

Adjust the amount of memory assigned to the PowerProtect Data Manager virtual machine to support changes in the protection
environment.

Steps
1. Log in to the vSphere Web Client.
2. Right-click the virtual machine and select Edit Settings.
The Edit Settings window appears with the Virtual Hardware button selected.
3. In the Memory field, specify the new memory value.
Ensure that the value you specify does is a multiple of 4 GB.
4. Click OK.

Restricted mode
You can enable restricted mode to prevent scheduled writes to storage. You might want to enable restricted mode to limit
access to storage during a storage upgrade.
Enabling restricted mode during a storage upgrade provides the following benefits:
● Storage writes can be eliminated in a controlled manner. Once writes have stopped, storage can be upgraded.
● Storage writes can be tested after storage has been upgraded. Once testing is complete, storage can be returned to full
production.
Restricted mode prevents the following scheduled operations:
● Backups and replication
● Backup-copy deletion
● Server disaster-recovery backups
Restricted mode allows the following operations:
● Any jobs in progress or queued to run
● Manual backups and restores
● Discovery jobs

To enable restricted mode from the PowerProtect Data Manager user interface, click , select Support > Restricted Mode,
and then click Enable Restricted Mode.

System support
You can use the PowerProtect Data Manager user interface to manage and modify support settings that are typically configured
during deployment. Typically configured support settings include the mail server setup and Secure Remote Services registration.

To access the Support window, click , and then select Support.

System Maintenance 35
Configuring SupportAssist for PowerProtect Data Manager
SupportAssist is a support tool that communicates with PowerProtect Data Manager to monitor your environment, automatically
detect current and potential issues, and collect and store diagnostic data. SupportAssist securely sends the data that is required
for troubleshooting an issue to Customer Support for diagnostic purposes and customer support.
SupportAssist is at heart of the connectivity platform as a unified communication point between PowerProtect Data Manager
and Customer Support.
SupportAssist provides the following features and benefits:
● Proactive monitoring and issue prevention
● Facilitates update package downloads
● Automatic health checks
● Communicates telemetry data
● Real-time troubleshooting
● Customer support
Configure SupportAssist to receive automated support capabilities for your PowerProtect Data Manager system.
SupportAssist cannot be configured when PowerProtect Data Manager uses a trial license.

Generate SupportAssist access key and PIN

An access key and PIN are required to configure a secure connection between PowerProtect Data Manager and SupportAssist.
You only need to apply the access key and PIN once.

About this task

Use the following procedure to generate your SupportAssist access key and PIN:

Steps
1. Go to the Customer Support website and log in to your account.
2. In the search box, type PowerProtect Data Manager and click Search.
3. Click Generate Access Key in the Quick links pane.
4. Enter the product ID (serial number) in the search box.
5. In the Create PIN field, enter a 4-digit PIN.
Record the PIN for later use.
6. Click Generate Access Key.
The access key is sent to the email address for your account.
NOTE: It might take up to 5 minutes to receive the access key in your email.

Connect to support services through SupportAssist

Establish a connection through SupportAssist to ensure access to Customer Support. SupportAssist enables PowerProtect Data
Manager to connect to support services directly or through a gateway server.

Prerequisites
● Apply a valid PowerProtect Data Manager license.
● If you are connecting through the gateway server, the SCG gateway version must be 5.10 or later.
● Apply a valid access key and PIN.
● HTTPS port 443 of esrs3-core.emc.com and esrs3-coredr.emc.com is not blocked by the network firewall.

Steps

1. From the PowerProtect Data Manager UI, click , select Support, and then click SupportAssist.
The Support window opens to the SupportAssist page.

36 System Maintenance
2. On the Connection tab, click Connect Now.
3. Select one of the following options:
● Connect Directly
Select this option to connect PowerProtect Data Manager directly.
● Connect via Gateway
Select this option to connect PowerProtect Data Manager through a gateway server, and then enter the gateway server
IP address and port number.

4. Enter the SupportAssist Access Key and PIN.

5. Click Enable Connect.

Results
PowerProtect Data Manager is connected to support services.

Update or configure contact data

Provide contact information for the person that Customer Support will contact with diagnostic reports. You can add or update
contact data for SupportAssist at any time.

Steps

1. From the PowerProtect Data Manager UI, click , select Support, and then click SupportAssist.
The Support window opens to the SupportAssist page.
2. Select the Contacts tab.
3. To add a primary contact, complete the following steps:
a. Enter the following information:
● First Name
● Last Name
● Email
● Phone
b. Select the Preferred Language from the list.
c. Click Save.
4. To add a secondary contact, click + Add Secondary Contact and enter the required information.

Change SupportAssist connection settings

Use the following procedure to change SupportAssist connection settings.

Steps

1. From the PowerProtect Data Manager UI, click , select Support, and then click SupportAssist.
The Support window opens to the SupportAssist page.
2. Select one of the following connection options:
● Connect Directly
● Connect via Gateway
To add a new gateway connection, complete the following steps:
a. Enter the gateway IP address and port number.
b. Click Test.

Wait until the connection test is complete. If the connection is successful, a green check mark is displayed next to the
gateway IP address and port number.
3. Enter the SupportAssist Access Key and PIN.

System Maintenance 37
NOTE: If you are not connecting with a new access key, skip this step.

4. Click Reconnect.

Enable or disable SupportAssist

Enable the SupportAssist feature to automatically detect issues and collect diagnostic and usage data. You can also disable
SupportAssist at any time.

Steps

1. From the PowerProtect Data Manager UI, click , select Support, and then click SupportAssist.
The Support window opens to the SupportAssist page.
2. To enable SupportAssist, move the Connect to SupportAssist slider to the right. To disable SupportAssist, move the
Connect to SupportAssist slider to the left.
The operation might take up to 5 minutes to complete.

Troubleshooting SupportAssist
Review the following information that is related to troubleshooting SupportAssist.

Failed to establish a SupportAssist connection

If you are connecting to SupportAssist with an access key and PIN that is already in use, the connection fails with error:
Connection is failed: Get universalkey error: Access Key and Pin used
If this issue occurs, obtain a new access key and PIN from Customer Support. Generate SupportAssist access key and PIN
provides instructions.
The following error might display if the SWID is not added to the PowerProtect Data Manager back-end: Connection is
failed: Get universalkey error: Invalid Access Key and Pin
If this issue occurs, contact Customer Support and ask them to check whether the SWID has been added to the PowerProtect
Data Manager back-end.

Connection status changes to "Not Connected"

If the connection status changes to "Not Connected":
1. Ensure that all prerequisites are met in Connect to support services through SupportAssist .
2. If the issue persists, contact Customer Support.

Telemetry Collector
Telemetry Collector gathers information related to this system, including configuration, usage characteristics, performance, and
deployment location information. Telemetry Collector manages remote access and the exchange of system data with Dell Inc. or
its subsidiaries. The information that is gathered by Telemetry Collector is confidential and this data cannot be shared.
When you enable SupportAssist, you also enable Telemetry Collector, which allows Customer Support engineers to collect data
that is related to troubleshooting device and PowerProtect Data Manager software issues. Telemetry Collector does not collect
any personal information.
Telemetry Collector populates three reports—a telemetry report, an alert summary report, and a CloudIQ report. Telemetry
Collector collects details about the following objects:
● Alerts
● Assets
● Asset sources
● Audit logs

38 System Maintenance
● Cloud Data Recovery
● Cloud Disaster Recovery metrics
● Compliance details
● Compliance in the last 24 hours
● Data targets
● DD inventory
● Host information
● Integrated storage
● Licensing
● PowerProtect Data Manager operational inventory
● Protection details
● Protection policies
● Quick-recovery synchronization information
● Service-level agreements
● Storage systems
● Time spent on generating reports
● Traffic metrics
● Update summaries
● Usage

AutoSupport
AutoSupport gathers information related to this system, including configuration, usage characteristics, performance, and
deployment location information. AutoSupport manages remote access and the exchange of system data with Dell Inc. or
its subsidiaries. The information that is gathered by AutoSupport is confidential and this data cannot be shared.
Enable AutoSupport, which allows Customer Support engineers to collect data that is related to troubleshooting device and
PowerProtect Data Manager software issues. AutoSupport does not collect any personal information. For information about
enabling AutoSupport, see Add AutoSupport.
AutoSupport populates two reports—a telemetry report and an alert summary report. AutoSupport collects details about the
following objects:
● Alerts
● Asset sources
● AutoSupport
● Cloud Data Recovery
● Cloud Disaster Recovery metrics
● Compliance in the last 24 hours
● DD inventory
● Hardware topology
● Host information
● Integrated storage
● PowerProtect Data Manager operational inventory
● Protection policies
● Quick-recovery synchronization information
● Storage systems
● System mode
● Time spent on generating reports
● Traffic metrics
● Update summaries
● Usage

CloudIQ reporting
When you enable AutoSupport and choose SupportAssist, you also enable reporting. CloudIQ is a no-cost SaaS/cloud-
based management application that proactively monitors and measures the overall health of systems through intelligent,

System Maintenance 39
comprehensive, and predictive analytics. The data reported to CloudIQ includes configuration data, historical metrics and health
score data.
Ensure that the following requirements are met:
● Add a valid license in System Settings > License.
● Set up SupportAssist in System Settings > Support > SupportAssist.
● Enable AutoSupport and select SupportAssist.

When AutoSupport is enabled, CloudIQ reports are sent automatically. To log in to CloudIQ, click , and then click CloudIQ.
You can also go to https://cloudiq.dell.com. For more information on CloudIQ, refer to the CloudIQ Online Support site.

Set up the email server

The Email Setup page of the PowerProtect Data Manager Support window enables you to configure SMTP email server
settings that control sending and receiving email related to resetting local user passwords and customizing alert notifications.

Steps

1. From the PowerProtect Data Manager user interface, click , select Support, and then click Email Setup.
2. Populate the following fields:
a. Mail Server
The SMTP mail server.
b. Email from:
The email address at which you would like to receive PowerProtect Data Manager AutoSupport email.
c. [Optional] Recipient for Test Email:
The email address to which you would like to send PowerProtect Data Manager test email.
d. [Optional] Port:
The default port is 25. PowerProtect Data Manager supports using non-default ports.
If the email setup is deleted, you must manually choose any non-default port that is not in use anywhere else.
e. User Name:
The user name associated with the PowerProtect Data Manager SMTP email server. This field is optional.
f. Password:
The password associated with the PowerProtect Data Manager SMTP email server. This field is optional.
3. Click Send Test Email.
PowerProtect Data Manager sends a test email.
4. Click Save.

Add AutoSupport
When AutoSupport is enabled, automated support information, telemetry reports, alert summaries, and CloudIQ reports are sent.

About this task

If SupportAssist and SMTP are both configured, this information is sent using the option that you choose in the System
Settings > Support > AutoSupport window.

Steps

1. From the PowerProtect Data Manager UI, click , select Support, and then click AutoSupport.
The AutoSupport window appears.
2. Change the Enable AutoSupport option to Disabled or Enabled, and click Save.
When you enable AutoSupport, select whether to receive the AutoSupport communications through SupportAssist or email
server.

40 System Maintenance
When you enable AutoSupport, the Telemetry Software Terms page displays. Review and scroll down to the bottom of
the page to accept the terms, and then click Save to save your changes.
When you disable AutoSupport, PowerProtect Data Manager stops sending error and telemetry data to SupportAssist or the
SMTP server. PowerProtect Data Manager continues to send information for updates and other information.

NOTE: To disable SupportAssist, clear the SupportAssist option in the AutoSupport window.

Enabling automatic update package checks and downloads

If SupportAssist is enabled, you can configure PowerProtect Data Manager to automatically check for update packages, and
either alert you or automatically download them.
For more information about these options, see the PowerProtect Data Manager Deployment Guide

Add a log bundle

Use the following procedure to add a log bundle.

About this task

NOTE: You can add a maximum of 10 log bundles.

Steps

1. From the PowerProtect Data Manager user interface, click , and then click Logs.
2. Click Add to add a log bundle.
The Add Log Bundle window appears.
3. Select the systems for the log bundle (Data Manager, VM Direct Engines, or, if Cloud DR is deployed, CDRS), set the log
bundle duration, and click Save.
The Jobs window displays the progress of the log bundle creation. Also, a green banner in the UI indicates that the log
bundle has successfully been created. If you want to dismiss the banner, click X.
4. To delete the log bundle, select the box to the left of log bundle and click Delete.
The Log Capacity indicates how much space (in GB) remains on the disk for logs and the percentage of the disk in use for
log storage.
5. To download the log bundle, click the bundle name in the Bundle Name column.

Audit logging and monitoring system activity

The Linux audit daemon (auditd) tracks and logs security-relevant events on the PowerProtect Data Manager system.
Users with the Administrator role can use auditd to monitor the following events:
● File access
● System calls
● Login and logout activity of users
Audit logging enables you to discover access violations, changed or deleted files, failed authentication, and so on.

Viewing audit events in the UI

With the Administrator, Backup Administrator, Restore Administrator, and User roles, you can view audit events to monitor
system activity.

About this task

The following actions generate an audit event:

System Maintenance 41
● User login and logout
● Creating, deleting, or updating a user
● Assigning or unassigning a role to a user
To view audit events in the UI, perform the following steps.

Steps
1. Log in to the PowerProtect Data Manager UI with an account that has one of the indicated roles.
2. Go to Administration > Audit Logs.

View and manage alerts

Alerts enable you to track the performance of data protection operations in PowerProtect Data Manager so that you can
determine whether there is compliance to service level objectives. With the Administrator, Backup Administrator, Restore
Administrator, or User role, you can access the alerts from the Alerts window. However, only some of these roles can manage
alerts.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Alerts.

You can also click on the top banner, and then click the links to view unacknowledged alerts of all statuses (critical,
warning, and informational), or only the unacknowledged critical alerts.
NOTE: Clicking the New tag displays only the unacknowledged alerts that have been generated within the last 24 hours.

The number that appears next to is the total number of unacknowledged critical alerts over the last 24 hours.

The Alerts window displays.

2. Select the System tab. A table with an entry for each applicable alert displays.
By default, only unacknowledged critical alerts from the last 24 hours display, unless you selected to view all

unacknowledged alerts from the links under .

If filter tags have already been applied, the window displays these filter tags. Click X next to any of these filter tags to clear
a filter, and the table view updates with the applicable selections. You can sort the alerts in the table by Severity (Critical,
Warning, Informational), Date, Category, or Status (Acknowledged or Unacknowledged).
3. Select a time from the last 24 hours, the last 3 days, the last 7 days, the last 30 days, and a specific date for the alerts you
want to view, or provide a custom time range. You can also select All Alerts from this list to display information for all alerts
that match the filter tags.
4. Optionally, clear the Show only unacknowledged alerts checkbox if you want to view both acknowledged and
unacknowledged alerts. If you clear this checkbox, the Unacknowledged filter tag is also cleared.
5. To view more details about a specific entry, click next to the entry in the table.
6. For the following steps, log in to the PowerProtect Data Manager UI with an account that has the Administrator, Backup
Administrator, or Restore Administrator role.
7. To acknowledge one or more alerts, select the alerts and then click Acknowledge.
8. To add or edit a note for the alert, click Add/Edit Note, and when finished, click Save.
9. To export a report of alert information to a .csv file which you can download for Excel, click Export All.

NOTE: If you apply any filters in the table, exported alerts include only those alerts that satisfy the filter conditions.

Export audit logs

With the Administrator or Security Administrator role, you can export audit log records to a .csv file of audit data that you can
download and open in Excel. Only the Administrator role can change the retention period.

Steps
1. Go to Administration > Audit Logs.

42 System Maintenance
The list of audit logs appears, which displays the following information:
● Changed At
● Audit Type
● Description
● Changed By
● Object Changed
● Previous Values
● New Values
● Storage
2. To set the retention period (in days) for the audit log, select Set Boundaries and update the retention period.
Only the Administrator role can perform this step.
3. To add a note for the audit log, click >, enter a note in the Notes field, and click Save.
4. Click Export All.

Monitor system services and system health

The status of system services can be monitored from the System Services Status pane, and system health information can be
monitored from the Health pane.

Monitor system services

You can monitor the status of each system service from the System Services Status pane.

To view the status of system services, click , select Support, and then click System Services Status.
The following table provides a summary of the status of each system service and component:

Table 18. System service and component status

Status Description
Running This status appears when an associated service or component is running with full functionality. When all
services are in a Running status, PowerProtect Data Manager is operational.

Initializing This status appears when a service is starting. When the service successfully starts, the status changes to
Running.

Maintenance This status appears when an associated service is in maintenance. In the Maintenance status,
components have limited functionality. Infrastructure services do not have a Maintenance status. When
other services or components have a Maintenance status, the status of PowerProtect Data Manager is
also Maintenance.

Quiesce This status appears when the service or service associated with a component is stopping.
Shut down This status appears when a service has stopped.
No response This status appears when the service that is associated with a component is running, but the service is not
responding.

Monitor system health

You can monitor system health information from the Health window of the PowerProtect Data Manager UI.
To view a summary of any issues affecting the health of PowerProtect Data Manager, select Health from the navigation pane
or View All from the Dashboard health widget.
PowerProtect Data Manager automatically performs a health check every two minutes. If an issue is detected, it is assigned
a category and a deduction value based on its severity. All issues are displayed on the Health window. Resolved issues are
automatically removed the next time a health check is performed.
Health details and status are provided for the following categories:

System Maintenance 43
● Components identifies the state of hardware and software services, such as Running or Failed.
● Configuration identifies whether any aspects of the PowerProtect Data Manager configuration are incomplete, such as
System Support configuration.
● Capacity identifies the provisioned and currently allocated size of the associated storage system.
● Performance identifies key performance indicators, such as memory use.
● Data Protection identifies key protection indicators, such as service-level agreements not being met and disaster-recovery
backup copies not being present.
Each category starts with a score of 100. If there is an outstanding health check issue in one of these categories, its score is
reduced by the deduction value assigned to the issue. If there is more than one outstanding issue in the category, its score is
only reduced by the deduction value of the most severe issue.

Click next to an entry to see the details of the issue.

In the Health window, you can export health data by using the Export All functionality.
The overall health score of the system is represented by the most severe issue and the category with the lowest score.
NOTE: After changing the hostname or IP address of the PowerProtect Data Manager server, the overall health score of
the system can be reported as lower than normal for up to two hours.

Table 19. Overall health score

Health score Indicates
95–100 System is in good health.
71–94 System is in fair health.
0–70 System is in poor health.

Table 20. Health check descriptions

Category Health Check Maximum Deduction Description
Configuration Asset source -30 Deduction occurs when no asset sources
configuration have been added and enabled in
PowerProtect Data Manager. When at least
one asset source is added, the health score
returns to normal.

Storage -30 Deduction occurs when there are no storage

configuration targets configured in the system. When at
least one storage target is set, the health
score returns to normal.

Support -10 Deduction occurs when there are no support

configuration options configured in the system. The
support options include:
● Email setup
● Support assist
● Auto support
When a support option is configured, the
health score returns to normal. If a support
option is configured but initialization is still in
progress, the health score reduction is set to
-5 until the initialization is complete.

Policies defined for -2 Deduction occurs if any of the assets from

all assets the asset sources enabled in PowerProtect
Data Manager are not protected (for
example, Protected/Exclude). The deduction
is -2 when unprotected assets total is greater
than 0.

44 System Maintenance
Table 20. Health check descriptions (continued)
Category Health Check Maximum Deduction Description

Once all assets have been moved to a

protected state, the health score returns to
normal.

System disaster -10 Deduction occurs when there is no scheduled

recovery (DR) system DR backup.
backup schedule
Once the system DR schedules have been
set, the health score returns to normal.

License -30 Deduction occurs when the license status is

not valid or close to its expiration date:
● When the license is invalid or has expired:
-30
● When the license expires in less than 7
days: -20
The health returns to normal upon application
of a valid PowerProtect Data Manager
license.

Operating system -60 Deduction occurs if any of the operating

account health system account passwords are about to
check expire or already expired:
● Before operating system account
password expiry: -15
● Upon password expiry: -60
Once the operating system account expiry
error is fixed, the health score returns to
normal.

Search cluster Search cluster is disabled: -5 Deduction occurs when the Search cluster is
configuration disabled or the parent vCenter Servers are
Search node parent vCenter
removed.
Servers are removed: -5
The health score returns to normal once the
Search cluster is properly configured.

Reporting cluster When reporting node Deduction occurs when the Reporting node
configuration parent vCenter Servers are parent vCenter Servers are removed.
removed: -5
Once the reporting cluster error is fixed, the
health score returns to normal.

ES configuration -5 Deduction occurs when undefined ES

settings have been added.
Once the error is fixed on the ES side, the
health score returns to normal.

Components PowerProtect Business services: 30 Deduction occurs when one or more of the
Data Manager PowerProtect Data Manager services is not
core infrastructure Core services: 30
running or is disabled.
services status Infrastructure services: 60
The health score returns to normal when all
Management services: 40 services are up and running.
Protection services: 20

Protection engines -10 Deduction occurs when the protection engine

status requires attention.

System Maintenance 45
Table 20. Health check descriptions (continued)
Category Health Check Maximum Deduction Description

The health score/status returns to normal

when the protection engine status is in
operational state.

Reporting -10 Deduction occurs when one or more of the

report nodes cannot be detected.
Once the health check error is fixed, the
health score returns to normal.

Search cluster -25 Deduction occurs when one or more Search

clusters or nodes are disabled or cannot be
detected.
The health score/status returns to normal
once all the Search cluster issues are
resolved.

Cloud Disaster -25 Deduction occurs when the Cloud DR Server

Recovery in PowerProtect Data Manager cannot be
detected or the password is invalid.
The health status/score returns to normal
once the DD Cloud Disaster Recovery server
issues have been resolved.

Heap dump -2 Deduction occurs when java heap dump files

are detected in the java service log folder.
The health score returns to normal when
there are no java heap dump files detected.

DNS -60 Deduction occurs when all the DNS servers

are unreachable.
The health score returns to normal when at
least one of the DNS servers can be reached.

NTP -10 Deduction occurs when all the NTP servers

are unavailable.
The health score returns to normal when at
least one of the configured NTP servers can
be reached.

ES Shards Health -50 (replica shards Deduction occurs when the Replica or
Check unassigned) Primary shards are unassigned.
-70 (primary shards Once the ES Shards errors are fixed, the
unassigned) health score returns to normal.

Data Protection Service Level -50 Deduction occurs when SLA compliance is
Agreement (SLA) defined but has not been met, for example,
compliance asset compliance ratio is defined as: Out
Of Compliance Asset Count/In Compliance
Asset Count + Out Of Compliance Asset
Count
● Low ratio: Compliance ratio <= 1/3
● High ratio: 1/3< Compliance ratio <=2/3
● Critical ratio: Compliance ratio > 2/3

When more than 2/3 of protection

policies are out of compliance with the
defined SLAs, the score deduction is -50.

46 System Maintenance
Table 20. Health check descriptions (continued)
Category Health Check Maximum Deduction Description
The health score returns to normal when the
SLA compliance has been met, for example,
complianceRatio= 0.

System DR backup -40 Deduction occurs when the System DR

copy present backup copy is not present. When the DR
backup copy exists, the health score returns
to normal.
Discovery status -20 (for PowerProtect Data Deduction occurs when the PowerProtect
Manager) Data Manager or Cloud Snapshot Manager
(CSM) discovery job completes with an error.
-5 (for Cloud Snapshot
The health score returns to normal once the
Manager)
Discovery jobs errors are fixed.
Capacity PowerProtect Data -60 Deduction occurs when there is heavy disk
Manager disk space partition space use. When disk space usage
is 75-90%, the score deduction is -15. When
the disk space usage exceeds 90%, the score
deduction is -60.
The health score returns to normal when disk
space usage falls below the 75% threshold.

Performance Memory usage -40 Deduction occurs when there is heavy

operating system memory usage. When
memory usage is 80-9%, the score deduction
is -15. When the memory usage exceeds
95%, the score deduction is -40.
The health score returns to normal when disk
space usage falls below the 80% threshold.

The following health checks provide grace periods, allowing you a period of time after deployment to configure your system
without a significant reduction in the overall health score. An informational alert notification appears up to 24 hours before the
score deduction occurs.

Table 21. Deductions with grace period

Health check component Deduction by grace period
Asset source configuration ● Not configured for up to 48 hours: -5
● Not configured for more than 48 hours but less than one week: -20
● Not configured after more than one week: -30
Storage configuration ● Not configured for up to 24 hours: -5
● Not configured after 24 hours: -30
System Support configuration ● Not configured for up to one week: -5
● Not configured after more than one week: -10
System Disaster Recovery (DR) ● Not configured for up to 48 hours: -5
backup schedule ● Not configured for more than 48 hours: -10

Access the open source software package information

All open source software (OSS) package information used by PowerProtect Data Manager is stored in a common directory.
To access this information, SSH login to PowerProtect Data Manager and retrieve the OSS reports from the /usr/
local/brs/puppet/licenses directory.

System Maintenance 47
Security certificates
A default deployment of PowerProtect Data Manager creates self-signed security certificates that secure communication with
other components. As you configure the server and add assets, PowerProtect Data Manager stores additional certificates for
each component.
The Administrator and Security Administrator roles can review the Administration > Certificates page in the UI. This page
contains three tabs that list the installed security certificates. Each tab provides information about certificate uses, expiry dates,
issuers, and so forth.
The certificates on the Internal tab secure access to components that are part of the PowerProtect Data Manager server,
such as the UI and REST API. The certificates on the Application Agents tab secure access to the agents, which are under
the control of PowerProtect Data Manager but exist outside the server. The certificates on the External Servers tab secure
access to components or systems that are beyond the control of the server, but where you have approved the communication.
The PowerProtect Data Manager Security Configuration Guide contains more information about cryptography and security
certificates. This guide provides instructions for how to manage the installed certificates, including important prerequisites,
operational considerations, associated tasks, and troubleshooting. This guide also contains instructions for establishing
certificate-based trust with external components and systems.

Restarting PowerProtect Data Manager

When a PowerProtect Data Manager restart is required, it is recommended that you avoid directly powering off the virtual
machine unless it is necessary.
To ensure that PowerProtect Data Manager is able to properly restart, use the reboot or shutdown command. For example,
on Linux, run the command shutdown -r or shutdown -h now.

System maintenance troubleshooting

Services do not start after restarting PowerProtect Data Manager
If the operating system root password expires and you do not change the password before you restart PowerProtect Data
Manager, some scripts fail to obtain root privileges. In this situation, the PowerProtect Data Manager services cannot start.
Follow the guidance in the PowerProtect Data Manager Security Configuration Guide for operating system expired password
behavior to change the root password. Then, restart PowerProtect Data Manager again.

Messages Catalog
The Messages Catalog in the PowerProtect Data Manager UI provides a list of all informational, warning, and critical messages
that PowerProtect Data Manager generates. The message details and recommended action can be used to troubleshoot issues,
and the message ID is provided for reference when contacting Dell Customer Support.

From the PowerProtect Data Manager UI, click and select Messages Catalog to view the entire catalog. You can sort the
information by each column, or filter the list to view messages that match a specific criteria:
● The Message ID, Message, Details and Recommended Action columns allow you to search for text and display only
results matching the search text.
● The Category and Severity columns allow you to select from one or more available options to display only messages that
match your selections.
To export all messages or a filtered list of messages as a .csv file, click Export.

48 System Maintenance
3
Managing Storage
Topics:
• Protection storage
• Storage units
• Differences between storage-system and storage-unit space reporting
• Monitoring storage capacity thresholds

Protection storage
Protection storage is the set of configured storage systems where PowerProtect Data Manager stores backup copies,
replicated copies, and other important information. Protection storage can include any of the following:
● A DD system, including High Availability PowerProtect DD mode
● An instance of PowerProtect DD Management Center (DDMC) that manages multiple DD systems
● A DDMC Smart Scale system pool
NOTE: Data Domain (DD) is now PowerProtect DD. References to Data Domain or Data Domain systems in this guide, in
the user interface, and elsewhere in the product include PowerProtect DD systems and older Data Domain systems.
The most up-to-date software compatibility information for PowerProtect Data Manager is provided by the E-Lab Navigator.
Observe the following information before you configure protection storage:
● Adding and configuring protection storage requires the Administrator role.
● You cannot add protection storage that runs incompatible versions of DDOS.
● You can only add the same protection storage system once, whether you specify the hostname, FQDN, or IP address.
● You cannot add a PowerProtect DD Management Center instance which has no managed DD systems.
● The first time that you add protection storage, PowerProtect Data Manager automatically configures and enables server DR.
The first protection storage system is the default target. System recovery for server DR provides more information.
● Adding protection storage by hostname or FQDN provides maximum flexibility for future IP address changes. PowerProtect
Data Manager uses DNS to resolve hostnames and FQDNs when you select these entries for the Management network
interfaces. Should you later change the DNS mapping, PowerProtect Data Manager resolves the new address and directs
Management communication there. Communication with the Data network is by IP address.
Protection storage is further divided into logical groupings that are called storage units, which hold related data and apply more
detailed configuration options.

Click to open the Details pane and see more information about an existing protection storage system.

PowerProtect DD Management Center automatic discovery

When you add an instance of PowerProtect DD Management Center, PowerProtect Data Manager automatically discovers all
the supported DD systems which that PowerProtect DD Management Center instance manages.
PowerProtect Data Manager displays the discovered DD systems on the Protection Storage tab of the Infrastructure >
Storage window after discovery finishes. It may take a few minutes for the discovered systems to appear.
For each DD system, the Managed By column in the table indicates the PowerProtect DD Management Center instance that
manages the DD system.
If you add a DD system directly to PowerProtect Data Manager, the Managed By column displays the name that you provided
for the DD system.

Managing Storage 49
High Availability PowerProtect DD support
PowerProtect Data Manager supports DD systems with High Availability (HA) enabled. The Active-Standby configuration
provides redundancy in the event of a system failure. HA keeps the active and standby systems synchronized, so that if the
active node were to fail, the standby node can take over services and continue where the failing node left off.
When an active High Availability PowerProtect DD system fails over to its standby High Availability PowerProtect DD system, all
in progress PowerProtect Data Manager operations including backup, restore, replication, and Cloud Tier continue unaffected.
To add a High Availability PowerProtect DD configuration as a storage target in PowerProtect Data Manager, select
Infrastucture > Storage in the PowerProtect Data Manager UI. Add protection storage provides more information.
Virtual machine application-aware protection are only be supported with DDOS version 7.0 or later for HA. The most up-to-date
software compatibility information for PowerProtect Data Manager is provided by the E-Lab Navigator.
For details on DD systems with HA enabled, see the DDOS Administration Guide.

Smart Scale system pools

A system pool is a logical group of DD systems with one interface to flexible storage options. PowerProtect Data Manager can
use a system pool as protection storage.
The DDOS Administration Guide and PowerProtect DD Management Center Installation and Administration Guide provide more
information about Smart Scale, system pools, and the available features. The DDMC instance must be Smart Scale-enabled to
use system pools.
After you add the DDMC instance, PowerProtect Data Manager automatically discovers any available system pools. The Model
column on the Protection Storage tab indicates that the protection storage system is a system pool.
PowerProtect Data Manager groups system pools under a separate heading in the list for protection storage selection when
working with protection policies.
NOTE:

Adding a DDMC instance with system pools also discovers the individual systems within the system pool. PowerProtect
Data Manager includes these systems in lists of available storage targets, such as for protection policy creation. As with
a non-Smart Scale DDMC instance, the Infrastructure > Storage page groups and identifies these systems through the
Managed By column in the list of protection storage systems.

Some roles do not allow you to view the Infrastructure > Storage page to identify the relationships between systems
and system pools. If your role does not allow you to view this information, coordinate storage target assignments with your
system administrator.
Protection policies that target a system pool can replicate to another system pool or to a stand-alone protection storage
system. Conversely, policies that target a stand-alone protection storage system can replicate to another protection storage
system or to a system pool.

System pool reporting

Protection storage reporting differs slightly between individual protection storage systems and system pools. These differences
are visible on the Storage page and the protection storage details pane.
The following table describes how specific columns in the list of protection storage systems behave for system pools.

Table 22. System pool reporting

Column Description
Total The total capacity of the system pool.
Available The largest available space for storage unit placement on a single system in the system pool.
Free The remaining unused space in the pool.
Encryption On if any DD system in the system pool has enabled encryption.

Adding the values for Available and Free yields the total amount of unused space within the system pool.

50 Managing Storage
Mobile DD Boost users
Smart Scale mobile DD Boost users own mobile storage units on system pools. This concept extends the association between
DD Boost users and ordinary storage units to the system pool scope.
Mobile DD Boost users provide a unique user ID within a DDMC data center and control access to the associated mobile storage
units. These users are centrally managed and unique across data centers.
Mobile DD Boost users send their requests to the DDMC instance which manages the entire system pool. DDMC, in turn,
forwards the request to the correct system within the system pool.
As with other storage units, PowerProtect Data Manager associates a mobile DD Boost user with each mobile storage unit under
the control of PowerProtect Data Manager.
Storage units provides more information about mobile storage units.

System pool limitations

Before you use system pools, review the following information:
● Block volume policies do not support system pools.
● Cloud Tiering does not support system pools. If the primary backup or retention targets a system pool, you cannot add a
Cloud Tiering objective to the protection policy. If the replication objective targets a system pool, you cannot add a Cloud
Tiering objective to the replication objective.
● Server disaster recovery (DR) does not support system pools for protection policies. Protection policies that target system
pools do not synchronize to the remote server.
● Server DR does not support system pools as a recovery target. The list of target protection storage systems does not
include system pools.
● When automatically creating a mobile storage unit on a system pool for a protection policy:
○ If the policy encryption setting is enabled, PowerProtect Data Manager requests placement on a pool member where DD
Boost file replication encryption is enabled.
○ If the policy encryption setting is disabled, PowerProtect Data Manager makes no specific placement request. The mobile
storage unit may reside on a pool member where DD Boost file replication encryption could be either enabled or disabled.
○ The retention lock setting for the system pool and pool members must match the retention lock setting for the
protection policy. If retention lock is disabled for the system pool or pool members but enabled for the protection policy,
or conversely, mobile storage unit creation fails.

Mobile storage unit migration within a system pool

Review the following PowerProtect Data Manager prerequisites and postrequisites before you migrate mobile storage units
within a system pool through DDMC.
During a migration, the selected storage units are unavailable for protection workflows. However, you can coordinate the backup
and migration schedules to reduce downtime for the affected workflows.
You can only migrate to a destination that matches the requirements of the mobile storage unit. The PowerProtect DD
documentation provides more information about these requirements.

Supported asset types

● VMware virtual machines
● Oracle databases
● Microsoft SQL Server databases
● Microsoft Exchange Server databases
● File systems
● Network-attached storage (NAS) shares
● SAP HANA databases
● Kubernetes clusters

Managing Storage 51
Migration
Perform the following actions:
1. Review the PowerProtect DD documentation for migration instructions.
2. Start the migration and complete all steps leading up to the commit stage.
3. Before you commit the migration, stop the related PowerProtect Data Manager operations for the selected storage units.
Stop PowerProtect Data Manager operations before mobile storage unit migration provides instructions.
4. Commit the migration and wait for migration to complete.
5. Restore full PowerProtect Data Manager operation. Restore PowerProtect Data Manager operations after mobile storage
unit migration provides information.
6. Optionally, verify operation. Verify operation after mobile storage unit migration provides information.

Stop PowerProtect Data Manager operations before mobile storage unit migration
To quiesce PowerProtect Data Manager before you commit the migration, complete the following actions:

Steps
1. Disable any protection policies that use the selected storage units. Disable a protection policy provides instructions.
2. If the affected protection policies have replication objectives, perform manual replication to eliminate any replication backlog.
Manual replication of protected assets provides instructions.
Scheduled replication activities continue after you disable a protection policy.
3. Allow all running protection and restore activities for the affected protection policies to complete.
4. Disable server disaster recovery (DR). Disable server DR backups provides instructions.
5. Delete any Instant Access sessions which were started from the selected storage units. The PowerProtect Data Manager
Virtual Machine User Guide provides instructions.
6. Disable compliance verification. The PowerProtect Data Manager Security Configuration Guide provides instructions.

Next steps
Refrain from the following activities until the migration completes and you resume normal operations:
● Performing manual backups of assets for the affected protection policies.
● Changing retention periods on the affected protection policies.

Restore PowerProtect Data Manager operations after mobile storage unit migration
To unquiesce PowerProtect Data Manager after migration, complete the following actions:

Steps
1. Enable compliance verification. The PowerProtect Data Manager Security Configuration Guide provides instructions.
2. Enable server DR. Manually configure server DR backups provides instructions.
3. Enable any protection policies that use the selected storage units. Enable a disabled protection policy provides instructions.

Verify operation after mobile storage unit migration

After you unquiesce PowerProtect Data Manager following a migration, optionally verify the operation of all protection policies
that use the selected mobile storage units:

Steps
1. Perform a manual backup for each affected protection policy. Manual backups of protected assets provides instructions.
2. If the affected protection policies have replication objectives, perform manual replication. Manual replication of protected
assets provides instructions.
3. Browse the existing and new backups of assets for the affected protection policies.
4. Verify that you can restore from the new backups and their replicas, including Instant Access restores.
5. Verify that you can delete existing backups and replicas. Delete backup copies provides instructions.

52 Managing Storage
Add protection storage
Add and configure a storage system to use as a target for protection policies. Only the Administrator role can add protection
storage.

Prerequisites
NOTE:

When adding a High Availability PowerProtect DD system, observe the following points:

● Do not add the individual active and standby DD systems to PowerProtect Data Manager.
● In the Address field, use the hostname that corresponds to the floating IP address of the High Availability PowerProtect
DD system.
● The High Availability PowerProtect DD system is verified with the root certificate.
NOTE: If the credentials of the target system change, ensure that you update the credentials on the source
appliance that represents the target system. You can also update the credentials from the PowerProtect Data
Manager UI Administration > Credentials window by selecting the credential resource that is used to connect to
the target system and updating this resource with the correct values. To avoid account lockout, it is recommended
to use a user that has an administrator role but is not the default admin user. In the event that the target
system account associated with these credentials is locked out, then a new credential may need to be added to the
replication target for access.

Steps
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. In the Protection Storage tab, click Add.
3. In the Add Storage dialog box, select a storage system (PowerProtect DD System or PowerProtect DD Management
Center).
For a system pool, select DDMC.
4. To add a High Availability PowerProtect DD system, select the check box.
5. Specify the storage system attributes:
a. In the Name field, specify a storage name.
b. In the Address field, specify the hostname, fully qualified domain name (FQDN), or the IP address.
c. In the Port field, specify the port for SSL communication. Default is 3009.
6. Under Host Credentials click Add, if you have already configured protection storage credentials that are common across
storage systems, select an existing password. Alternatively, you can add new credentials, and then click Save.
7. If a trusted certificate does not exist on the storage system, a dialog box appears requesting certificate approval. Click
Verify to review the certificate, and then click Accept.
8. Click Save to exit the Add Storage dialog and initiate the discovery of the storage system.
A dialog box appears to indicate that the request to add storage has been initiated.
9. In the Storage window, click Discover to refresh the window with any newly discovered storage systems.
When a discovery completes successfully, the Status column updates to OK. If DDMC is selected, all protection storage
systems managed by the host will be listed after discovery.
10. To modify a storage system location, complete the following steps:
A storage system location is a label that is applied to a storage system. If you want to store your copies in a specific location,
the label helps you select the correct storage system during policy creation.
a. In the Storage window, select the storage system from the table.
b. Click More Actions > Set Location.
The Set Location window appears.
c. Click Add in the Location list.
The Add Location window appears.
d. In the Name field, type a location name for the asset, and click Save.

Managing Storage 53
Results
PowerProtect Data Manager displays the available protection storage systems. For each protection storage system, the
Managed By column contains one of the following:

Table 23. Managed By column values

Protection storage type Value
A stand-alone protection storage system. The name of the protection storage system.
A protection storage system or a system pool that is managed The name of the DDMC instance.
by DDMC.

Edit protection storage

You can change the name, address, port number, and credentials for an existing protection storage system. Only the
Administrator role can edit protection storage.

Prerequisites
Review the prerequisites for server DR and Search Engine nodes. Change the IP address or hostname of a DD system provides
more information. Review the limitations for each enabled asset source, as some asset sources may not support changing the
address for a protection storage system.
Ensure that backup, restore, and FLR jobs are not running.

About this task

This task changes the stored Management interface for the protection storage system. If you change any other network
interfaces, you must also update the preferred network interface for each protection policy objective that targets this
protection storage system.

Steps
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. In the Protection Storage tab, select a protection storage system and then click the link in the Managed By column.
The Edit Storage dialog box appears.
3. In the Edit Storage dialog box, specify the storage system attributes:
a. In the Name field, specify a new storage name.
b. In the Address field, specify the new fully qualified domain name (FQDN) or the IP address.
c. In the Port field, specify the port for SSL communication. Default is 3009.
d. Under Host Credentials, select a new set of credentials or click Add.
4. If a trusted certificate does not exist for the protection storage system, a dialog box appears requesting certificate approval.
Click Verify to review the certificate, and then click Accept.
5. Click Save to exit the Edit Storage dialog box.
6. For Microsoft SQL Server or Oracle protection policies that use this protection storage system, update the lockbox:
a. From the left navigation pane, select Protection > Protection Policies.
The Protection Policies window appears.
b. Select the Microsoft SQL Server and Oracle protection policies that target this protection storage system, and then click
Set Lockbox.

Replacing protection storage

After you replace a DD protection storage system, you can use the PowerProtect Data Manager UI to update the required
storage settings in PowerProtect Data Manager for the replacement storage. Only the Administrator role can update the
protection storage settings in PowerProtect Data Manager. This process only applies to stand-alone DD systems, which are DD
systems not managed by DDMC.

54 Managing Storage
The replacement of a DD protection storage system that is used with PowerProtect Data Manager can involve either of the
following use cases:
● You perform a DD controller upgrade or head swap that replaces the protection storage system without requiring the
migration of data.
● You perform collection replication or DD Cloud migration to migrate data from the original DD system to a new replacement
system with the same or higher capacity.
CAUTION: The replacement DD system must have all the storage units, DD Boost users, and data that existed on
the original DD system.
After you replace the DD system, ensure that you meet the following requirements before using the PowerProtect Data
Manager UI to update the storage settings:
● All the protection policies that use the DD storage system are disabled.
● All the running protection jobs are completed.
● All the required data has been manually migrated as needed from the original DD system to the replacement DD system.
Use one of the following procedures to update the protection storage settings in PowerProtect Data Manager after replacing
the DD storage system.

Updating the storage settings when data IP addresses are unchanged

Use the following procedure if you replaced the DD storage system and none of the network settings or data IP addresses have
changed.
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. On the Protection Storage tab, select the DD and then click Discover.
PowerProtect Data Manager automatically discovers the replacement DD system and updates the storage settings for
the replacement system. After discovery, the replacement DD attributes appear on the Protection Storage tab of the
Infrastructure > Storage window.

Updating the storage settings when data IP addresses are changed

Use the following procedure if you replaced the DD storage system and any of the network settings or data IP addresses have
changed.

NOTE: When data IP addresses have changed, update the network interface information for the replacement DD system.

1. From the left navigation pane, select Infrastructure > Storage.

The Storage window appears.
2. On the Protection Storage tab, select the DD and then select More Actions > Replace System.
3. Review the warning message about policies and running jobs, and then click Continue.
4. In the Replace System dialog box, specify the replacement DD system settings and then click Apply:
● In the Address field, specify the DD system management address as the fully qualified domain name (FQDN) or IP
address.
● In the Port field, specify the port for SSL communication. The default port is 3009.
● Under Host Credentials, select a new set of credentials or click Add.
If a trusted certificate does not exist for the storage system, a dialog box appears requesting certificate approval. Click
Verify to review the certificate, and then click Accept.
● Under Network Mapping, specify the replacement data IP address for each listed data IP address that has changed.

A system job is created for updating the storage settings for the replacement DD system. You can monitor the system job in the
System Jobs window.
NOTE: You must wait until the replacement system job completes before you perform any PowerProtect Data Manager
operations that use the DD system being replaced.

Managing Storage 55
After the system job completes, the replacement DD attributes appear on the Protection Storage tab of the Infrastructure >
Storage window. The protection policies that use the DD system are automatically updated with the replacement DD settings.

Remove protection storage

Certain maintenance tasks should be performed before removing a protection storage system.

About this task

Follow these steps to remove a protection storage system.
CAUTION: If these steps are not performed in sequence, an increasing number of PowerProtect Data Manager
operations start to fail and system performance is degraded.

Steps
1. Wait for all backup copies that use the DD system to expire. The expiration time can be reduced by editing the retention
value of the backup copies from the Assets > View Copies window.
2. For each protection policy that uses the DD system, either edit the protection policy and replace the DD system or remove
the protection policy altogether.
3. Remove the DD system from PowerProtect Data Manager.
4. Remove the DD system from the external environment.

Results
The protection storage system is removed.
If a protection storage system is removed and you have not followed steps 1 and 2, you might start to see error messages similar
to the following:

Unable to delete copies for … from protection storage … in storage unit … because of
connection issues on the storage system.
Unable to delete copies for asset … on storage unit …

You might also see repeated system jobs with a status of Failed and a description of Schedule Deleting Expired
Copies.
If these error messages are seen, you can try the following steps 1 and 2 to correct the situation. However, if PowerProtect
Data Manager remains unstable, contact Customer Support.

Storage units
PowerProtect Data Manager can create, configure, and reuse storage units on a protection storage system.
A storage unit under the control of PowerProtect Data Manager is a logical storage-array target that is used to group and
manage protection and retention policies that have the same data-access requirements. Using storage units enables precise
control of the administration of security settings, data-stream limits, capacity quotas, and application-specific data-compression
algorithms. A storage unit is created through one of the methods discussed here.
Review the applicable limitations before you create or change a storage unit, or change the protection or replication target for a
policy. For more information about storage units, see the PowerProtect DD Virtual Edition Installation and Administration Guide
for the appropriate platform.

Server DR storage units and asset storage units

Some operations involving storage units differ between storage units used for the protection of server DR data and storage
units used for the protection of all other asset data. Where such a distinction is made, storage units used to protect server DR
data are called server DR storage units and all other storage units are called asset storage units.

56 Managing Storage
Mobile storage units
For Smart Scale, mobile storage units extend the concept of a storage unit to the scope of an entire system pool. A mobile
storage unit has the potential to move from one pool member to another. Thus:
● When you browse the storage units in a system pool, PowerProtect Data Manager displays only mobile storage units.
● When you browse the storage units on a DD system, PowerProtect Data Manager displays only regular (non-mobile) storage
units.
● You must work with mobile storage units at the system pool level.
Aside from scope differences, PowerProtect Data Manager treats mobile storage units and regular storage units as equivalent.

Storage unit creation and configuration

PowerProtect Data Manager provides two ways to create storage units on the protection storage system:
● If you do not select an existing storage unit when you create a protection policy, PowerProtect Data Manager automatically
creates a storage unit for you.
● Through the PowerProtect Data Manager UI, you can directly create storage units as required.
You can use the UI to configure the quotas and credentials for storage units under the control of PowerProtect Data Manager.

Click to open the Details pane and see more information about an existing storage unit, including configuration values.

Storage unit selection

When you create or edit a protection policy, PowerProtect Data Manager provides the option to select a storage unit as the
protection or replication target. The storage unit can be on the same or another protection storage system.
The Storage page lists all storage units that were discovered on a protection storage system. Only storage units created
directly by PowerProtect Data Manager are available to select for a protection policy. Other storage units are not available to
select, even if known.
A storage unit under the control of PowerProtect Data Manager can be the target for multiple protection policies. When you
select an existing storage unit as a policy target, the policy inherits the storage unit's quota settings.
The instructions for creating and managing protection policies for each asset type provide more information about using storage
units with policies.

Security
All protection policies and applications that share a storage unit can access any data in that storage unit. Reuse a storage unit
only for policies and applications that belong to the same organizational unit or which share a trusted relationship. Policies and
applications for different organizational units should use different storage units.
Any other external applications that also use the storage unit should protect and restrict access to the DD Boost credentials.
These credentials provide access to the PowerProtect Data Manager data.

Automatic storage unit maintenance

For automatically-created storage units, automatic maintenance removes the storage unit when both the following conditions
are true:
● No protection policies target the storage unit for backups or replication.
● The storage unit contains no backups.
Automatic maintenance removes these empty, unused storage units. For governance mode retention, automatic maintenance
removes these storage units even if retention lock is enabled. Because deleting a storage unit with compliance mode enabled
requires security officer credentials, automatic maintenance cannot remove these storage units.
For directly-created storage units, automatic maintenance does not remove the storage unit even when these conditions are
true. In this case, contact the protection storage system administrator to remove the storage units.

Managing Storage 57
Updating from previous releases
Any protection policy can use storage units that were automatically created for policies in a previous release of PowerProtect
Data Manager. Policies that were created in a previous release continue to function as before.
Previous releases of the Oracle agent do not support storage units with multiple protection policies. The PowerProtect Data
Manager Oracle RMAN User Guide provides more information.

Storage unit limitations

When using storage units with multiple protection policies, the following limitations apply:
● PowerProtect Data Manager cannot target or configure storage units that were not created through PowerProtect Data
Manager.
● PowerProtect Data Manager cannot target storage units that were configured elsewhere for Cloud Tiering.
● Moving a protection policy to another storage unit or protection storage system may require a full backup.
○ For virtual machines, file system backups, Kubernetes, and Microsoft Exchange Server backups, the next backup is
automatically promoted to a full backup.
○ For Microsoft SQL Server, Oracle, and SAP HANA backups, complete a manual full backup of these assets with the new
storage unit.
● Protection policies for Storage Data Management cannot share a storage unit with other protection policies.
● Previous releases of the Oracle agent do not support sharing a storage unit between protection policies. The PowerProtect
Data Manager Oracle RMAN User Guide provides more information.

Storage unit considerations for PowerProtect DD

With respect to PowerProtect DD, storage units have certain restrictions and best practices. Be aware of the following
considerations:
● In order to avoid synchronization issues with PowerProtect Data Manager, any storage units that PowerProtect Data
Manager is managing or using should not be modified directly from the DD.
● Storage units that you create in PowerProtect Data Manager must not be changed by the DD administrator to set up
storage unit replication.
● Storage units that you create in PowerProtect Data Manager must not be configured for Cloud Tiering.
● For limitations that apply to supported storage units by PowerProtect DD model, see the E-Lab Navigator.

Retention locking
Retention locking prevents the deletion or alteration of data on a protection storage system for a user-defined period of up to
70 years. PowerProtect Data Manager supports both governance mode and compliance mode retention locking for backups and
replicas.
The PowerProtect DD documentation provides more information about each retention lock mode, including the differences
between modes. Retention locking requires enablement and licensing on the protection storage system before use with
PowerProtect Data Manager.
Retention locking is a two-stage process:
1. Create a storage unit on which you set the appropriate retention lock mode. Setting the retention lock mode enables but
does not activate retention locking.
2. Configure primary backup objectives that both target this storage unit and activate retention locking. Toggling on the
retention lock setting for a primary backup objective activates retention locking in accordance with the configured retention
lock mode of the selected storage unit.
For more information about configuring a primary backup objective, see the appropriate publication.

Table 24. Protection-policy asset types

Asset type Publication
Block volumes PowerProtect Data Manager Storage Array User Guide
File System data PowerProtect Data Manager File System User Guide

58 Managing Storage
Table 24. Protection-policy asset types (continued)
Asset type Publication
Kubernetes cluster PowerProtect Data Manager Kubernetes User Guide
namespaces and PVCs
Microsoft Exchange Server PowerProtect Data Manager Microsoft Exchange Server User Guide
databases
Microsoft SQL Server PowerProtect Data Manager Microsoft SQL Server User Guide
databases
Network Attached Storage PowerProtect Data Manager Network-Attached Storage User Guide
(NAS) share and appliance
data
Oracle RMAN databases PowerProtect Data Manager Oracle RMAN User Guide
SAP HANA databases PowerProtect Data Manager SAP HANA User Guide
Virtual machines PowerProtect Data Manager Virtual Machine User Guide

When you set the retention lock mode on a storage unit, you can never disable or change it. To use a different retention lock
mode with a primary backup, target a different storage unit. The original retention lock mode persists for existing backups or
replicas that were created before the change.
The choice of retention lock mode can impact which protection policies and primary backup objectives share a storage unit.
Consider the retention lock settings when you design your storage unit architecture.

Compliance mode
Observe the following details before you configure or activate compliance mode retention locking:
● Compliance mode requires DDOS 7.10 or later. Earlier versions support only governance mode.
● Compliance mode requires the security officer credentials for the associated protection storage system. PowerProtect Data
Manager does not store the security officer credentials.
● Setting a compliance mode retention lock on an asset storage unit automatically sets a compliance mode retention lock on
the associated server DR storage unit.
● The option to create a storage unit through the selection drop-down list during protection policy configuration does not
support compliance mode, only governance mode. To use compliance mode, create and configure a storage unit before you
configure an associated protection policy.
● Deleting a storage unit with compliance mode enabled requires the security officer credentials for the associated protection
storage system.

System pools and compliance mode retention locking

Mobile storage unit creation can place the storage unit on any pool member. However, the security officer credentials are unique
to each pool member. Use the following roadmap to create a mobile storage unit and enable retention locking after creation.
1. Ensure that compliance mode is enabled for all pool members.
2. Create a mobile storage unit and set the retention lock mode to None.
3. Review the details for the mobile storage unit and note the pool member where the storage unit resides.
4. Edit the mobile storage unit and change the retention lock mode to compliance mode. Provide the security officer credentials
for that pool member.

Create a storage unit

Directly create a storage unit through the PowerProtect Data Manager UI for use with protection policies.

Prerequisites
Add at least one protection storage system for PowerProtect Data Manager.

Managing Storage 59
Steps
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. On the Protection Storage tab, select a storage system, and then select More Actions > Manage Storage Units.
The Storage Units page opens and displays a list of the storage units under the control of PowerProtect Data Manager.
3. Select Add.
The Create Storage Unit or Create Mobile Storage Unit dialog box opens.
4. Type a name for the new storage unit.
5. For mobile storage units in system pools, select a Network Group.
Network groups are configured in DDMC to provide access to the system pool over different physical or virtual networks.
A network group contains information about the IP addresses for the pool members and the IP address that clients use for
access to the system pool.
6. Set the capacity and stream quotas that restrict the storage unit resource consumption.
There are two kinds of quota limits—hard limits and soft limits. You can set either a soft or hard limit or both a soft and hard
limit. Both values must be integers, and the soft value must be less than the hard value.
NOTE: When you set a soft limit and the limit is reached, an alert is generated, but data can still be written. When you
set a hard limit and the limit is reached, data cannot be written. All data protection operations fail until data is deleted
from the storage unit. The PowerProtect DD Virtual Edition Installation and Administration Guide for the appropriate
platform provides more information about quota configuration.

NOTE: If you set a retention lock mode, it can never be disabled or changed.

This field displays only the licensed and available options for the selected protection storage system. If working with a server
DR storage unit, the only available retention lock mode is Compliance.
If you select Compliance, provide the username and password for the security officer who is associated with the
protection storage system.
NOTE: Setting a compliance mode retention lock on an asset storage unit automatically sets a compliance mode
retention lock on the associated server DR storage unit.

8. Select Save.

Results
PowerProtect Data Manager creates the storage unit on the selected protection storage system.

Edit a storage unit

Configure the settings for an existing storage unit through the PowerProtect Data Manager UI. You can also view a list of
protection policies that target the storage unit.

About this task

Any changes to these storage unit attributes that you make directly on the protection storage system are also reflected in
PowerProtect Data Manager.

60 Managing Storage
3. To view the details or usage for a storage unit, select for that storage unit.
The Details pane opens and displays the name, type, capacity, quota information, and a list of protection policies that
currently target the storage unit.
The storage unit may contain copies from protection policies that no longer target the storage unit.
4. Select a storage unit from the list, and then select Edit.
The Edit Storage Unit or Edit Mobile Storage Unit dialog box opens.
5. For mobile storage units in system pools, select a Network Group.
Network groups are configured in DDMC to provide access to the system pool over different physical or virtual networks.
A network group contains information about the IP addresses for the pool members and the IP address that clients use for
access to the system pool.
6. Set the capacity and stream quotas that restrict the storage unit resource consumption.
There are two kinds of quota limits—hard limits and soft limits. You can set either a soft or hard limit or both a soft and hard
limit. Both values must be integers, and the soft value must be less than the hard value.
NOTE: When you set a soft limit and the limit is reached, an alert is generated, but data can still be written. When you
set a hard limit and the limit is reached, data cannot be written. All data protection operations fail until data is deleted
from the storage unit. The PowerProtect DD Virtual Edition Installation and Administration Guide for the appropriate
platform provides more information about quota configuration.

a. Capacity Quota—Controls the total size of precompression data that is written to the protection storage.
b. Stream Quota—The number of concurrent streams allowed during data protection operations. Setting a Stream Quota
limit can help ensure that that performance is not impacted negatively when a data protection operation consumes too
many resources.
7. Toggle the status of retention lock to Enabled. This status can only be toggled if PowerProtect Data Manager has been
updated from a previous release where the compliance mode retention lock was enabled on an asset storage unit, but not on
the server DR storage unit.
NOTE: Retention locking can only be enabled if a retention lock mode is set.

8. If not already set, select a retention lock mode from the available modes: Compliance or Governance.
If editing a server DR storage unit, the only available retention lock mode is Compliance.

NOTE: If you set a retention lock mode, it can never be disabled or changed.

If you select Compliance, provide the username and password for the security officer who is associated with the
protection storage system.
NOTE: Setting a compliance mode retention lock on an asset storage unit automatically sets a compliance mode
retention lock on the associated server DR storage unit.
If you have updated from a PowerProtect Data Manager system that did not have the compliance mode retention lock set
on the server DR storage unit, set it here.

9. Select Save.

Results
PowerProtect Data Manager updates the storage unit settings.

Delete a storage unit

Because deleting a storage unit with compliance mode retention locking requires security officer credentials, automatic
maintenance cannot remove these storage units. Instead, use this procedure to remove storage units with compliance mode
retention locking.

Prerequisites
Before you can delete a storage unit, the storage unit must be empty and not targeted by any protection policies. The storage
unit must be under the control of PowerProtect Data Manager and created by this instance of PowerProtect Data Manager.

Managing Storage 61
If compliance mode retention locking is enabled, provide the username and password for the security officer who is associated
with the protection storage system.

Steps
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. On the Protection Storage tab, select a storage system, and then select More Actions > Manage Storage Units.
The Storage Units page opens and displays a list of the storage units under the control of PowerProtect Data Manager.
3. Select a storage unit from the list, and then select Delete.
The Enter Security Officer Credential dialog box opens.
4. Provide the username and password for the security officer and then click OK.

Results
PowerProtect Data Manager removes the storage unit.

Enable Indefinite Retention Hold on a storage unit

An indefinite retention hold (IRH) prevents any changes or deletion of data on a storage unit for an indefinite period. IRH
prevents the disabling of retention locking on a storage unit, while still allowing modification of retention lock attributes. In order
for IRH to restrict the deletion or modification of files, the files must be locked or have expired locks. Files with no lock history
remain unaffected by the IRH.

Prerequisites
Ensure that retention locking is enabled on the storage unit.

Steps
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. From the Protection Storage tab, select a storage system, and then select More Actions > Manage Storage Units.
3. Select a storage unit from the list, and then select More Actions > Enable Indefinite Retention Hold.
4. If required, provide the username and password for the security officer who is associated with the protection storage
system, and then click Enable.
Security officer credentials are required when enabling IRH on a storage unit with compliance mode retention locking.

Disable Indefinite Retention Hold on a Storage Unit

Disable indefinite retention hold (IRH) on a storage unit to allow deletion of expired files on the storage unit.

Steps
1. From the left navigation pane, select Infrastructure > Storage.
The Storage window appears.
2. From the Protection Storage tab, select a storage system, and then select More Actions > Manage Storage Units.
3. Select a storage unit from the list, and then select More Actions > Disable Indefinite Retention Hold.
4. If required, provide the username and password for the security officer who is associated with the protection storage
system, and then click Disable.
Security officer credentials are required when disabling IRH on a storage unit with compliance mode retention locking.

Working with storage unit passwords

The PowerProtect Data Manager Security Configuration Guide provides instructions for the following topics:
● Viewing an existing storage unit password

62 Managing Storage
● Changing a storage unit password through the UI
● Changing the storage unit password policy

Differences between storage-system and storage-unit

space reporting
Review the following sections for information about differences in the manner that storage spaces and file sizes are reported in
PowerProtect Data Manager.

Base 10 standard used for size calculations in the PowerProtect Data

Manager user interface
PowerProtect Data Manager uses the base-10 numerical system to calculate size measurements such as MB, GB, and TB.
Calculations that use base 10 measure things such as storage-system capacity and the size of assets.
However, some components and other products might use base 2, and operating systems always use base 2. When referring
to the PowerProtect Data Manager UI and something else that calculates size measurements using base 2, ensure that you
perform any appropriate conversion.

How storage-unit capacity is reported in PowerProtect Data Manager and

DD Virtual Edition
Due to differences in space calculations, there is a discrepancy between how PowerProtect Data Manager reports logical
capacity and how DD Virtual Edition (DDVE) reports physical capacity.
For example, the value that is reported when you select More Actions > Manage Storage Units from the Infrastructure >
Storage window might be greater than the amount reported by DDVE.
To determine the physical storage-unit capacity, use DDVE instead.

Monitoring storage capacity thresholds

PowerProtect Data Manager periodically monitors protection storage usage and reports alerts when a system reaches two
capacity thresholds. As a best practice, check for these alerts and respond before the system exhausts storage capacity.
At 80% capacity, PowerProtect Data Manager generates a weekly warning alert. At this threshold, you should develop a
strategy to add capacity or move protection policies to another storage target. Managing Protection Policies provides more
information about moving policies.
At 95% capacity, PowerProtect Data Manager generates a daily critical alert. At this threshold, capacity exhaustion is imminent.
Changing the capacity alerting thresholds requires contacting Support.

Managing Storage 63
4
Using the PowerProtect Search Engine
Topics:
• PowerProtect Search Engine
• Set up and manage indexing
• Search Engine node deletion
• Edit the network configuration for a Search Engine node
• Perform a search
• Troubleshooting Search Engine issues

PowerProtect Search Engine

When you deploy PowerProtect Data Manager, the PowerProtect Search Engine software is installed by default.
The PowerProtect Search Engine indexes virtual machine file metadata to enable searches based on configurable parameters.
To use this feature, add at least one Search Engine node to the Search Engine to form a cluster. Adding a Search Engine node
enables the indexing feature.
You can enable the indexing option when creating protection policies so that the assets are indexed while they are backed up.
Recovering indexes from a disaster is a manual process. The indexing recovery process will be automated in a future release.
When a DR backup is run, scheduled, or manually triggered, the cluster backup workflow backs up the cluster index data. A
backup task is created, and you can view the individual status of the Search Component backup under Details.
NOTE: Scheduled backups with Search cluster integration appear in the Jobs pane as two identical jobs: an initialization job,
which runs immediately, and the backup job, which runs both server DR and Search cluster backups.
Deploy Search Engine nodes with fully qualified domain names (FQDNs) only. PowerProtect Data Manager verifies that the
hostname is an FQDN before deployment.

Limitations
● PowerProtect Search Engine is an optional feature that can be enabled, set up, and configured for virtual machine backups
and protection policies. When you enable this feature, a backup of the Search Engine is taken as part of the server backup
process. As of this release, you cannot disable these backups. Therefore, when Search is enabled, you must add the Search
Engine node on the DD system that contains the ServerBackup MTree to the Allow list. If you use NFS for server DR, add
the Search Engine node IP address or hostname to the client list for the NFS export.
● After an update to PowerProtect Data Manager, with the Search Engine already configured, and the first time that you use
the Networks page to add a virtual network to an environment, PowerProtect Data Manager does not automatically add
the virtual network to the Search Engine. Instead, manually edit each node to add the virtual network. This action makes
the Search Engine aware of virtual networks. Any subsequent new virtual networks are automatically added to the Search
Engine.
● If an operational Search Engine node fails, the node cannot be recovered, and the Search Engine cluster has a status of
Failed, then the cluster must be removed and a new cluster created.
● The maximum number of partitions that can be indexed during a backup operation is 15. If a virtual machine has more than 15
partitions, indexing occurs outside of any backup operation.
● Indexing does not support volumes using the XFS file system on virtual disks that are thin provisioned.

64 Using the PowerProtect Search Engine

Set up and manage indexing
Set up a Search Engine node and configure indexing.

Prerequisites
Ensure that:
● A vCenter datastore has been configured. The PowerProtect Data Manager Virtual Machine User Guide provides detailed
steps for adding a vCenter server as an asset source.
● PowerProtect Data Manager has discovered the networks for the vCenter server.
● The following requirements for the PowerProtect Search Engine are met:
NOTE: Each Search Engine node must meet the system requirements.

○ CPU: 4 * 2 GHz (4 virtual sockets, 1 core for each socket)

○ Memory: 8 GB RAM
○ Disks: 3 disks (50 GB each) and 1 disk (1 TB)
○ Internet Protocol: Either only IPv4 or only IPv6
○ NIC: One vmxnet3 NIC with one port
● The PowerProtect Data Manager system is configured to use an NTP server. NTP server configuration is required to
synchronize the time across the Search Engine nodes in a multi-node cluster.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine, and then click Add Node.
2. In the Add Search Engine Node wizard, provide the required parameters.
● Hostname, IP Address, Gateway, DNS, and Netmask.
● vCenter—If you have added multiple vCenter server instances, select the vCenter server on which to deploy the Search
Engine node.
NOTE: Ensure that you do not select the internal vCenter server.
● ESX Host/Cluster—Select on which cluster or ESXi host you want to deploy the Search Engine node.
● Network—Displays all the networks that are available under the selected ESXi Host/Cluster. For virtual networks
(VLANs), this network carries management traffic.
● Data Store—Displays all datastores that are accessible to the selected ESXi Host/Cluster.
3. Click Next.
The Networks Configuration page displays.
4. On the Networks Configuration page:
The Networks Configuration page configures the virtual network (VLAN) to use for Data for Management Components
traffic. To continue without virtual network configuration, leave the Preferred Network Portgroup selection blank and
then click Next.

a. From the Preferred Network Portgroup list, select a Virtual Guest Tagging (VGT) group.
VST (Virtual Switch Tagging) groups are not supported.
The list displays all virtual networks within the trunk range. If you select a portgroup that contains multiple networks,
PowerProtect Data Manager automatically selects all networks. Individual networks cannot be selected.
A Search Engine node requires an IP address from the static IP pool for each selected virtual network. If there are not
enough IP addresses in a pool, the wizard prompts you to supply additional addresses for that network.
Ensure that the selected virtual networks support a traffic type that is compatible with Search Engine nodes.
b. If required, type an available static IP address or IP address range in the Additional IP Addresses column for the
indicated virtual network.
For convenience when working with multiple virtual networks, you can also use one of the Auto Expand options:
● Expand Last IP—The wizard increments the host portion of the last IP address in the static IP pool. Click Apply.
● Same Last Digit—The wizard adds the network portion of the IP address to the specified value. Type the host
portion of the IP address and then click Apply.
The wizard updates the value in the Additional IP addresses column for each network. Verify the proposed IP
addresses.

Using the PowerProtect Search Engine 65

c. Click Next.
5. On the Summary page, review the information and then click Finish.
The new Search Engine node is deployed, and details are displayed in the lower panel.
6. (Optional) Repeat the previous steps to deploy additional Search Engine nodes to the cluster.
NOTE: Ensure that the previous Search Engine node successfully deploys before you add another.

7. In the Configure Search Engine dialog box, enable or disable indexing, accept or change the expiration period, and then
click OK.
NOTE:
● When the index cluster reaches 70 percent, an alert is generated. When it reaches 90 percent, an alert is generated
and indexing is suspended. Specify a global index expiry interval to periodically clean up indexes, which frees up
space.
● To turn off or modify indexing, select Infrastructure > Search Engine, select the cluster, and click Configure
Cluster. From the Configure Search Cluster dialog box, you can enable/disable the service or change the number
of expiration days.
● Indexes expire according to the global setting or when the associated copies expire, whichever occurs first.
● To stop indexing assets that have been added to a protected protection policy, disable the indexing option during
protection policy configuration.
● You can add up to a maximum of 5 Search Engine nodes.

Next steps
NOTE:

When you edit or retry an operation that failed and there are additional IP addresses in the address pool, PowerProtect Data
Manager marks the last failed IP address as abandoned. PowerProtect Data Manager does not try to reuse any IP addresses
that are marked as abandoned. The UI does not display this condition.

KB article 000181120 provides more information about how to use the REST API to detect when an IP address is marked as
abandoned. The article also provides steps to correct this condition so that the IP address can be used again.

Search Engine node deletion

PowerProtect Data Manager UI supports the deletion of a Search Engine node from a multinode cluster.
The following remediations can be performed on a Search Engine node:
● Delete an operational node from a Search Engine cluster to decrease the cluster capacity when the space is no longer
required.
● Redeploy or delete a node that failed to deploy to a Search Engine cluster.
● Delete all nodes in a Search Engine cluster to remove the cluster.

Delete an operational Search Engine node

You can delete an operational Search Engine node to decrease the cluster capacity when the space is no longer required.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine.
2. Select the node from the list that you want to delete, and then select More Actions > Delete Node.
3. In the Delete Search Engine Node window, click Delete Node.
CAUTION: Do not select Delete node without moving the index data. If you select this option, the Search
Engine cluster becomes inactive and cannot be recovered.

4. Go to the Jobs > System Jobs window to monitor the progress of the node deletion.

66 Using the PowerProtect Search Engine

Redeploy or delete a Search Engine node that failed to deploy
PowerProtect Data Manager enables you to redeploy or delete a Search Engine node that could not be successfully deployed.

About this task

The Redeploy Node functionality is only enabled for nodes that have been added but could not be successfully deployed to the
Search Engine.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine.
2. Select the node that failed to deploy.
3. Do one of the following:
● To redeploy the node, select More Actions > Redeploy Node.
The Redeploy Search Engine Node wizard opens. The Search Engine populates the fields with the information that you
supplied when you added the node. Verify that the information is correct.
● To delete the node, select More Actions > Delete Node.
4. Go to the Jobs > System Jobs window to monitor the progress of the node redeployment or deletion.

Delete all Search Engine nodes to remove the Search Engine

cluster
You can delete all Search Engine nodes in a Search Engine cluster to remove the cluster.

About this task

Removing the cluster is necessary if one of the operational nodes has failed, the node cannot be recovered, and the cluster has
a status of Failed.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine.
2. Perform the following steps for each of the nodes:
a. Select the node from the list.
b. Select More Actions > Delete Node.
c. Click Delete Node.
NOTE: If no operational nodes have failed, the option Delete nodes without moving the index data is available.
Selecting this option results in the cluster becoming irrecoverably inactive.

d. Go to the Jobs > System Jobs window to monitor the progress of the node deletion operation.

Results
All Search Engine nodes are deleted and the Search Engine cluster is removed.

Edit the network configuration for a Search Engine

node
To change the virtual network configuration, perform the following steps. To change any other network configuration settings,
contact Customer Support.

Prerequisites
Before you remove a network, disable indexing. Set up and manage indexing provides instructions.

Using the PowerProtect Search Engine 67

About this task
If Search Engine node deployment failed because of a virtual network configuration problem, you can update the configuration
to add additional IP addresses to the static IP pool. If you did not configure a virtual network during initial deployment, you can
also add the Search Engine node to a virtual network in the same Virtual Guest Tagging (VGT) port group.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine and then select the applicable Search
Engine node.
2. Select More Actions > Edit Networks.
The Edit Search Engine Node wizard opens to the Network Configuration page.
3. If applicable, from the Preferred Network Portgroup list, select a VGT network to carry Data for Management
Components traffic.
The list displays all virtual networks within the trunk range. If you select a portgroup that contains multiple networks,
PowerProtect Data Manager automatically selects all networks. Individual networks cannot be selected.
A Search Engine node requires an IP address from the static IP pool for each selected virtual network. If there are not
enough IP addresses in a pool, the wizard prompts you to supply additional addresses for that network.

Virtual networks with a warning symbol ( ) beside the network name require attention and review. For example, if you
changed the network configuration, the configured traffic types may not support Search Engine nodes. Clear any interfaces
which no longer apply to the Search Engine node.
4. If required, type an available static IP address or IP address range in the Additional IP Addresses column for the indicated
virtual network.
For convenience when working with multiple virtual networks, you can also use one of the Auto Expand options:
● Expand Last IP—The wizard increments the host portion of the last IP address in the static IP pool. Click Apply.
● Same Last Digit—The wizard adds the network portion of the IP address to the specified value. Type the host portion
of the IP address and then click Apply.
The wizard updates the value in the Additional IP addresses column for each network. Verify the proposed IP addresses.

5. Click Next.
6. On the Summary page, review the information and then click Finish.

Next steps
If you disabled indexing, re-enable indexing. Set up and manage indexing provides instructions.

Perform a search
When the Search Engine is deployed and configured, you can use the File Search functionality in the PowerProtect Data
Manager UI to search across all indexed data to locate protected files and folders within backup copies. When asset types are
set up for index searching, the File Search button appears in the Restore menu for assets.
Before performing a search, ensure that:
● A Search Engine node is set up.
● Search indexing is enabled.

Troubleshooting Search Engine issues

This section lists troubleshooting for Search Engine issues.
Some Search Engine troubleshooting procedures require the credentials for individual Search Engine nodes. Search Engine
nodes have admin and root user accounts that are used for troubleshooting software issues. The PowerProtect Data Manager
Security Configuration Guide provides instructions to manage Search Engine node credentials.

68 Using the PowerProtect Search Engine

Error displays during Search Engine node failure
The following error might display during a search when a Search Engine node fails:
Not able to deploy search-node.com. Another session "<host_name>" is already configured
with the same hostname. Would you like to redeploy search node or delete the node?
If this error occurs, delete the Search Engine node, and then retry the operation. If you choose to edit, delete the node. The new
mode modal then appears with your previous inputs. The input that caused the error is marked as critical.

Certificate issues
Issues with indexing backups and/or performing search queries might result when certificates that were deployed on the Search
Engine node were corrupted.
Perform one of the following tests to determine certificate issues:
● Use the log bundle download utility in PowerProtect Data Manager to examine the Backup VM logs in VM Direct, and look
for a log entry like the following:

ERROR: Failed to Upload File: /opt/emc/vproxy/runtime/tmp/vproxyd/

plugin/search/e6c356a1-fbaf-4231-9f6f-a0166b74909a/<search
node>-e081fdea-3599-4a6c-abc4-1b5487cb9a32-e523a94c-2d01-5234-ab3c-
7771cfab3c58-7f16bcbb72d7b49ea073356f0d7388ac08461827.db.zip to
https://<search node>:14251/upload, Error sending data chunk. Post
https://<search node>:14251/upload: x509: certificate signed by unknown authority
(possibly because of "crypto/rsa: verification error" while trying to verify
candidate authority certificate "PPDM Root CA ID-d5ec56b8-69ec-4183-9c94-7c0230408765"

● Examine the REST engine logs in the Search Engine node (/opt/emc/search/logs/rest-engine/*.log), and look
for certificate verification errors.
● Run a search either through the UI or through the API <PowerProtect Data Manager>/api/v2/file-instances
and look for a certification verification error.
Examine the certificate files on each Search Engine node to investigate further. If necessary, regenerate the certificate files.

Verify certificates
Use this procedure to verify that certificates are valid and uncorrupted:
1. Verify that the rootca.pem file is the same in all the relevant nodes (Search Engine node, PowerProtect Data Manager,
and VM Direct node).
NOTE: The rootca.pem file name is different on each node:
● PowerProtect Data Manager—/etc/ssl/certificates/rootca/rootca.pem
● Search Engine node—/var/lib/dellemc/vmboot/trust/thumbprint
● VM Direct—/var/lib/dellemc/vmboot/trust/thumbprint
2. Run the following OpenSSL command to find out whether the root certificate file is corrupt or invalid: openssl verify
<rootca.pem>

Response:

/var/lib/dellemc/vmboot/trust/thumbprint: C = US,
O = DELL Corporation,
CN = PPDM Root CA ID-4c9de850-24ab-42ec-a9a7-6080849d0d24

error 18 at 0 depth lookup:self signed certificate

Ensure that the CN values match.

Using the PowerProtect Search Engine 69

Certificate verification fails
If the certificate verification steps fail, you must re-create the certificates on the Search Engine node or VM Direct node:
1. Connect to the PowerProtect Data Manager console and change to the root user.
2. Use the Get command in the infranodemgmt utility to determine the Search Engine node FQDN.
3. Run /usr/local/brs/puppet/scripts/generate_certificates.sh -n -c -b <node FQDN>

A properties file is created in the /root directory called <node FQDN>.properties.

4. Open this file to determine the location of the generated certificates. They should be located in /etc/ssl/
certificates/<node FQDN>.
5. Obtain the Search Engine node credentials. The PowerProtect Data Manager Security Configuration Guide provides
instructions.
6. From a separate terminal, SSH into the Search Engine node.
7. Change directory to /var/lib/dellemc/vmboot/trust and move the key, cert, and thumbprint files over.
8. Copy the certificate files that were generated in PowerProtect Data Manager as follows:
● rootca.pem to thumbprint
● <search node FQDN>key.pem to key
● <search node FQDN>.pem to cert
9. Paste the files to /var/lib/dellemc/vmboot/trust.
10. Set the permissions for the key, cert, and thumbprint files to 0644, and then set the ownership of these files to
root:app.
11. Restart the REST engine service to pick up the new certificates: systemctl restart search-rest-engine.
12. Check the REST engine log file (/opt/emc/search/logs/rest-engine/rest-engine-daemon-<fqdn>.log) to
verify that the service started successfully.

Ensure that the following message appears:

A valid Root CA certificate of backup server was provided during deployment

Result: Backup with indexing executes successfully and the Search Engine is functional.

Search Engine cluster is full

If the Search Engine is full, you can deploy additional nodes by following the steps in Set up and manage indexing.
If the Search Engine runs out of space and you do not want to deploy an additional node, you have the following options:
● Disable the service
● Shorten the expiration time to remove indexes sooner
● Remove indexes manually
To disable the service, complete the following steps:
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine.
2. Select the cluster, and then click Configure Cluster.
3. In the Configure Search Cluster dialog box, switch the Search Indexing button to turn it off, and then click Save.
NOTE: This setting applies to all indexes in all protection policies in the Search Cluster.

To shorten the expiration time to remove indexes sooner, complete the following steps:
1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine.
2. Select the cluster, and then click Configure Cluster.
3. In the Configure Search Cluster dialog box, modify the Search Index Expiration and click Save. A recommended formula
to determine the expiration time is: Delete Index when Today = Backup-Date + Expiration Days + 1 day.
That is, one day after the backup expires.
NOTE: This setting applies to all indexes in all protection policies in the Search Engine.

To remove indexes manually, complete the following steps:

1. Use SSH to log in to the Search Engine.

70 Using the PowerProtect Search Engine

2. Create a snapshot of the cluster using the following format:

{
Command: "APP_SNAPSHOT",
Title: "Initiate Index/Search Cluster Snapshot Process",
AsyncCmd: false,
Properties: {
"Name": {
Description: "Used to uniquely identify a particular snapshot",
Type: STRING
},
"Action": {
Description: "Action to perform, 'Create', 'Delete', 'Restore' or
'Cancel' a Snapshot",
Type: STRING
},
"NFSHost": {
Description: "NFS Host serving snapshot backup area.",
Type: STRING
},
"NFSExport": {
Description: "NFS Export path to mount too.",
Type: STRING
},
"NFSDirPath": {
Description: "NFS directory path to write too.",
Type: STRING
}
}
}

For example:

{
"Command": "APP_SNAPSHOT",
"Title": "",
"AsyncCmd": false,
"Properties": {
"Action": {
"Description": "",
"Required": false,
"Type": "string",
"IsArray": false,
"Value": "Create",
"Default": null
},
"Name": {
"Description": "",
"Required": false,
"Type": "string",
"IsArray": false,
"Value": "DataManager_Catalog_Cluster_snapshot_2019-10-16-12-57-16",
"Default": null
},
"NFSHost": {
"Value": "10.25.87.88"
},
"NFSExport": {
"Value": "/mnt/shared"
},
"NFSDirPath": {
"Value": ""
}
}
}

3. You can delete indexes by protection policy or by asset. If the JSON command is stored at /home/admin/remove-
plc.json, run the command, ./searchmgmt -I /home/admin/remove-plc.json.

Using the PowerProtect Search Engine 71

● Use the following format to delete indexes by protection policy:

● Use the following format to delete indexes by asset type:

{
"Command": "APP_REMOVE_ITEMS",
"AsyncCmd": false,
"Properties": {
"Action": {
"Description": "Action to perform,
'AssetDelete', 'PLCDelete'",
"Required": true,
"Value": "AssetDelete",
},
"AssetID": {
"Description": "Optional, Asset ID of item(s)
to delete.",
"Required": false,
"Value": "503dd753-b57e-a572-6daf-44680033755f",
},
"PLCID": {
"Description": "PLC ID of item(s) to delete.",
"Required": true,
"Value": "7676d753-b57e-a572-6daf-33689933456d",
}
}
}

NOTE:
● The time to complete the execution of these procedures depends on the number of backup copy asset indexes being
deleted.
● This procedure does not impact regular operation of the cluster.

Troubleshooting a locked Search Engine node

The PowerProtect Data Manager Security Configuration Guide provides information about Search Engine node user accounts
and credentials, including password management policies. The password management policies for these accounts are set to lock
the admin user account after three failed attempts within five minutes. If you try to access the node while the admin user
account is locked, the amount of time that the account remains locked increases.
A Search Engine node might become locked for the following reasons:
● A user or program makes three failed attempts to SSH into the Search Engine node.
● Running monitoring software that tries to log in to the Search Engine node with the wrong admin credentials.
● Running penetration testing on the virtual machines in a vCenter server.
The Search Engine node admin user accounts enable PowerProtect Data Manager to perform operations on each node, such as
obtaining the health status of the node. If the account is locked, the health status of the node is reported as "Failed." When one
of the nodes in the cluster is in a failed state, the entire cluster becomes unavailable. As a result, the cluster is unable to perform
any indexing or search operations.

72 Using the PowerProtect Search Engine

Workaround
To work around this issue, reset the Search Engine node admin credentials. Before you reset the credentials, determine why the
admin account is locked.
Obtain the Search Engine node root credentials. Then, reset the Search Engine node admin credentials. The PowerProtect Data
Manager Security Configuration Guide provides instructions.

Using the PowerProtect Search Engine 73

5
Managing Assets
Topics:
• About asset sources, assets, and storage
• About other asset sources
• Prerequisites for discovering asset sources
• Enable an asset source
• Delete an asset source
• Adding a Cloud Snapshot Manager tenant

About asset sources, assets, and storage

In PowerProtect Data Manager, assets are the basic units that PowerProtect Data Manager protects. Asset sources are the
mechanism that PowerProtect Data Manager uses to manage assets and communicate with the protection storage where
backup copies of the assets are stored.
PowerProtect Data Manager supports PowerProtect DD Management Center (DDMC) as the storage and programmatic
interface for controlling protection storage systems.

Supported asset sources

Asset sources can be a vCenter server, Kubernetes cluster, Network Attached Storage (NAS) appliance or share, application
host, storage array, or Cloud Snapshot Manager tenant. Assets can be virtual machines, Kubernetes namespaces and persistent
volume claims (PVCs), NAS appliance or share assets,Microsoft Exchange Server databases, Microsoft SQL Server databases,
Oracle databases, SAP HANA databases, file systems, or PowerStore block volumes.

Supported asset languages

PowerProtect Data Manager supports the protection of data hosted on operating systems in multiple languages. For more
information, see the E-Lab Navigator.

Prerequisite to adding an asset source

Before you can add an asset source, you must enable the source within the PowerProtect Data Manager user interface.
In the Assets window, you can export asset records by using the Export All functionality.

IPv6 information not displayed by the Asset Sources window

The Asset Sources window does not display IPv6 information. If an asset only uses IPv6, the IPV4 column displays a blank
entry. To select an IPv6-only asset, refer to the Name column.

Maximum supported number of characters in an asset or storage name is

25
PowerProtect Data Manager does not support more than 25 characters in an asset or storage name.

CAUTION: If this maximum is exceeded, protection policy configuration fails.

74 Managing Assets
About other asset sources
In addition to vCenter server asset sources, PowerProtect Data Manager provides the option to enable other asset sources to
protect additional asset types.
The PowerProtect Data Manager Administrator Guide does not provide instructions for Kubernetes clusters or agent asset-
source management. Refer to the PowerProtect Data Manager online help or individual Kubernetes and agent user guides for
more information.
NOTE: When following an agent user guide to install an agent, ensure that the drive or partition of the installation directory
has sufficient free space.
The following other asset sources are supported:

File System agent

After the File System agent is approved and registered in the PowerProtect Data Manager UI, PowerProtect Data Manager
integrates with the agent to enable an application administrator to protect and recover data on the File System host, and to
check and monitor backup compliance against protection policies.

Kubernetes cluster
After the Kubernetes cluster asset source is added and registered in the PowerProtect Data Manager UI, PowerProtect Data
Manager enables protection of PVCs and namespace data on the Kubernetes or Tanzu Kubernetes cluster.

NAS agent
After the NAS asset source is added and registered in the PowerProtect Data Manager UI, PowerProtect Data Manager enables
protection of NAS assets.

Microsoft application agent for Microsoft Exchange Server

After the Microsoft application agent is approved and registered in the PowerProtect Data Manager UI, PowerProtect Data
Manager integrates with the agent to enable an application administrator to protect and recover the Microsoft Exchange Server
application data on the application host, and to check and monitor backup compliance against protection policies.

Microsoft application agent for Microsoft SQL Server

After the Microsoft application agent is approved and registered in the PowerProtect Data Manager UI, PowerProtect Data
Manager integrates with the agent to enable an application administrator to protect and recover the Microsoft SQL Server
application data on the application host, and to check and monitor backup compliance against protection policies.

Oracle RMAN agent

After the Oracle RMAN agent is approved and registered in the PowerProtect Data Manager UI, PowerProtect Data Manager
integrates with the agent to enable an application administrator to protect and recover the Oracle application data on the
application host, and to check and monitor backup compliance against protection policies.

SAP HANA agent

After the SAP HANA agent is approved and registered in the PowerProtect Data Manager UI, PowerProtect Data Manager
integrates with the agent to enable an application administrator to protect and recover the SAP HANA application data on the
application host, and to check and monitor backup compliance against protection policies.

Managing Assets 75
Storage Arrays
For integration with Dell PowerStore, PowerProtect Data Manager provides centralized backup and restore operations to
protect data on storage arrays. After the storage array asset source is added and discovered in the PowerProtect Data Manager
UI, PowerProtect Data Manager enables protection of block volume assets.

Prerequisites for discovering asset sources

Review the following requirements before discovering an asset source.
● Ensure that the PowerProtect Data Manager is deployed and configured in the environment. The PowerProtect Data
Manager deployment guides provide information.
● Log in as a user with the Administrator role. Only the Administrator role can manage asset sources.
● For a new system, enable one or more asset sources for the types of assets that you want to protect. Enable an asset
source provides more information.
● Configure all asset sources with an NTP server.
● Remove any managed snapshots from virtual machines that will be configured to use the Transparent Snapshots Data Mover
(TSDM) protection mechanism.
● Before you register a Microsoft SQL Server application, ensure that the DD system has been discovered successfully.
● For discovery of application agents and File System asset sources:
○ Ensure that all clocks on the application and File System hosts and PowerProtect Data Manager are time-synchronized to
the local NTP server to ensure discovery of the backups.
○ Ensure that the application and File System hosts and the PowerProtect Data Manager network can see and resolve
each other.
○ Ensure that port 7,000 is open on the application and File System hosts.
● Discovery of a vCenter Server asset source excludes the following:
○ Virtual machines with a status of Inaccessible, Invalid, or Orphaned.
○ The virtual machine template.
○ The shadow or standby virtual machine created by RecoverPoint for Virtual Machines, also referred to as the vRPA copy.
○ The vSphere Cluster Service (vCLS) virtual machine.
NOTE: Virtual machines created by the vCLS are managed by VMware, and do not require PowerProtect Data
Manager protection. Even when selected as part of a container, they are automatically excluded from protection.
The vmdm-discovery.log provides a list of vCLS virtual machines that are excluded from protection.
Prior to performing the vCenter discovery, verify the status of any virtual machines that you want to discover.

Discovering asset sources in an opaque network

PowerProtect Data Manager supports the discovery of vCenter servers that are located in an opaque network.
VMware considers a network to be opaque if a vCenter server located in it is not managed by NSX or vSphere. vCenter servers
on opaque networks can be discovered and their assets protected in the same way as vCenter servers that are managed by
NSX or vSphere.

Discovering asset sources in a GCVE environment

There are special discovery considerations in a GCVE environment. Discovery fails unless GCVE-located vCenter servers have
additional permissions.
Ensure the following permissions of any GCVE-located vCenter server:
● The GVE.LOCAL\CloudOwner user is mapped to the Cloud-Owner-Role role at the vCenter level.
● The GVE.LOCAL\CloudOwner to Cloud-Owner-Role mapping is not restricted to a lower-level container object in the
vSphere object hierarchy.

76 Managing Assets
Full discovery of application asset sources
If some application assets are not discovered, you can perform an immediate full discovery of application asset sources by using
the on-demand discovery feature in the PowerProtect Data Manager UI.
Full discovery is available for the following application asset sources:
● Microsoft SQL Server
● Microsoft Exchange Server
● Oracle
● SAP HANA
● File System
To initiate a full discovery of application asset sources, complete the following steps:
1. Select Infrastructure > Asset Sources.
2. Select an application asset source and click Discover.
3. Select the Initiate a full discovery option, and then click Yes.

Enable an asset source

An asset source must be enabled in PowerProtect Data Manager before you can add and register the asset source for the
protection of assets.

About this task

Only the Administrator role can manage asset sources.
In some circumstances, the enabling of multiple asset sources is required. For example, a vCenter Server and a Kubernetes
cluster asset source must be enabled for Tanzu Kubernetes guest cluster protection.
There are other circumstances where enabling an asset source is not required, such as the following:
● For application agents and other agents such as File System, an asset source is enabled automatically when you register and
approve the agent host. For example, if you have not enabled an Oracle asset source but have registered the application
agent host through the API or the PowerProtect Data Manager user interface, PowerProtect Data Manager automatically
enables the Oracle asset source.
● When you update to the latest version of PowerProtect Data Manager from an earlier version, any asset sources that were
previously enabled appear in the PowerProtect Data Manager user interface. On new deployments, no asset sources are
enabled by default.

Steps
1. From the PowerProtect Data Manager user interface, select Infrastructure > Asset Sources, and then click + to reveal
the New Asset Source tab.
2. In the pane for the asset source that you want to add, click Enable Source.
The Asset Sources window updates to display a tab for the new asset source.

Results
You can now add or approve the asset source for use in PowerProtect Data Manager. For a vCenter server, Kubernetes cluster,
or PowerProtect Cloud Snapshot Manager tenant, select the appropriate tab in this window and click Add. For an application
host, select Infrastructure > Application Agents and click Add or Approve as required.
NOTE: Although you can add a Cloud Snapshot Manager tenant to PowerProtect Data Manager in order to view its health,
alerts, and the status of its protection, recovery, and system jobs, you cannot manage the protection of its assets from
PowerProtect Data Manager. To manage the protection of its assets, use Cloud Snapshot Manager. For more information,
see the PowerProtect Cloud Snapshot Manager Online Help.

Managing Assets 77
Disable an asset source
If you enabled an asset source that you no longer require, and the host has not been registered in PowerProtect Data Manager,
perform the following steps to disable the asset source.

About this task

NOTE: An asset source cannot be disabled when one or more sources are still registered or there are backup copies of the
source assets. For example, if you registered a vCenter server and created policy backups for the vCenter Server virtual
machines, then you cannot disable the vCenter Server asset source. But if you register a vCenter server and then delete it
without creating any backups, you can disable the asset source.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Asset Sources, and then select the tab of the asset
source that you want to disable.
If no host registration is detected, a red Disable button appears.
2. Click Disable.

Results
PowerProtect Data Manager removes the tab for this asset source.

Delete an asset source

If you want to remove an asset source that you no longer require, perform the following steps to delete the asset source in the
PowerProtect Data Manager UI.

About this task

Only the Administrator role can manage the asset sources.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Asset Sources, and then select the tab for the type of
asset source that you want to delete.
2. Select the asset source name in the asset source list, and then click Delete.
3. At the warning prompt that appears, click Continue.
The asset source is deleted from the list.

Results
PowerProtect Data Manager removes the specified asset source in the Asset Sources window.
For all asset sources except the vCenter Server, any associated assets that are protected by the protection policy are removed
from the protection policy and their status is changed to deleted. These assets are removed automatically as part of daily
PowerProtect Data Manager cleanup after all associated backup copies have been deleted. These assets can also be removed
manually. The PowerProtect Data Manager Administrator Guide provides details on how to remove assets from PowerProtect
Data Manager.
The copies of assets from the asset source are retained (not deleted). You can delete the copies from the copies page, if
required.

Adding a Cloud Snapshot Manager tenant

After you enable the Cloud Snapshot Manager tenant asset-source with PowerProtect Data Manager, you use the Asset
Sources window in PowerProtect Data Manager to add a Cloud Snapshot Manager tenant to the PowerProtect Data Manager
environment.
Adding a Cloud Snapshot Manager tenant is required if you want to view Cloud Snapshot Manager jobs, alerts, and reports from
a consolidated PowerProtect Data Manager dashboard.

78 Managing Assets
Add a Cloud Snapshot Manager tenant
Perform the following steps to add a Cloud Snapshot Manager tenant as an asset source in the PowerProtect Data Manager UI.

Prerequisites
● Ensure that the asset source is enabled.
Enable an asset source provides instructions.
● Log in as a user with the Administrator role. Only the Administrator role can manage asset sources.
● The PowerProtect Data Manager server has Internet access and is able to reach https://ssgosge.emc.com.
NOTE: If this access is removed during normal operation, any existing Cloud Snapshot Manager information will continue
to be displayed in the Dashboard window, but there will be no updates until Internet access is restored.
● This procedure requires the entry of values specific to Cloud Snapshot Manager. For more information, see the
PowerProtect Cloud Snapshot Manager Online Help.

Steps
1. From the left navigation pane, select Infrastructure > Asset Sources.
The Asset Sources window appears.
2. Select the Cloud Snapshot Manager tab.
3. Click Add.
The Add Cloud Snapshot Manager Account Details dialog displays.
4. In the Name field, enter a descriptive name for the Cloud Snapshot Manager tenant.
5. In the Tenant ID field, enter the Cloud Snapshot Manager tenant ID.
6. Click the drop-down control next to Cloud Snapshot Manager Credentials, and then click Add Credentials.
a. In the Name field, enter the name of the Cloud Snapshot Manager tenant credentials.
b. In the Client ID field, enter the ID of the Cloud Snapshot Manager tenant.
c. In the Client Secret field, enter the secret of the Cloud Snapshot Manager tenant.
d. Click Save.
7. Click Save.

Results
PowerProtect Data Manager can view jobs, alerts, and reports related to protected Cloud Snapshot Manager resources.

Managing Assets 79
6
Managing Protection Policies
Topics:
• Protection policies
• Before you create a protection policy
• Replication triggers
• Creating or editing a protection policy
• Viewing a summary of protection policies
• Run an asset-protection report
• Add a service-level agreement
• Run a compliance report
• Disable a protection policy
• Delete a protection policy
• Overview of PowerProtect Data Manager Cloud Tier
• Extended retention for protection policies created in PowerProtect Data Manager 19.11 or earlier
• Manual backups of protected assets
• Manual replication of protected assets
• Manual Cloud Tiering of protected assets
• Delete backup copies
• Removing expired backup copies
• Removing assets from PowerProtect Data Manager
• Protecting client assets after a client hostname change
• ifGroup configuration and PowerProtect Data Manager policies
• Troubleshooting failed replication jobs

Protection policies
Protection policies define sets of objectives that apply to specific periods of time. These objectives drive configuration, active
protection, and copy-data-management operations that satisfy the business requirements for the specified data. Each policy
type has its own set of user objectives.
Only the Administrator role can create or edit protection policies.
In the Protection Policies window, you can export protection policy data by using the Export All functionality.

Before you create a protection policy

Consider the following best practices before creating a protection policy.
● You can only protect an asset with one policy at a time. Protection rules do not automatically move assets that were
manually added to a policy to a different policy.
NOTE: If a Microsoft SQL Server is installed on a virtual machine, you can protect the Microsoft SQL Server database
with an application-consistent backup without interfering with the Microsoft SQL Server agent-based backup.
● When creating a policy, limit the number of database assets within the policy to under 500 and stagger the start time of
replication policies. These actions prevent potential replication failures.
● Before adding replication to a protection policy, ensure that you add remote protection storage as the replication location.
Add protection storage provides detailed instructions about adding remote protection storage.
● Before scheduling weekly, monthly, or yearly backups, ensure that the PowerProtect Data Manager time zone is set to the
local time zone.

80 Managing Protection Policies

Understanding backup technologies
PowerProtect Data Manager uses block-based backup technology when performing full or synthetic-full backups. The File
System agent scans a volume or disk and backs up every block on the file system that is allocated to it. If only data that has
changed is backed up, the block-based backup uses Changed Block Tracking.
Block-based backups support the following capabilities:
● High-performance backups with a predictable backup window
● Efficient backups of the deduplicated file systems used by PowerProtect DD
● Mounting of a backup as a file system
● Support for sparse-file backups
PowerProtect Data Manager uses traditional file-based backup technology when backing up a specific set of files or directories.
During these backups, the entire directory structure of the file system is traversed. These backups take longer to complete than
block-based backups.
NOTE: Applying an exclusion filter to a protection policy automatically results in a file-based backup. If you are backing up a
large file system, it might be more efficient to back up all the data instead. Alternatively, move the assets being filtered to a
different protection policy, allowing the remaining unfiltered assets to use a block-based backup.

Understanding backup terminology and managing backup frequency

When scheduling backups in a protection policy, be aware of the following:
● Different protection-policy types can use different terminology to describe available backup levels. This terminology can
differ not only between protection-policy types, but also from traditional terminology.
● To avoid high CPU usage that can lead to failure issues, do not schedule backups more often than recommended.
To understand the different backup levels to manage backup frequencies, see the following table.

Table 25. Backup terminology and frequency

Protection-policy Available backup Description Equivalent Recommended
types levels traditional minimum backup
terminology interval
VMware Full All the data is backed up. Full Monthly
application-aware
Synthetic Full Only the data that has A differential backup is 12 hours
changed since the last performed, followed by
synthetic-full or full backup a merge operation that
is backup up. An operation produces a full backup
to merge these changes with in storage.
the last synthetic-full or full
backup produces a full backup
in storage. Only the changed
blocks are copied over the
network, but the result is still
a full backup in storage.
Log The transaction logs are 30 minutes
backed up.
VMware crash- Full All the data is backed up. Full Monthly
consistent
Synthetic Full Only the data that has A differential backup is 12 hours
changed since the last performed, followed by
synthetic-full or full backup a merge operation that
is backed up. An operation produces a full backup
to merge these changes with in storage.
the last synthetic-full or full
backup produces a full backup
in storage. Only the changed
blocks are copied over the
network, but the result is still
a full backup in storage.

Managing Protection Policies 81

Table 25. Backup terminology and frequency (continued)
Protection-policy Available backup Description Equivalent Recommended
types levels traditional minimum backup
terminology interval
Kubernetes crash- Full The namespace metadata and Full Daily
consistent persistent volumes are backed
up.
Synthetic Full Only the data that has A combination 12 Hours
changed for persistent of full and
volumes on VMware first- differential backups
class disks since the last are performed,
synthetic-full or full backup followed by a
is backed up. The namespace merge operation that
metadata and all other produces a full backup
persistent volumes are backed in storage.
up in full. Although not all
the data is copied over the
network, the result is still a full
backup in storage.
File System Full All the data is backed up. Full Monthly
centralized
Synthetic Full Only the data that has A differential backup is 12 hours
changed since the last performed, followed by
synthetic-full or full backup a merge operation that
is backed up. An operation produces a full backup
to merge these changes with in storage.
the last synthetic-full or full
backup produces a full backup
in storage. Only the changed
blocks are copied over the
network, but the result is still
a full backup in storage.
Microsoft Full All the data is backed up. Full Weekly
Exchange Server
centralized Synthetic Full Only the data that has A differential backup is 12 hours
changed since the last performed, followed by
synthetic-full or full backup a merge operation that
is backed up. An operation produces a full backup
to merge these changes with in storage.
the last synthetic-full or full
backup produces a full backup
in storage. Only the changed
blocks are copied over the
network, but the result is still
a full backup in storage.
Microsoft SQL Full All the data is backed up. Full Daily
Server centralized
Differential Only the data that has A differential backup is 12 hours
changed since the last performed, followed by
differential backup or the last a merge operation that
full backup if there are no produces a full backup
other differential backups is in storage.
backed up.
Log The transaction logs are 30 minutes
backed up.
Network Attached Full All the data is backed up. Full Daily
Storage NOTE: It is
recommended to
perform a full backup
after updating to

82 Managing Protection Policies

Table 25. Backup terminology and frequency (continued)
Protection-policy Available backup Description Equivalent Recommended
types levels traditional minimum backup
terminology interval

PowerProtect Data
Manager 19.12.

Synthetic Full Only the data that has An incremental backup Daily
changed since the last is performed, followed
synthetic-full or full backup by a merge operation
is backup up. An operation that produces a full
to merge these changes with backup in storage.
the last synthetic-full or full
backup produces a full backup
in storage. Only the changed
files are copied over the
network, but the result is still
a full backup in storage.
Oracle centralized Full All the data is backed up. Full Daily
(Application Direct)
Incremental Only the data that has Differential 12 hours
Cumulative changed since the last level 0
full backup is backed up.
Incremental Only the data that Incremental 6 hours
Differential has changed since the
last incremental differential
backup or the last full
backup if there are no
other incremental differential
backups is backed up.
Log The archived logs are backed - 30 minutes
up.
Oracle centralized Full All the data is backed up. Full Daily
(Oracle Incremental
Merge) Synthetic Full Only the data that has A differential backup is 12 hours
changed since the last performed, followed by
synthetic-full or full backup a merge operation that
is backup up. An operation produces a full backup
to merge these changes with in storage.
the last synthetic-full or full
backup produces a full backup
in storage. Only the changed
files are copied over the
network, but the result is still
a full backup in storage.
Log The archived logs are backed - 30 minutes
up.
Block Volume Synthetic Full Backs up only the blocks An incremental backup 6 hours
that have changed since is performed, followed
the last synthetic-full or full by a merge operation
backup, and then performs that produces a full
an operation to merge backup in storage.
those changes with the last
synthetic-full or full backup in
order to produce a full backup
in storage. Only the changed
blocks are copied over the
network, but the result is still
a full backup in storage.

Managing Protection Policies 83

Table 25. Backup terminology and frequency (continued)
Protection-policy Available backup Description Equivalent Recommended
types levels traditional minimum backup
terminology interval
Snapshot Saves the state of the 15 minutes
volume or volume group and
all files and data within
it at a particular point in
time. Snapshots provide a
method of recovery for data
that has been corrupted or
accidentally deleted. You can
use snapshots to restore the
volume or volume group to a
previous state.

NOTE: In some situations, a full backup might be performed even though a synthetic-full backup was scheduled. Possible
reasons for a full backup include the following:
● There is no existing full backup.
● The size of a volume has changed.
● There has been a file path change.
● The asset host has been rebooted.
The backup frequency of log, differential, incremental-cumulative, incremental-differential, and incremental backups cannot be
greater than the backup frequency of either full or synthetic-full backups. If you attempt to add or edit a protection policy that
uses an invalid backup frequency, PowerProtect Data Manager prevents you from saving the protection policy. You can increase
the backup frequency of a protection poicy by scheduling more full or synthetic-full backups with different retention times to
meet your requirements.

Replication triggers
PowerProtect Data Manager orchestrates protection policy replication objectives independently of the primary backup. When
you add a replication objective to a policy, select one of the available triggers.
The default replication trigger is a schedule window that you define by setting a recurrence period plus start and end times.
Replication occurs during the defined window. For example, every day between 8 p.m. and 12 a.m.
You can also trigger replication immediately after the completion of the associated primary backup, whether scheduled or
manual. At the start of the primary backup, PowerProtect Data Manager generates an associated replication job that remains
queued until the end of the protection job. If the backup fails or completes with exception, the associated replication job is
skipped. Restarting the protection job queues the associated replication job again.
When you create a replication objective, you can specify either scheduled replication or replication after backup completion,
which is applicable to both centralized and self-service protection policies.
NOTE: For replication after backup completion, it is recommended that you update the application agents to the latest
version.

Depending on the type of backup, the following versions are required to ensure that replication occurs immediately after the
backups complete:

● For self-service primary backups, update all application agents to PowerProtect Data Manager version 19.12 or later.
● For centralized primary backups, update all application agents to PowerProtect Data Manager version 19.11 or later.
If you want to replicate only specific backups, perform a manual replication of these backups in advance.
Using a schedule can help you manage network traffic by replicating during off-peak hours. However, for larger backup sets, the
primary backup may not finish before the start of the replication schedule, which creates a replication backlog. Replication after
backup completion prevents a replication backlog from forming.
To prevent data loss, the replication after backup completion trigger replicates new backups from the primary objective and any
outstanding backups that have not yet replicated.

84 Managing Protection Policies

A job status of Completed with Exceptions during replication
After a triggered replication job, you might see a job status message similar to the following:

Completed with Exceptions

ABA0017: plc_linux_rac: Backup was successful for the ORACLE_DATABASE asset ORCLPP on
the host oracle.test.com but the copy metadata information is currently unavailable.

The backup of this asset completed successfully but the copy metadata information has
not yet been discovered by PowerProtect Data Manager. If the 'Replicate immediately upon
backup completion' option is enabled for this protection policy, the replication job
for the copy might appear in 'Unknown' or 'Cancel' state. Once the copy metadata is
discovered by PowerProtect Data Manager, the copy will be replicated.

Review the backup copy details in the View Copies pane of the PowerProtect Data Manager
UI Infrastructure > Assets window to determine when the discovery is complete.

If you see this message, the replication backup is not immediately available.
To correct this issue, either wait for the next automatic discovery or initiate a discovery.

Creating or editing a protection policy

You can use the PowerProtect Data Manager user interface to create a protection policy to protect an asset. You can also
change the details of an existing protection policy.

Creating a protection policy

You can create a protection policy to protect any of the following asset types. For more information, see the appropriate
publication.

Table 26. Protection-policy asset types

Asset type Publication
Block volumes PowerProtect Data Manager Storage Array User Guide
File System data PowerProtect Data Manager File System User Guide
Kubernetes cluster PowerProtect Data Manager Kubernetes User Guide
namespaces and PVCs
Microsoft Exchange Server PowerProtect Data Manager Microsoft Exchange Server User Guide
databases
Microsoft SQL Server PowerProtect Data Manager Microsoft SQL Server User Guide
databases
Network Attached Storage PowerProtect Data Manager Network-Attached Storage User Guide
(NAS) share and appliance
data
Oracle RMAN databases PowerProtect Data Manager Oracle RMAN User Guide
SAP HANA databases PowerProtect Data Manager SAP HANA User Guide
Virtual machines PowerProtect Data Manager Virtual Machine User Guide

Editing a protection policy

You can change any of the following information for an existing enabled or disabled protection policy:
● Policy name and description
● Adding or removing assets from the policy

Managing Protection Policies 85

● Backup and replication schedule
NOTE: You can delete any full or synthetic-full backup schedule except for the first one that was created. The first
backup schedule that is created cannot be deleted.
● Backup optimization mode
● Settings for network interface, storage target, storage unit, and retention lock
● Settings for Service Level Agreement (SLA), where supported
You cannot modify a protection policy type or purpose. For these actions, add a policy with the new type or purpose. Storage
quotas cannot be changed by editing a policy.
NOTE: Once you save changes for an enabled or disabled policy, most changes take effect immediately. For a disabled
policy's primary backup schedules, however, the changes do not take effect until you enable the policy again, since these
schedules do not run in Disabled state.

Modify a policy name and description, objectives, or options

The following procedure describes how to change an existing policy name and description, schedule and objectives, or additional
backup options in the PowerProtect Data Manager UI.

Prerequisites
If applicable, complete all of the virtual network configuration tasks before you assign any virtual networks to the protection
policy.

About this task

NOTE: You can also edit a protection policy to add or remove assets. Detailed instructions for adding assets to a policy or
removing assets from a policy are provided in the section Add or remove assets in a protection policy.

Steps
1. From the left navigation pane, select Protection > Protection Policies.
The Protection Policies window appears.
2. Select the protection policy that you want to modify, and click Edit.
The Edit Policy window opens on the Summary page. From this page, you can click edit next to any available row to
change specific policy details.
3. In the Name or Description rows, click Edit.
The Type page displays.
NOTE: You cannot change the type or purpose of an existing policy.
4. In the Objectives row, click Edit.
The Objectives page displays. From this page, you can change the backup schedule, modify the settings for the network
interface, and enable or disable the retention lock.
You can also change the storage targets by selecting a new Storage Name in the Primary Backup and Replicate rows.
For more information about changing storage targets, see the section Changing storage targets.
5. In the Options row, click Edit.
The Options page displays. From this page, you can change the backup optimization mode (for example, from Performance
to Capacity), select whether to include or exclude swap files from the backup, and select whether to quiesce the guest file
system during the backup.
NOTE: For virtual machine protection policies, two types of protection mechanisms are used—Transparent Snapshot
Data Mover (TSDM), and VMware vStorage API for Data Protection (VADP). Updates to the policy options can result
in changes to the protection mechanism used to move virtual machine data. When the protection mechanism changes, a
new, full backup is performed, which might take awhile to complete.
6. After making your changes, click Next to save the changes and return to the Summary page.
7. On the Summary page, click Finish.
An informational dialog displays.
8. Click OK to exit the dialog, or click Go to Jobs to open the Jobs window to monitor the backup of the new protection
policy.

86 Managing Protection Policies

Changing storage targets
A storage target consists of a protection storage system and associated storage unit. You can change the selected storage
target elements for each protection policy.
When you edit the primary backup and replication objectives for protection policies:
● The Storage Name drop-down list shows the current protection storage system. The drop-down list also contains other
protection storage systems that are available. Select Add to configure more protection storage.
● The Storage Unit drop-down list shows the storage unit that PowerProtect Data Manager targets on the selected
protection storage system. From this drop-down list, you can select other storage units under the control of PowerProtect
Data Manager. Select New to create a storage unit.
When you change the storage target, appropriately configure any dependencies. For example, configure a cloud provider for the
updated storage target in the dependent protection policy objective.
NOTE: Network interfaces that exist on a DD 7.4.x or earlier system and that are configured
to use an uncompressed IPv6 format cannot be discovered. An example of an uncompressed IPv6
format is 2620:0000:0170:0597:0000:0000:0001:001a. An example of a compressed IPv6 format is
2620:0:170:597::1:1a. To use these network interfaces, reconfigure them to use either an IPv4 address or a
compressed IPv6 address, and then initiate a discovery.

Impacts
Changing the primary objective storage target for some asset types may cause skipped backups until the next scheduled full
backup:
● VMware virtual machine application-aware
● SAP HANA
● Oracle RMAN
Perform a manual full backup for these policies. Manual backups of protected assets provides instructions.
The following asset types do not require additional action:
● VMware virtual machine crash-consistent
● Kubernetes
● Network Attached Storage (NAS)
● Block volumes
● Microsoft Exchange Server
● Microsoft SQL Server
● File systems
For these asset types, the next backup automatically becomes a full backup.
Replication objectives do not require additional action.

Protection storage
Managing Storage provides more information about working with protection storage, including configuring additional protection
storage systems and changing quota settings.
When reviewing the list of selected and available protection storage systems, consider the following:
● It is not recommended that policy objectives share protection storage systems because this configuration does not
increase data availability. However, some environments may require replicas with different retention periods, where multiple
objectives share a protection storage system.
● Only protection storage that has been licensed and configured for use by the current protection policy appears in the
drop-down list.
● Changing protection storage systems for Storage Group protection policies is not supported.

Managing Protection Policies 87

Storage units
Storage units provides more information about working with storage units, including applicable limitations and maintenance
considerations.
If you select New, PowerProtect Data Manager creates a storage unit for this protection policy. The new storage unit name
is based on the protection policy name plus an identifier. Storage units provides more instructions for changing the quota
configuration.
You can also select an existing storage unit under the control of PowerProtect Data Manager. The drop-down list displays the
available storage units on the selected protection storage system. If the storage unit name is truncated due to space limitations,
hover over the list entry to see the full storage unit name and quota information.
Changing storage units for Storage Group protection policies is not supported.

Redeploying storage targets

Redeploying the storage target of a protection policy results in duplicate entries after discovery unless a certain procedure is
followed.
To prevent duplicate entries of a redeployed storage target in the Replication Targets window, remove it from PowerProtect
Data Manager and any relevant protection policies before redeploying it. After the storage target has been redeployed, wait for
it to be discovered again, and then add it back to the relevant protection policies.

Replication to shared protection storage

To improve flexibility for external workflows and reduce infrastructure costs, PowerProtect Data Manager supports sharing
protection storage across multiple objectives.
To service workflows outside of PowerProtect Data Manager, you may require different retention periods for different replicas.
Since retention periods are set at the objective level, configuring different retention periods requires additional replication
objectives.
Under most circumstances, additional replication objectives target storage units that reside on different protection storage
systems. Replicating to separate protection storage provides additional data availability.
To support external workflows without requiring separate protection storage systems for each additional objective,
PowerProtect Data Manager supports targeting different storage units on the same protection storage system. To further
reduce costs, you can target the same protection storage system where the primary backup resides. In this case, the external
workflow provides the additional data safety.
NOTE:

Because PowerProtect Data Manager is unaware of external workflows, the UI issues a warning when you configure a
policy with multiple objectives that share the same protection storage system. This configuration is uncommon, so verify the
storage targets and the use case before you continue.

The UI also issues a warning where the selected storage unit is the source for any MTree replication workflow. This
workflow may belong to another application. Verify the storage targets before you continue. These notifications require
DDOS 7.7 or later.

Add or remove assets in a protection policy

Perform the following steps in the PowerProtect Data Manager UI to add or remove an asset in a protection policy.

About this task

When a protection policy is edited and new assets are added, backups for the new assets start from the next scheduled FULL
backup job for the protection policy.

Steps
1. From the left navigation pane, select Protection > Protection Policies.

88 Managing Protection Policies

The Protection Policies window appears.
2. Select the protection policy that you want to modify, and click Edit.
The Edit Policy window opens on the Summary page.
3. In the Assets row, click Edit.
The Assets page appears.
NOTE: For virtual machine protection policies, the view that you selected when creating the policy is retained in
this page, and cannot be changed. For example, if you set up this policy with View Asset Table selected, all assets
protected by this policy will display in a table on this page, and the option to select View by Host will be disabled. Both
views provide additional information about the virtual machines, such as any currently associated tags, protection rules,
and whether the virtual machine is already assigned to another policy, to help you identify which assets you want to add
or remove from this policy.
4. To remove containers or assets from the protection policy, select the object and click Remove.
The Assets page updates with the changes.
NOTE: When an asset is moved out of policy while a backup is in progress, PowerProtect Data Manager sets the
default retention period for that asset as 30 days. You can modify the retention period for that asset according to your
requirement.

5. To add a container or asset to the protection policy:

a. Click + Add.
The Add Unprotected Assets dialog displays any objects that are unprotected.
b. Select the individual unprotected assets that you want to add to the policy, or select a container level within the
hierarchy to add all assets within that level, and then click Add.
The Assets page updates with the changes.
6. Optionally, if you want to exclude non-production VMDKs such as network shares or test disks from a protection policy:
a. Select the virtual machine asset from the list, and then click Manage Exclusions in the Disk Excluded column.
The Exclude Disks dialog box appears. By default, the slider next to each VMDK is set to Included.
b. For each disk that you want to exclude, move the slider to the right. The status updates to Excluded.
c. Click Save. The Assets page updates to indicate the number of disks for that particular asset that will be excluded from
the protection policy.
7. Click Next to save the changes and go to the Summary page.
8. In the Summary page, click Finish
An informational dialog box appears.
9. Click OK to exit the dialog box, or click Go to Jobs to open the Jobs window to monitor the backup of the new protection
policy.

Troubleshooting protection policies configured with Backup via replica

When an asset assigned to a protection policy is configured with the Backup via replica setting and the replica asset source
has been deleted, backups of the asset fail, but the error message displayed does not provide a reason for the failure.
To resolve this issue, first verify that the replica asset source has been deleted. If the asset source has been deleted, move the
primary asset to a different policy to perform the backup through the primary array.

Edit the retention period for backup copies

You can edit the retention period of one or more backup copies to extend or shorten the amount of time that backups are
retained.

About this task

You can edit retention for all asset types and backup types, except block volumes.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.

Managing Protection Policies 89

2. On the Assets window, select the tab for the asset type for which you want to edit retention. If a policy has been assigned,
the table lists the assets that have been discovered, along with the associated protection policy.

Use the icons to switch between a tree view of the vCenter server hierarchy, or a list view of all virtual machine
assets discovered within the vCenter server.
NOTE: For virtual machine assets, you can click the link in the Disk Excluded column next to a virtual machine asset to
view VMDKs that have been excluded from the protection policy. You cannot, however, edit disk inclusion or exclusion
from this window. To change the disks that are excluded for a protected asset, select the policy from the Protection
Policies window and click Edit.

3. Select a protected asset from the table, and then click View Copies. The Copy Locations pane identifies where the
backups are stored.
4. Click next to the asset type icon. The table in the right pane lists the backup copies.
5. Select one or more backup copies from the table and click Edit Retention.
NOTE: If the deletion of an asset backup copy fails, the Copy Status is changed from Available to another state, and
as a result the Edit Retention button is disabled. The Edit Retention button is enabled only when the Copy Status is
Available.

6. Choose one of the following options:

● To select a calendar date as the expiration date for backups, select Retention Date.
● To define a fixed retention period in days, weeks, months, or years after the backup is performed, select Retention
Value. For example, you could specify that backups expire after 6 months.
● To override the retention lock for the backup copy, select Disable Retention Lock Governance. Overriding the
retention lock allows you to reduce the retention period or to delete the backup copy before its expiration date.
NOTE: When you edit the retention period for copies that are retention locked and you do not select Disable
Retention Lock Governance, you can only extend the retention period.

7. When satisfied with the changes, click Save.

The asset is displayed in the list with the changes. The Retention column displays both the original and new retention
period, and indicates whether the retention period has been extended or shortened.

Viewing a summary of protection policies

You can use the PowerProtect Data Manager UI to view a summary of information about a protection policy.
From the left navigation pane, select Protection > Protection Policies to view the Protection Policies window.
The Protection Policies window displays the following columns of information for each protection policy.
● Name
● Category
● Asset Type
● Protected Asset Size
● Last run status
● Violations
● State
The entries in the Name and Last Run Status columns are links to additional information about the related protection policy.

View assets assigned to a protection policy

You can view assets that are assigned to a protection policy. If assets move from one protection policy to another, you can
verify the results from the details window for the protection policy.

About this task

To view the assets that are assigned to a protection policy, complete the following steps:

90 Managing Protection Policies

Steps
1. From the left navigation pane, select Protection > Protection Policies.
The Protection Policies window opens.
2. Click the name link of the protection policy to view its details.
The details window for the selected protection policy opens and displays information about the policy.
3. Click the asset count link next to Assets.
The Assets window appears and displays the assets that are assigned to the protection policy.
4. To export asset records for the protection policy, in the Assets window, click Export All.

View the status of the last-run job of a protection policy

You can use the Protection Policies window to determine if the last-run job of a protection policy was successful.

About this task

To view the status of the last-run job of a protection policy, complete the following steps:

Steps
1. From the left navigation pane, select Protection > Protection Policies.
The Protection Policies window opens.
2. Review the information displayed in the Last Run Status column for the protection policy.
3. Optionally, click the last-run status link of the protection policy to view the Protection Jobs window for more information
about the job .
NOTE: The Protection Jobs window displays only the most recently run protection jobs. To view the most recently run
system jobs, select Jobs > System Jobs from the left navigation pane to view the System Jobs window.

Run an asset-protection report

This option enables you to run an asset-protection report and save the report in CSV format so that you can download an Excel
file of protection results data.

Steps
1. From the PowerProtect Data Manager UI, select Protection > Protection Policies.
2. Select the protection policy for which you would like to export the protection records.
If you do not select a protection policy, PowerProtect Data Manager exports the protection records for all the protection
policies.
3. Click Run Asset Protection Report.
The Export Asset Protection window appears.
4. Specify the following fields for the export:
a. The Time Range.
The default is Last 24 hours.
This refers to the last complete midnight-to-midnight 24-hour period; that is, yesterday. So, any events that have
occurred since the most recent midnight are not in the CSV export. For example, if you run the CSV export at 9am, any
events that have occurred in the last 9 hours are not in the CSV export. This is to prevent the overlapping of or partial
exporting when queried mid-day on a regular or irregular basis.
b. The Job Status.
c. Click Download.
If applicable, the navigation window appears for you to select the location to save the .csv file.
5. If applicable, save the .csv file in the desired location and then click Save.

Managing Protection Policies 91

Add a service-level agreement
SLA Compliance in the PowerProtect Data Manager UI enables you to add a service-level agreement (SLA) that identifies your
service-level objectives (SLOs). You use the SLOs to verify that your protected assets are meeting the service-level agreements
(SLAs).

About this task

NOTE: When you create an SLA for Cloud Tier, you can include only full backups in the SLA.

NOTE: The Extended Retention objective was removed in PowerProtect Data Manager 19.12. Protection policies that
were created in earlier releases with the Extended Retention SLA are unsupported in releases 19.15 and later. The Dell
Knowledge Base article KB204454 provides more information about migrating these policies.
In the SLA Compliance window, you can export compliance data by using the Export All functionality.

Steps
1. From the PowerProtect Data Manager UI, select Protection > SLA Compliance.
The SLA Compliance window appears.
2. Click Add or, if the assets that you want to apply the SLA to are listed, select these assets and then click Add.
The Add Service Level Agreement wizard appears.
3. Select the type of SLA that you want to add, and then click Next.
● Policy. If you choose this type, go to step 4.
● Backup. If you choose this type, go to step 5.
● Replication. If you choose this type, go to step 6.
● Cloud Tier. If you choose this type, go to step 7.
You can select only one type of Service Level Agreement.
4. If you select Policy, specify the following fields regarding the purpose of the new Policy SLA:
a. The SLA Name.
b. If applicable, select Minimum Copies, and then specify the number of Backup, Replication, and Cloud Tier copies.
c. If applicable, select Maximum Copies, and then specify the number of Backup, Replication, and Cloud Tier copies.
d. If applicable, select Available Location and then select the applicable locations. To add a location, click Add Location.
Options include the following:
● In—Include locations of all copies in the SLO locations. Selecting this option does not require every SLO location to
have a copy.
● Must In—Include locations of all copies in the SLO locations. Selecting this option requires every SLO location to
have at least one copy.
● Exclude—Locations of all copies must be non-SLO locations.
NOTE: Policy files backed up on a storage unit with indefinite retention hold (IRH) enabled cannot be deleted or
modified, even after retention lock expiry. It is recommended that you do not select the Maximum Copies option,
because it conflicts with IRH. Otherwise, the SLA does not complete successfully when the number of copies
exceeds the specified number.

e. If applicable, select Allowed in Cloud through Cloud Tier/Cloud DR.

f. Click Finish, and then go to step 9.
5. If you select Backup, specify the following fields regarding the purpose of the new Backup SLA:
a. The SLA Name.
b. If applicable, select Recovery Point Objective required (RPO), and then set the duration. The purpose of an RPO is
business continuity planning. It indicates the maximum targeted period in which data (transactions) might be lost from an
IT service due to a major incident.
NOTE: You can select only Recovery Point Objective required to configure as an independent objective in the
SLA, or select both Recovery Point Objective required and Compliance Window for copy type. If you select
both, the RPO setting must be one of the following:
● Greater than 24 hours or more than the Compliance window duration, in which case RPO validation occurs
independent of the Compliance Window.

92 Managing Protection Policies

● Less than or equal to the Compliance Window duration, in which case RPO validation occurs within the
Compliance Window.

c. If applicable, select Compliance Window for copy type, and then select a schedule level from the list, for example,
All, Full, Cumulative, and then set the duration. Duration indicates the amount of time necessary to create the backup
copy. Ensure that the Start Time and End Time of backup copy creation falls within the Compliance Window duration
specified.
This window specifies the time during which you expect the specified activity to take place. Any specified activity that
occurs outside of this Start Time and End Time triggers an alert.
d. If applicable, select Verify expired copies are deleted.
Verify expired copies are deleted is a compliance check to see if PowerProtect Data Manager is deleting expired
copies. This option is disabled by default.
NOTE: Data that is backed up on a storage unit with IRH enabled cannot be deleted or modified, even after
retention lock expiry. It is recommended that you do not select Verify expired copies are deleted, because it
conflicts with IRH. Otherwise, the SLA does not complete successfully.

e. If applicable, select Retention Time Objective, and then specify the number of Days, Months, Weeks, or Years.
NOTE: The value of Retention Time Objective must match the lowest retention value of the backup levels of the
target objectives of this policy. For example, if the synthetic full backup Retain For is 30 days but the full backup
Retain For is 60 days, set the Retention Time Objective to 30 days.

f. If applicable, select Verify Retention Lock is enabled for all copies.

Verify Retention Lock is enabled for all copies is a compliance check to see if PowerProtect Data Manager is using
retention locking. This option is disabled by default.
g. Click Finish, and then go to step 9.
The SLA Compliance window appears with the new SLA.
6. If you select Replication, specify the following fields regarding the purpose of the new Replication SLA:
a. The SLA Name.
b. If applicable, select the Compliance Window, and then specify the Start Time and End Time.
This window specifies the times that are permissible and during which you can expect the specified activity to occur. Any
specified activity that occurs outside of this start time and end time triggers an alert.
c. If applicable, select Verify expired copies are deleted.
Verify expired copies are deleted is a compliance check to see if PowerProtect Data Manager is deleting expired
copies. This option is disabled by default.
NOTE: Data that is replicated on a storage unit with IRH enabled cannot be deleted or modified, even after retention
lock expiry. It is recommended that you do not select Verify expired copies are deleted, because it conflicts with
IRH. Otherwise, the SLA does not complete successfully.

d. If applicable, select Retention Time Objective, and then specify the number of Days, Months, Weeks, or Years.
NOTE: Set the value of Retention Time Objective to match the lowest retention value of the backup levels of the
target objectives of this policy.

e. If applicable, select Verify Retention Lock is enabled for all copies.

Verify Retention Lock is enabled for all copies is a compliance check to see if PowerProtect Data Manager is using
retention locking. This option is disabled by default.
f. Click Finish, and then go to step 9.
The SLA Compliance window appears with the newly added SLA.
7. If you select Cloud Tier type SLA, specify the following fields regarding the purpose of the new Cloud Tier SLA:
a. The SLA Name.
b. If applicable, select Verify expired copies are deleted.
This option is a compliance check to determine if PowerProtect Data Manager is deleting expired copies. This option is
disabled by default.
c. If applicable, select Retention Time Objective and specify the number of Days, Months, Weeks, or Years.
NOTE: Set the value of Retention Time Objective to match the lowest retention value of the backup levels of the
target objectives of this policy.

d. If applicable, select Verify Retention Lock is enabled for all copies.

Managing Protection Policies 93

Verify Retention Lock is enabled for all copies is a compliance check to see if PowerProtect Data Manager is using
retention locking. This option is disabled by default.
e. Click Finish.
8. If the SLA has not already been applied to a protection policy:
a. Go to Protection > Protection Policies.
b. Select the policy, and then click Edit.
9. In the Objectives row of the Summary window, click Edit.
10. Do one of the following, and then click Next:
● Select the added Policy SLA from the Set Policy Level SLA list.
● Create and add the SLA policy from the Set Policy Level SLA list.
The Summary window appears.
11. Click Finish.
An informational message appears to confirm that PowerProtect Data Manager has saved the protection policy.
12. Click Go to Jobs to open the Jobs window to monitor the backup and compliance results, or click OK to exit.
NOTE: Compliance checks occur automatically every day at 2 a.m. Coordinated Universal Time (UTC). If any objectives
are out of compliance, an alert is generated at 2 a.m. UTC. The Validate job in the System Jobs window indicates the
results of the daily compliance check.
For a backup SLA with a required RPO setting that is less than 24 hours, PowerProtect Data Manager performs real-time
compliance checks. If you select Compliance Window for copy type and set the backup level to All, the real-time
compliance check occurs every 15 minutes only within the compliance window. If the backup level is not All, or if a
compliance window is not specified, the real-time compliance check occurs every 15 minutes without stop.
NOTE: If the backup SLA has a required RPO setting of 24 hours or greater, compliance checks occur daily at 2 a.m.
UTC. Real-time compliance checks do not occur for backup SLAs with an RPO setting of 24 hours or greater.
Real-time compliance-check behavior
If the asset was not backed up within the RPO backup interval requirement, an alert indicates that the RPO of the asset
is out of compliance. This alert is generated once within an RPO period. If the same backup copy is missed when the next
compliance check occurs, no further alerts are generated.
If the asset was backed up within the RPO backup interval requirement, the RPO of the asset is in compliance.
If multiple assets in a policy are out of compliance, a single alert is generated. This alert includes information for all the assets
in the policy. In the Alerts window, the asset count next to the alert summary indicates the number of assets that are out of
compliance in the policy.

13. In the Jobs window, click next to an entry to view details on the SLA Compliance result.

Run a compliance report

This option enables you to run a compliance report and save the report in CSV format so that you can download an Excel file of
compliance results data.

Steps
1. From the PowerProtect Data Manager UI, select Protection > SLA Compliance.
The SLA Compliance window appears. The PowerProtect Data Manager SLA Compliance window displays the following
information:
● SLA Name
● Stage Type
● Policies At Risk
● Objectives Out of Compliance
● Impacted Assets
2. Select the SLA for which you would like to export the compliance records.
3. Click Run Compliance Report.
The Run Compliance Report window appears.
4. Specify the following fields for the export:

94 Managing Protection Policies

a. The Time Range.
The default is Last 24 hours.
This refers to the last complete midnight-to-midnight 24 hour period; that is, yesterday. So, any events that have
occurred since the most recent midnight are not included in the CSV export. For example, if you run the CSV export
at 9am, any events that have occurred in the last 9 hours are not included in the CSV export. This is to prevent the
overlapping of or partial exporting when queried mid-day on a regular or irregular basis.
b. The Job Status.
c. Click Download .CSV.
If applicable, the navigation window appears for you to select the location to save the .csv file.
5. If applicable, save the .csv file in the desired location and click Save.

Disable a protection policy

From the PowerProtect Data Manager UI, you can disable a protection policy to temporarily stop running certain backup
objectives of this policy.

About this task

There are several reasons why you might want to disable a protection policy. For example, by disabling a policy, you can:
● Edit the policy and determine the impact of your changes before these changes take effect.
● Stop backup activity on primary storage if the storage is in maintenance or is temporarily unavailable (for example, during a
storage upgrade).
By default, disabling a centralized protection policy stops the primary backup objectives of this policy, including synthetic full
backups, full backups, and so on. Any replication and cloud tier objectives, however, continue to run while the policy is disabled.
You can also perform manual primary backups of a policy that is in Disabled state by using the Protect Now functionality in the
PowerProtect Data Manager UI.
You can modify the default behavior to make changes regarding which jobs continue to run when a policy is disabled by
using System Level overwrites in the REST API. The PowerProtect Data Manager Public REST API documentation provides
instructions.
When a protection policy is disabled, you can edit the policy in the same manner that you would edit an enabled policy. The
advantage of editing a policy in Disabled state is that you can preview the changes before resuming primary backups of the
policy. Creating or editing a protection policy provides more information about modifying the details of an existing policy.

Steps
1. From the left navigation pane, select Protection > Protection Policies.
The Protection Policies window opens.
2. Select one or more policies in Enabled state. You can also select the checkbox at the top of the table to select all policies on
the current page.
3. Click Disable.

Results
The policy status changes to Disabled. In Disabled state:
● In progress primary backup jobs that are associated with this policy continue to run until complete. If primary backups are
scheduled to run during the time that the policy is disabled, those backups do not run, even when you enable the policy
again. When you re-enable the policy, future scheduled backups resume.
● All other protection jobs for the policy continue to run according to schedule, unless no primary backup copy exists for the
policy. In this case, protection jobs are skipped.
● Manual backups of primary objectives can still be performed.

Managing Protection Policies 95

Protection jobs running for a disabled policy
When a protection policy is disabled, only protection jobs related to the primary backup objectives stop running.
The following table provides information about the types of protection jobs that continue to run when a policy is in Disabled
state. The column System level ovewrite? indicates whether the default behavior for this job can be overwritten by using the
API command. Note, however, that when a policy is disabled, the setting for at least one of these jobs must remain disabled.
NOTE: If no primary backup copy exists for the disabled policy, other scheduled protection jobs such as replication will
display as Skipped in the Protection Jobs window of the PowerProtect Data Manager UI.

Table 27. Protection jobs running when a policy is disabled

Job category Purpose Runs when policy is System level overwrite?
disabled?
Centralized scheduled primary Create a primary backup No Yes
protection
Manual backup and replication ● Create a primary backup Yes No
(Protect Now, Replicate (Protect Now)
Now) ● Replicates primary backup
(Replicate Now)
Self-service protection Create a primary backup Yes No
Policy and asset configuration Prepare for protection or Yes No
copy management jobs
Replication Copy management (location) Yes Yes
Cloud DR Copy management (location) Yes Yes
Cloud Tier Copy management (location) Yes Yes
SLA compliance verification Copy management (report Yes Yes
and alert)
Delete expired copy Copy management (reclaiming Yes Yes
space on DD)

Enable a disabled protection policy

To reenable a disabled policy, perform the following steps:

Steps
1. From the PowerProtect Data Manager UI, select Protection > Protection Policies.
2. Select one or more policies in Disabled state. You can also select the checkbox at the top of the table to select all policies
on the current page.
3. Click Enable.

Results
The status changes to Enabled. Primary backups for the reenabled policies resume according to the protection policy schedule.

Customize the default behavior of disabled policies

By default, a protection policy in Disabled state prevents the primary backup objectives of this policy from running, but does
not stop other protection jobs. You can, however, change the default behavior to also stop other activities, such as replication
and cloud tiering, by using the REST API.
The PowerProtect Data Manager Public REST API documentation provides instructions.

96 Managing Protection Policies

Delete a protection policy
Perform the following steps to delete a protection policy that is not protecting any assets.

Prerequisites
If the policy you want to delete protects assets, you must associate those assets with a different protection policy before you
can delete the policy.

Steps
1. From the PowerProtect Data Manager UI, select Protection > Protection Policies.
2. Select the policy that you want to delete, and then click Delete.

Results
After you delete a policy, clean-up of unnecessary components within protection storage occurs automatically according to
schedule. Clean-up includes storage units under the control of PowerProtect Data Manager and the corresponding DD Boost
users, according to the rules for storage units.

Overview of PowerProtect Data Manager Cloud Tier

The PowerProtect Data Manager Cloud Tier feature works in tandem with the Cloud Tier feature of DD systems to move
PowerProtect Data Manager backups to the cloud. This provides long-term storage of PowerProtect Data Manager backups by
seamlessly and securely tiering data to the cloud.
From the PowerProtect Data Manager UI, you configure Cloud Tier to move PowerProtect Data Manager backups from
protection storage to the cloud, and you can perform seamless recovery of these backups.
Cloud storage units must be pre-configured on the protection storage system before they are configured for Cloud Tier in the
PowerProtect Data Manager UI. The DDOS Administration Guide provides further information.

Add a Cloud Tier objective to a protection policy

For some protection policy types, you can add a Cloud Tier objective to a protection policy in order to move local full backups to
Cloud Tier after a predefined number of days.

Prerequisites
● Ensure that a protection storage system is set up for Cloud Tiering, with the system passphrase set.
● Cloud storage units must be pre-configured on the protection storage system before they are configured for Cloud Tier in
the PowerProtect Data Manager UI.
● A data movement schedule must be configured and running on the cloud storage unit.
● The Cloud Tier objective can be added to the Primary Backup and Replicate objectives. The Primary Backup and
Replicate objectives should be using the protection storage system that is set up for Cloud Tiering

About this task

Cloud Tiering happens at 00:00 UTC each day. Depending on your time zone, this time may be within business hours and thus
Cloud Tiering may impact available network bandwidth. Cloud Tiering applies to both centralized and self-service protection
policies.

Steps
1. Log in to the PowerProtect Data Manager user interface as a user with the Administrator role.
2. From the PowerProtect Data Manager UI, select Protection > Protection Policies, and then click Add.
The Add Policy wizard appears.
3. On the Type page, enter a name and description, select the type of system to back up, and click Next.
The following protection policy types support Cloud Tiering:

Managing Protection Policies 97

● Virtual machine
● Microsoft SQL Server
● Microsoft Exchange Server
● Network Attached Storage (NAS)
● Oracle
● SAP HANA
● File System
● Kubernetes
● Block volume
4. On the Purpose page, select from the available options to indicate the purpose of the new protection policy, and then click
Next.
5. On the Assets page, select the assets that you want to protect with this policy, and then click Next.
6. On the Objectives page, click Add under Primary Backup if the primary backup objective is not already created, and fill
out the fields in the Target and Schedules panes on the Add Primary Backup dialog.
NOTE: There is no minimum recurrence required for the Cloud objective, however, the Cloud Tier objective requires a
minimum retention period of 14 days in the Retain for field.

7. Click Cloud Tier next to Primary Backup or, if adding a Cloud objective for a replication objective that you have added,
click Cloud Tier under Replicate.
An entry for Cloud Tier is created to the right of the primary backup objective, or below the replication objective.
8. Under the entry for Cloud Tier, click Add.
The Add Cloud Tier Backup dialog appears, with summary information for the parent node. This information indicates
whether you are adding this Cloud Tier objective for the primary backup objective or the replication objective.
9. In the Add Cloud Tier Backup dialog box, set the following parameters and then click Save:
● Select one or more of the upstream full backups.
● Select the appropriate Cloud Unit from the Cloud Target list.
● For Tier After, set a time of 14 days or more.
The protection policy is now enabled with Cloud Tiering.
NOTE: If the retention period of a copy is less than the time specified in the Tier After field, and you do not edit the
Retain for value of this schedule or its copy to a value greater than the Tier After field before the retention period of
the copy expires, the copy will not be cloud tiered.
10. Click Next to proceed with the remaining pages of the Add Policy wizard, verify the information, and then click Finish.
A new job is created, which you can view under the Jobs tab after the job completes.

Manage Cloud Tier asset copies

You can manage Cloud Tier copies of assets by changing copy retention time, deleting copies, and recalling copies.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
2. Select an asset and click View Copies.
3. Click an asset copy icon.
Cloud Tier backups are listed by cloud storage in the Location column.
4. To change how long copies remain in cloud storage, complete the following steps:
a. Select a Cloud Tier backup and click Edit Retention.
b. Choose one of the following options:
● To select a calendar date as the expiration date for backups, select Retention Date.
● To define a fixed retention period in days, weeks, months, or years after the backup is performed, select Retention
Value. For example, you could specify that backups expire after 6 months.
● To override the retention lock for the backup copy, select Disable Retention Lock Governance. Overriding the
retention lock allows you to reduce the retention period or to delete the backup copy before its expiration date.
c. When satisfied with the changes, click Save.
The asset is displayed in the list with the changes. The Retention column displays both the original and new retention
period, and indicates whether the retention period has been extended or shortened.

98 Managing Protection Policies

NOTE: When you edit the retention period for copies that are retention locked and you do not select Disable
Retention Lock Governance, you can only extend the retention period.

5. To delete the copy in cloud storage, select a Cloud Tier backup and click Delete. To delete the copy records from
the PowerProtect Data Manager database while the copy remains in the protection storage, select Remove from
PowerProtect.
Delete backup copies and Remove Exchange, File System, Kubernetes, Block Volume, and SQL backup copies from the
PowerProtect Data Manager database provides more information.
6. Select a Cloud Tier backup and click Recall from Cloud to return the cloud backup to your local protection storage for
recovery or backup.
NOTE: If you use Amazon's network to copy data from AWS storage, Amazon charges you for the data transfer.

7. To extend the date to retier the copy back to the cloud, select Edit Recall Retention.
8. To manually move a copy back to cloud storage, select Retier.

Restore Cloud Tier backups to protection storage

Once a Cloud Tier backup is recalled, restore operations of these backups are identical to normal restore operations.
The PowerProtect Data Manager software recalls a copy of the backup from the Cloud Unit to the local (active) tier of
protection storage, which then allows you to perform a restore of the backup from the active tier to the client. The status
appears as Cloud, and changes to Local Recalled after cloud recall completes. After the restore, the backup copy is removed
from Cloud Tier, and is stored on the active tier of protection storage for a minimum of 14 days, after which the backup may be
returned to the cloud depending on your protection policy.

Recall and restore from Cloud Tier

Perform the following steps to recall a backup on Cloud Tier to the active tier on protection storage and restore this backup.

Prerequisites

NOTE: When a backup is recalled from Cloud Tier to the active tier, the copy is removed from Cloud Tier.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
2. On the Assets window, select the tab that contains the asset you want to recall from Cloud Tier, and then click View
Copies.
3. Click DD, and then select from one of the available copies that appear in the table.
4. Click Recall.
The Recall from Cloud dialog box appears.
5. In the Retain until box, specify how long you want to keep the copy on the active tier, and then click OK.
6. Go to the Jobs window to monitor the recall operation.
When the copy has been moved successfully, the Location changes from Cloud to Local.
7. Select Restore > Assets, and then select the tab that contains the recalled asset.
8. Select the recalled asset, and then click Restore.
NOTE: If you are unsure whether the asset has been recalled, click View Copies and select DD to view the available
backup copies. If the asset backup is a recalled copy, the Status column indicates Local Recalled.

9. Select the recalled copy to re-tier the copy to the active tier.

Managing Protection Policies 99

Extended retention for protection policies created in
PowerProtect Data Manager 19.11 or earlier
Extended retention is unsupported in PowerProtect Data Manager releases 19.15 and later. This functionality has been replaced
by the ability to add multiple Full schedules with longer durations to a protection policy.
If there are one or more existing protection policies with Extend Retention objectives configured, or there are Extended
Retention service level agreements (SLAs) configured, updating to PowerProtect Data Manager 19.15 cannot be completed.
Before updating, modify existing protection policies to remove Extend Retention objectives and Extended Retention SLAs.
The Dell Knowledge Base article KB204454 provides more information about migrating Extend Retention objectives to multiple
Full schedules.

Manual backups of protected assets

Once assets have been added to a protection policy, you can perform manual backups by using the Protect Now functionality
in the PowerProtect Data Manager UI.

About this task

You can use a single manual backup from the Protection > Protection Policies window to back up multiple assets that are
protected in the designated protection policy. The protection policy can be enabled or disabled, but its purpose must not be
Exclusion or Self-Service Protection.
When a virtual machine is part of an application-aware protection policy, the manual backup is a full application-aware backup.
The manual backup is managed by other configured objectives (replication, Cloud Tier, Cloud DR) of the parent protection
policy. Other properties, such as retention lock, storage target, quotas, and network interfaces, are inherited from the parent
protection policy. Jobs managed by this protection policy, such as replication, cloud tiering, and Cloud DR, continue to run after
the manual backup job completes.

Steps
1. From the left navigation pane, select Protection > Protection Policies.
The Protection Policies window appears.
2. Select the protection policy that contains the assets that you want to back up, and click Protect Now.
The Protect Now wizard appears.
3. On the Assets Selection page, select whether you want to back up all assets or choose individual assets that are defined in
the protection policy, and then click Next.
If you selected the option to choose individual assets for manual backup instead of all assets, the Assets page appears with
the individual assets available for selection.
a. Select the assets that you want to include in the manual backup, and then click Next to display the Configuration page.
If you selected to back up all assets, the Configuration page appears.
4. On the Configuration page, select Back up now, and then select from the available backup types.
5. Edit the retention period if you want to change the default settings, and then click Next.
The default settings are inherited from the primary backup objective of the parent protection policy.
6. You can select Troubleshooting mode to enable debug logging, and then select the level of logging to use:
● Info—Includes information such as status changes. This is the default log level for scheduled backups and restores.
● Debug—Additional information that helps with problem diagnosis.
● Trace—The most detailed amount of information for complex problem diagnosis.
7. On the Summary page, review the settings and then click Protect Now.
A notification appears indicating whether the request was processed successfully.

100 Managing Protection Policies

Manual backups of a single protected asset
You can also perform a manual backup from the Infrastructure > Assets window, but only for one asset at a time.

About this task

Review the information at Manual backups of protected assets. The protection policy can be enabled or disabled, but its purpose
must not be Exclusion or Self-Service Protection. This task creates a full backup for the selected asset.

Steps
1. From the left navigation pane, select Infrastructure > Assets.
The Assets window appears.
2. Select the tab for the asset type you want to back up.
A list of assets appears.
3. Select an asset from the table that has an associated protection policy.
4. Click Back Up Now.
A notification appears indicating whether the request was processed successfully.

Manual replication of protected assets

You can replicate one or more protected assets within a protection policy by using the Protect Now functionality in the
PowerProtect Data Manager UI. Replication can include all assets which are defined on the protection policy or a subset of
these assets. After you select assets, you can replicate all backups or a subset of backups.

Prerequisites
The protection policy purpose must not be Exclusion, and the policy must already be configured with a replication objective.
You can only manually replicate the replication objectives for the primary backup.

About this task

Replicating a subset of backups is useful when the replication backlog is too large to catch up. For example, when the
destination was offline for an extended period or where bandwidth and capacity issues prevent a full replication during the
available window.
If the backlog is too large, you can ensure that the destination receives the most recent backups first. You can also reduce the
backlog by skipping the future replication of backups that are too old to match the selection criteria.

Steps
1. From the PowerProtect Data Manager UI, select Protection > Protection Policies.
2. Select the protection policy that contains the assets that you want to replicate, and click Protect Now.
The Protect Now wizard opens to the Assets Selection page.
3. Select whether you want to replicate All Assets or a Custom selection of assets.
● If you selected All Assets, click Next.
● If you selected Custom, a list appears from which you can select individual assets. You can see these assets in tree view
or list view.
a. Select the assets that you want manually replicate, and then click Next.
The Configuration page appears.
4. Select Replicate Now.
5. Select a destination storage target from the Storage Name and Storage Unit drop-down lists.
The selection of storage system and storage unit from these drop-down lists corresponds to the associated replication
objective for the primary backup. In some cases, a protection storage system may have more than one storage unit for this
policy.
The wizard loads the default settings from the protection policy.
6. If you want to change the default settings:
● You can configure different retention periods for all applicable backup types, or configure the same retention period for
all backup types.

Managing Protection Policies 101

● The default retention period settings are inherited from the settings in the corresponding replication objective of the
protection policy.
● For VMDM, File System, Microsoft Exchange Server, and NAS assets, the retention period for full and synthetic full
backups should be the same value.
a. Select or clear Set the same retention time for all replicated copies.
b. Edit the retention period for all applicable backup types.
c. Resolve any conflicts or errors, as indicated by the and symbols.
7. Select whether you want to replicate All Copies or a Custom subset of backups.
If you selected Custom, additional options appear:
a. To replicate recent backups by time, select the first option and then type the number of days.
b. To replicate a specific number of recent backups, select the second option and then type the number of backups.
c. (Optional) To remove all nonmatching backups from the replication backlog for this objective, select Do not replicate
copies outside the selection and mark them as skipped.
PowerProtect Data Manager excludes any skipped backups from future replication activities by this objective. This
decision is permanent and the wizard prompts for confirmation.
If the chain for the selected backups has not already replicated, the resulting activity replicates the chain from the last full
backup to the selection.
NOTE: Manual replication of a FULL backup for any asset type with a dependency chain (for example, a backup that
includes transaction logs) is skipped when the FULL copy has already been replicated, even if the dependencies have
not yet been replicated. To replicate any of these dependencies in the backup chain, wait for the scheduled replication,
or perform a manual replication with the All Copies option selected instead of the Custom option.

8. (Optional) Click Select Replication and then repeat the previous steps to configure manual replication for additional
replication policy objectives.
9. Click Next.
10. On the Summary page, review the settings and then click Protect Now.
A notification appears indicating whether the request was processed successfully.

Manual Cloud Tiering of protected assets

Once you add assets to a protection policy that contains a Cloud Tier objective, you can perform a manual tiering of these
assets by using the PowerProtect Data Manager UI.

NOTE: Manual Cloud Tiering of a copy set requires the related protection policy to have a Cloud Tier objective.

To perform on-demand Cloud Tiering:

1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
2. On the Assets window, select the tab for the asset type you want to tier. A list of assets appears.
3. Select an asset from the table that has an associated protection policy, and then click View Copies.
NOTE: You can only select one asset at a time, and the protection policy that is associated with the asset cannot be an
exclusion policy.
4. In the left pane, click to the right of the icon for the asset to display the available backup copies in the right pane.
5. Select a backup copy, and then click Tier. A notification appears indicating whether the request was processed successfully.
Go to the Jobs window to monitor the progress of the tiering operation.

Delete backup copies

In addition to deleting backups after the retention period expires, PowerProtect Data Manager enables you to manually delete
backup copies from protection storage.

About this task

If you no longer require a backup copy and retention locking is not enabled, you can delete the backup copy prior to its
expiration date. If retention locking is enabled, you must first override the retention lock of the backup copy from the Edit
Retention wizard of the Infrastructure > Assets window.

102 Managing Protection Policies

You can perform a backup copy deletion that deletes only a specified part of a backup copy chain, without impacting the ability
to restore other backup copies in the chain. When you select a specific backup copy for deletion, only that backup copy and the
backup copies that depend on the selected backup copy are deleted. For example, when you select to delete a full backup copy,
any other backup copies that depend on the full backup copy are also deleted.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
2. From the Assets window, select the tab for the asset type for which you want to delete copies. If a policy has been
assigned, the table lists the assets that have been discovered, along with the associated protection policy.
3. Select a protected asset from the table, and then click View Copies. The Copy Locations pane identifies where the
backups are stored.
4. Click next to the asset type icon. The table in the right pane lists the backup copies.
5. Select one or more copies from the table that you want to delete from the DD system, and then click Delete.
A preview window opens and displays the selected backup copies.
NOTE: For assets with backup copies that are chained together such as Microsoft SQL Server databases, Oracle
databases, SAP HANA databases, and application-aware virtual machines, the preview window lists all the backup copies
that depend on the specified backup copy. If you delete a backup copy, PowerProtect Data Manager deletes the
specified backup copy and all backup copies that depend on the specified backup copy.
6. For all asset types, you can choose to keep the latest backup copies or delete them. By default, PowerProtect Data Manager
keeps the latest backup copies. To delete the latest backup copies, clear the checkbox next to Include latest copies.
7. To delete the backup copies, in the preview window, click Delete.
NOTE: The delete operation may take a few minutes and cannot be undone.

An informational dialog box opens to confirm that the copies are being deleted. To monitor the progress of the operation,
click Go to Jobs. To view the list of backup copies and their status, click OK.
NOTE: If the data deletion is successful but the catalog deletion is unsuccessful, then the overall deletion job status
appears as Completed with Exceptions.

When the job completes, the task summary provides details of each deleted backup copy, including the time that each copy
was created, the backup level, and the retention time. The time of copy creation and the retention time are shown in UTC.
An audit log is also generated and provides details of each deleted backup copy, including the time that each copy was
created, the backup level, and the retention time. The time of copy creation and the retention time are shown in the time
zone used by the web browser. Go to Alerts > Audit Logs to view the audit log.
8. Verify that the copies are deleted successfully from protection storage. If the deletion is successful, the deleted copies no
longer appear in the table.

Retry a failed backup copy deletion

If a backup copy is not deleted successfully, you can manually retry the operation.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
2. From the Assets window, select the tab for the asset type for which you want to delete copies. If a policy has been
assigned, the table lists the assets that have been discovered, along with the associated protection policy.
3. Select a protected asset from the table, and then click View Copies. The Copy Locations pane identifies where the
backups are stored.
4. In the left pane, click to the right of the icon for the asset. The table in the right pane lists the backup copies.
5. Select one or more backup copies with the Deletion Failed status from the table, and then click Delete.
You can also filter and sort the list of backup copies by status in the Copy Status column.
The system displays a warning to confirm that you want to delete the selected backup copies.
6. Click OK.
An informational dialog box opens to confirm that the copies are being deleted. To monitor the progress of the operation,
click Go to Jobs. To view the list of backup copies and their status, click OK.

Managing Protection Policies 103

7. Verify that the copies are successfully deleted from protection storage. If the deletion is successful, the deleted copies no
longer appear in the table.

Export data for deleted Oracle and SAP HANA backup copies
This option enables you to export results of deleted backup copies to a .csv file so that you can download an Excel file of the
data.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
2. From the Assets window, select the tab for the asset type for which you want to export results of deleted backup copies. If
a policy has been assigned, the table lists the assets that have been discovered, along with the associated protection policy.
3. Select one or more protected assets from the table, and then select More Actions > Export Deleted Copies.
If you do not select an asset, PowerProtect Data Manager exports the data for deleted backup copies for all assets for the
specific asset type.
4. Specify the following fields for the export:
a. Time Range
The default is Last 24 Hours.
b. Copy Status
In order to export data for deleted backup copies, the backup copies must be in one of the following states:
● Deleted—The copy is deleted successfully from protection storage, and, if applicable, the agent catalog is deleted
successfully from the agent host.
● Deleting—Copy deletion is in progress.
● Deletion Failed—Copy deletion from protection storage is unsuccessful.
● Deletion Failed (Agent Catalog)—The copy is deleted successfully from protection storage, but is not deleted
from the agent host.
NOTE: This state is not applicable to virtual machine and Kubernetes backup copies.

NOTE: You cannot export data for backup copies that are in an Available state.

5. Click Download.
If applicable, the navigation window appears for you to select the location to save the .csv file.
6. Save the .csv file in the desired location and click Save.

Remove Exchange, File System, Kubernetes, Block Volume, and

SQL backup copies from the PowerProtect Data Manager database
This option enables you to delete the backup copy records from the PowerProtect Data Manager database, but keep the backup
copies in protection storage.

About this task

For backup copies that could not be deleted from protection storage, you can remove the backup copies from the PowerProtect
Data Manager database. Removing the backup copies from PowerProtect Data Manager does not delete the copies in
protection storage.

104 Managing Protection Policies

5. Select one or more backup copies with the Deletion Failed status from the table, and then click Remove from
PowerProtect.
The system displays a warning to confirm that you want to delete the selected backup copies.
6. Click OK.
An informational dialog box opens to confirm that the copies are being deleted. To monitor the progress of the operation,
click Go to Jobs. To view the list of backup copies and their status, click OK.
7. Verify that the copies are deleted from the PowerProtect Data Manager database. If the deletion is successful, the deleted
copies no longer appear in the table. The backup copies remain in protection storage.

Removing expired backup copies

PowerProtect Data Manager deletes the backup copies of an asset automatically when the retention period of the copy expires.
Information about specifying retention periods for a protection policy objective is provided within the user guide for each asset
type.
In order for an expired copy to be deleted, the asset must be managed by PowerProtect Data Manager and in one of the
following states:
● Exclusion – The asset is assigned to an exclusion protection policy.
● Disabled – The asset is assigned to a disabled protection policy.
● Protected – The asset is assigned to an enabled protection policy.
● Previously Protected – The asset has been unassigned from a protection policy and has not yet been reassigned to
another policy or assigned to an Exclusion policy.
For an asset assigned to either an exclusion or disabled protection policy, PowerProtect Data Manager deletes the expired
backup copies for the asset when the following settings are set to true:
● expiredCopyDeletionEnabledForAssetInExclusionPolicy
● expiredCopyDeletionEnabledForAssetInDisabledPolicy
The expired copy deletion settings for exclusion and disabled protection policies are set to true by default. If either setting is
set to false, PowerProtect Data Manager skips deletion of the expired backup copies. The PowerProtect Data Manager Public
REST API documentation provides more information.
Expired copy cleanup occurs at 00:00 AM UTC each day. If a copy deletion fails, a warning alert appears in the audit log under
Alerts > System.
You can monitor the progress of the expired copy removal job from the Jobs window.

Removing assets from PowerProtect Data Manager

PowerProtect Data Manager automatically removes assets if certain conditions are met. However, some assets can be manually
removed.
Assets are automatically removed if the following conditions are met:
● The status of the asset is Deleted.
● The asset has no backup copies.
● The asset has existed for longer than the value of the asset TTL setting. This is 0 minutes by default, but it can be changed
with the REST API. For more information, see PowerProtect Data Manager Public REST API documentation.
NOTE: This value has changed from earlier versions of PowerProtect Data Manager.

The manual removal of assets allows for the following increased control over the process:
● The asset can be removed on demand.
● The status of the asset can be Not Detected.
● All protection copies of the asset, including replicated and cloud tiered copies, can be manually removed, followed by the
manual removal of the asset.
● All protection copies of the asset can be automatically removed, if this option is selected during manual asset removal from
PowerProtect Data Manager,

Managing Protection Policies 105

Remove assets and associated protection copies
In the PowerProtect Data Manager UI, you can manually remove some assets ahead of their scheduled removal, or remove
assets that have not been automatically removed.

Prerequisites
● The asset has a status of Deleted or Not Detected.
● The asset has no protection copies. If copies still exist in the storage system for the asset, you can delete these copies
before following the steps in this procedure or select an option to automatically delete the copies when the asset is
removed. For information on deleting backup copies, see Delete backup copies.

Steps
1. Select Infrastructure > Assets.
2. Select the tab that corresponds to the type of assets that you want to remove. For example, for vCenter virtual machine
assets, click Virtual Machine.
Assets that are associated with protection copies of this type are listed. By default, only assets with Available or Not
Detected status display. You can also search for assets by name.
3. Select one or more assets from the list. and then click More Actions > Remove Asset.
The Remove Assets dialog displays.
4. Select from one of the following options:
NOTE: All of these options might not display for the selected assets. The available options depend on the protection
copy status of the selected assets.

● Remove assets and associated protection copies—removes these assets from PowerProtect Data Manager, and
automatically removes any protection copies for these assets from storage.
● Only remove assets with no associated protection copies—these assets will not be deleted if PowerProtect Data
Manager detects that protection copies for these assets still exist in the storage system.
● Mark "Not Detected" assets as "Deleted" but keep associated protection copies—mark assets with Not
Detected status as Deleted in the PowerProtect Data Manager UI, but retain protection copies for these assets in the
storage system. You can view assets marked as Deleted from the Infrastructure > Assets pane.
5. Click OK to confirm the asset removal.

Protecting client assets after a client hostname

change
If the hostname of a client is changed, its assets are no longer protected without further action.
When changing a client hostname, you must delete its existing lockbox files and generate new ones. For more information, see
the documentation of the relevant application agent.

ifGroup configuration and PowerProtect Data

Manager policies
If an ifGroup is configured on the DD, the IP address selected in the PowerProtect Data Manager protection policy is only
used for the initial connection, and redirection (for example, for load balancing) occurs according to the ifGroup setting
on the DD. LACP and other failover options on the DD work independently from what is selected in the PowerProtect Data
Manager policy.
The following examples and diagrams demonstrate common scenarios in PowerProtect Data Manager when an ifGroup is
configured on the DD.
PowerProtect Data Manager policy with no ifGroup
DD configuration:

106 Managing Protection Policies

● eth1/eth2 1G
● eth3/eth4/eth5/eth6 10G
● No ifGroup

PowerProtect Data Manager policy with one ifGroup

DD configuration:
● eth1/eth2 1G
● eth3/eth4/eth5/eth6 10G
● ifGroup * eth3/eth4/eth5/eth6

PowerProtect Data Manager policy with multiple ifGroups

DD configuration:
● eth1/eth2 1G
● eth3/eth4/eth5/eth6 10G
● ifGroup VLAN-VM eth3/eth4
● ifGroup VLAN-SQL eth5/eth6

Managing Protection Policies 107

Troubleshooting failed replication jobs
The following section provides troubleshooting information for when a replication job fails.

Replication to a DD system fails with an authentication error

A replication job might fail with the following error:

The backup copies cannot be replicated because the username and password for the source
storage system are not valid or cannot be detected.

This failure might happen intermittently, while most backup and replication jobs complete without failure and DD systems are
successfully discovered.
To resolve this issue, perform the following steps:
1. Collect a DD support bundle and search /ddvar/log/messages for Failed password or Invalid user.
NOTE: For instructions on collecting the support bundle, see the DDOS Administration Guide.
2. If the search text is found, you see entries similar to the following:

Oct 15 16:36:26 <DD hostname> sshd[25116]: Failed password for sysadmin from <IP
address> port 55351
Oct 11 11:18:00 <DD hostname> sshd[31750]: Invalid user <username> from <IP address>
port 64425

3. Locate the asset-source host using <IP address> and correct the credentials that it is using to connect to the DD
system.

Replication to a DD system fails with a certificate error

A replication job might fail with an error similar to the following:

error = I/O error on POST request for "https://<DD-System>:3009/rest/v1.0/auth":

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target; nested exception is
javax.net.ssl.SSLHandshakeException: PKIX path

NOTE: In this example, <DD_System> is replaced by the hostname of the replication DD system.

108 Managing Protection Policies

This error indicates that the certificate stored on PowerProtect Data Manager for the DD system has expired, been corrupted,
or is missing.
To regenerate the certificate, perform the following steps:
1. If necessary, contact Customer Support to obtain the ppcp tool.
NOTE: The ppcp tool is not deployed with PowerProtect Data Manager. It must be obtained separately.
2. Log in to the PowerProtect Data Manager server console using administrator credentials and change to the root user.
3. Change directories to the location of the ppcp tool.
4. Run the command ./ppcp rest --uri certificates --params
"host=<DD_System>&port=3009&type=HOST", replacing <DD_System> with the hostname of the DD system.
5. In the command output similar to the following, record the value of id inside quotation marks immediately after "id":

"fingerprint":"473303EFF3EFE6D6AAC2D76F1FB94561B12A321F","host":"<DD_System>","id":"ZG
1vYmstcGRiMDAwMS1wLmQuaW50LmluZnJhLjdhbmRpLmNvLmpwOjMwMDk6aG9zdA==","issuerName":"CN=<
DD_System>, OU=Root CA, O=Valued Datadomain Customer, L=Santa Clara, ST=CA,
C=US","notValidAfter":"Sun Dec 07 15:28:39 JST 2025","notValidBefore":"Mon Dec 09
00:28:39 JST 2019","port":"3009","state":"UNKNOWN","subjectName":"CN=<DD_System>,
O=Valued DataDomain customer, OU=Host Certificate, ST=CA, C=US","type":"HOST"

NOTE: In this example, the value of id is

ZG1vYmstcGRiMDAwMS1wLmQuaW50LmluZnJhLjdhbmRpLmNvLmpwOjMwMDk6aG9zdA==
6. Run the following command to change the state of the certificate from UNKNOWN to ACCEPTED:
● Use the value of id recorded in step 5. The value of id is entered immediately after certificates/.
● With the exception of changing UNKNOWN to ACCEPTED, copy the output of the command from step 4 between { and }.
● Replace <DD_System> with the hostname of the DD system.
● This command is entered on a single line of text.

./ppcp rest --method PUT --uri certificates/

ZG1vYmstcGRiMDAwMS1wLmQuaW50LmluZnJhLjdhbmRpLmNvLmpwOjMwMDk6aG9zdA== --data
'{"fingerprint":"473303EFF3EFE6D6AAC2D76F1FB94561B12A321F","host":"dmobk-pdb0001-
p.d.int.infra.7andi.co.jp","id":"ZG1vYmstcGRiMDAwMS1wLmQuaW50LmluZnJhLjdhbmRpLmNvLmpwO
jMwMDk6aG9zdA==","issuerName":"CN=dmobk-pdb0001-p.d.int.infra.7andi.co.jp, OU=Root
CA, O=Valued Datadomain Customer, L=Santa Clara, ST=CA, C=US","notValidAfter":"Sun
Dec 07 15:28:39 JST 2025","notValidBefore":"Mon Dec 09 00:28:39 JST
2019","port":"3009","state":"ACCEPTED","subjectName":"CN=dmobk-pdb0001-
p.d.int.infra.7andi.co.jp, O=Valued DataDomain customer, OU=Host Certificate, ST=CA,
C=US","type":"HOST"}'

Managing Protection Policies 109

7
Restoring Data and Assets
Topics:
• View backup copies available for restore
• Restoring a protection policy
• Restore the PowerProtect Data Manager server
• Restore Cloud Tier backups to protection storage

View backup copies available for restore

When a protection policy is successfully backed up, PowerProtect Data Manager displays details such as the name of the
storage system containing the asset backup, location, the creation and expiry date, and the size. To view a backup summary:

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets or Restore > Assets.
2. Select the tab that corresponds to the type of assets that you want to view. For example, for vCenter virtual machine
assets, click Virtual Machine.
Assets that are associated with protection copies of this type are listed. By default, only assets with Available or Not
Detected status display. You can also search for assets by name.

For virtual machines, you can also click the File Search button to search on specific criteria.

NOTE: In the Restore > Assets window, only tabs for asset types supported for restore within PowerProtect Data
Manager display. Supported asset types include the following:
● Virtual Machine
● File System
● Kubernetes
● Network Attached Storage (NAS)
● Oracle
● SQL
● Block Volumes

3. To view more details, select an asset and click View copies.

The copy map consists of the root node and its child nodes. The root node in the left pane represents an asset, and
information about copy locations appears in the right pane. The child nodes represent storage systems.

When you click a child node, the right pane displays the following information:

● Storage system where the copy is stored.

● The number of copies
● Details of each copy, including the time that each copy was created, the consistency level, the size of the copy, the
backup type, the copy status, and the retention time.
● The indexing status of each copy at the time of copy creation:
○ Success indicates that all files or disks are successfully indexed.
○ Partial Success indicates that only some disks or files are indexed and might return partial results on file search.
○ Failed indicates that all files or disks are not indexed.
○ In Progress indicates that the indexing job is in progress.

If indexing has not been configured for a backup copy, or if global expiration has been configured and indexed disks or
files have been deleted before the backup copy expiration date, the File Indexing column displays N/A.

110 Restoring Data and Assets

The indexing status updates periodically which enables you to view the latest status.
● For virtual machine backups, a Disk Excluded column enables you to view any virtual disks (VMDKs) that were excluded
from the backup.

Restoring a protection policy

You can use the PowerProtect Data Manager user interface to perform centralized and self-service restores of protection policy
backups for any of the following asset types. For more information, see the appropriate publication.

Table 28. Protection-policy asset types

Asset type Publication
File system data PowerProtect Data Manager File System User Guide
Kubernetes cluster PowerProtect Data Manager Kubernetes User Guide
namespaces and PVCs
Microsoft Exchange Server PowerProtect Data Manager Microsoft Exchange Server User Guide
databases
Microsoft SQL Server PowerProtect Data Manager Microsoft SQL Server User Guide
databases
Network Attached Storage PowerProtect Data Manager Network-Attached Storage User Guide
(NAS) share and appliance
data
Oracle RMAN databases PowerProtect Data Manager Oracle RMAN User Guide
SAP HANA databases PowerProtect Data Manager SAP HANA User Guide
Virtual machines PowerProtect Data Manager Virtual Machine User Guide
Block volumes PowerProtect Data Manager Storage Array User Guide

Restore the PowerProtect Data Manager server

You can restore PowerProtect Data Manager server persisted data as a new instance using any of the backups. Only the
Administrator role can carry out the restore.

Prerequisites
Ensure that:
● The PowerProtect Data Manager version that is deployed on your system and the backups you are using for the restore
match.
● The network configuration is the same on the newly deployed PowerProtect Data Manager system as on the failed instance
that you are restoring.

Steps
1. Deploy the PowerProtect Data Manager OVA and power it on.
2. Select Restore Backup.
To delay jobs defined by your protection policies until otherwise specified, select After restore, keep the product in
recovery mode so that scheduled workflows are not triggered. When selected, after restore the system enters
recovery maintenance mode. During recovery maintenance mode:
● All jobs defined by your protection policies that modify the backup storage (for example, backup creation, backup
deletion, and PowerProtect Data Manager Server DR jobs) are not triggered.
● All operations that write to the backup storage are disabled.

Restoring Data and Assets 111

● A system alert is displayed in PowerProtect Data Manager.

To enable automatically scheduled operations and user operations that write to the backup storage, click Return to full
Operational mode in the alert.
3. Specify the following storage information:
a. DD system IP where the recovery backups are stored.
b. DD NSF Export Path where the recovery backups are stored.
c. Click Connect.
4. Select the PowerProtect Data Manager instance that you would like to restore, and then click OK.
5. Select the backup file that you would like to use for recovery, and then click Recover.
6. Specify the lockbox passphrase associated with the backup, and start the recovery.
This step initiates the recovery and display the progress status. The recovery process can take approximately eight minutes
before the URI is redirected to the PowerProtect Data Manager login.

Results
The PowerProtect Data Manager server is recovered.

Next steps
After a successful recovery:
● The time zone of the PowerProtect Data Manager instance is set to the same as that of the backup.
● All preloaded accounts are reset to default passwords, as described in the PowerProtect Data Manager Security
Configuration Guide. The preloaded UI administrator account is an exception and retains its password. Change the
passwords for all preloaded accounts as soon as possible.

Restore Cloud Tier backups to protection storage

Recall and restore from Cloud Tier

Perform the following steps to recall a backup on Cloud Tier to the active tier on protection storage and restore this backup.

Prerequisites

NOTE: When a backup is recalled from Cloud Tier to the active tier, the copy is removed from Cloud Tier.

112 Restoring Data and Assets

6. Go to the Jobs window to monitor the recall operation.
When the copy has been moved successfully, the Location changes from Cloud to Local.
7. Select Restore > Assets, and then select the tab that contains the recalled asset.
8. Select the recalled asset, and then click Restore.
NOTE: If you are unsure whether the asset has been recalled, click View Copies and select DD to view the available
backup copies. If the asset backup is a recalled copy, the Status column indicates Local Recalled.

9. Select the recalled copy to re-tier the copy to the active tier.

Restoring Data and Assets 113

8
Preparing for and Recovering From a
Disaster
Topics:
• About server disaster recovery
• System recovery for server DR
• Quick recovery for server DR
• Overview of PowerProtect Data Manager Cloud Disaster Recovery

About server disaster recovery

The PowerProtect Data Manager system protection service enables you to protect the persistent data of a PowerProtect Data
Manager system from catastrophic loss by creating a series of server disaster recovery (DR) backups.
Preparing for server DR requires the consideration of two scenarios: loss of the PowerProtect Data Manager server and loss
of the entire site. Some of the information that you record during the server DR configuration process may only apply to one
scenario or the other. As a best practice, you should gather and record all applicable information for both scenarios.
PowerProtect Data Manager supports three methods of server DR:

System recovery
System recovery creates point-in-time snapshots of the PowerProtect Data Manager server in protection storage. During a DR
activity, recover the server from protection storage and then restore protected assets.
System recovery for server DR provides more information.

Quick recovery
Quick recovery makes a remote PowerProtect Data Manager replication destination aware of replicated backups and enables
the recovery view. During a DR activity, you can restore assets from these replicated backups at the destination without first
restoring the source server.
Quick recovery for server DR provides more information.

Cloud Disaster Recovery

Cloud DR enables you to restore to a DR site in a supported public cloud environment. During a DR activity, restore virtual
machines to a Cloud DR server and recover those workloads in the cloud.
Overview of PowerProtect Data Manager Cloud Disaster Recovery provides more information.

114 Preparing for and Recovering From a Disaster

Differences between server DR methods
The following table highlights the differences between the three server DR methods,

Table 29. Server DR comparison

Criteria System recovery Quick recovery Cloud DR
Requires another running PowerProtect Data Manager No a Yes No
server
Requires additional configuration after setup Optional b No No
Requires configuration outside of the PowerProtect Data Yes No No
Manager UI during recovery
Preserves backup workflows Yes No No
Supports server DR replication Yes Automatic Automatic
Recovery time objective (RTO) for backup infrastructure >1 hour a N/A N/A

a. Optionally, you can configure a second server and leave this server unconfigured to decrease the RTO for system
recovery. However, the RTO for system recovery cannot match the RTO for quick recovery or Cloud DR.
b. Configuration of server DR replication.

System recovery for server DR

The system recovery process creates periodic backups of a PowerProtect Data Manager server, from which you can restore the
server after a disaster. Each backup is considered a full backup although it is created in an incremental manner.
System recovery backups include persistent data such as the lockbox and the PowerProtect Data Manager databases. The
backup operation quiesces the server and creates a point-in-time snapshot of the databases. This quiescent state limits user
functionality. After the snapshot completes and while PowerProtect Data Manager copies the snapshot to protection storage,
the server restores full user functionality. System recovery backups also include File Search indexes and other component DR
backups.
The system protection service enables you to manage the frequency and retention of an automated server DR backup. You
can also perform manual backups. However, the system protection service does not manage the retention of manual backups
and you must delete any outdated manual backups yourself. Manage PowerProtect Data Manager server DR backups provides
instructions.
You can select one protection storage system as a server DR backup target and one protection storage system as a replication
target. Replication provides an extra layer of protection for server DR backups. Manually configure server DR backups provides
instructions for configuring server DR replication, while Recover PowerProtect Data Manager from server DR backups contains
instructions for restoring from a replica.
Since only one backup target and one replication target are supported at a time, when you specify a new protection storage
system, you overwrite the existing selection. If you have more protection storage systems, you can change which protection
storage system holds the server DR backup or receives the replica.
PowerProtect Data Manager server DR replication is independent of any legacy methods, such as MTree replication on an
individual DD system. Backups and configuration from legacy methods are not detected or migrated.

Server DR protection storage types

PowerProtect Data Manager supports DD Boost as the type of protection storage for server DR.
NOTE: If PowerProtect Data Manager was updated from version 19.14 or earlier where NFS was configured, NFS can
continue to be used as a backup protocol. However, it is recommended to swtich to DD Boost when possible. Switching
from NFS to DD Boost creates new server DR backups, rather than migrating existing backups. The previous NFS backups
are no longer visible in the list of DR backups. However, you can still recover from older NFS server DR backups even after
switching to DD Boost, should you experience a disaster before the initial DD Boost system backup completes.

Preparing for and Recovering From a Disaster 115

DD Boost provides security and efficiency features, including password-protected authentication, server-DR replication, and
automatic server-DR configuration. When you use DD Boost, PowerProtect Data Manager creates and manages a storage unit
on the DD system and a corresponding user account.
● The storage unit and user account name are based on the PowerProtect Data Manager hostname. For example,
SysDR_<hostname>.
● The DD Boost user password is based on the PowerProtect Data Manager predefined administrator account (admin)
password.
NOTE: The password is based on the admin account even if you use other accounts such as external identity provider
users with the Administrator role to administer PowerProtect Data Manager.
Changes to the PowerProtect Data Manager predefined administrator password prompt corresponding updates to the DD Boost
user password. If you configured server DR replication, password changes also prompt corresponding updates to the credentials
on the replication target. Recovery from server DR backups requires the PowerProtect Data Manager predefined administrator
password. If you do not know this password, contact Customer Support.
Add the DD system as protection storage before you configure server DR. Protection storage provides instructions.
For more information about automatic server-DR configuration, see Automatic server DR.

Automatic server DR
New deployments of PowerProtect Data Manager automatically configure and enable server DR with minimal input. This process
ensures that the server is protected as soon as you add protection storage.
Automatic server DR detects when you first add a protection storage system. The automatic configuration mechanism uses
the recommended DD Boost storage type and default settings to create a managed storage unit for server DR. This process
generates server DR jobs that you can track through the Jobs page.
Automatic configuration selects the first protection storage system that you add to PowerProtect Data Manager. However, you
can configure server DR to change the target to another protection storage system or enable replication. Manually configure
server DR backups provides instructions. Manual configuration of the backup target is not recommended unless you must target
a different protection storage system.
If automatic server DR fails, Manually configure server DR backups provides an alternate method to configure server DR. The
job details provide information that you can use to troubleshoot the configuration process.

Manually configure server DR backups

For new deployments, PowerProtect Data Manager automatically configures and enables server DR. However, you can manually
configure DR protection for the PowerProtect Data Manager system and the system metadata.

Prerequisites
Add the DD system as protection storage. Protection storage provides instructions. If you plan to replicate server DR backups,
the replication target must be a different protection storage system.
NOTE: If PowerProtect Data Manager was updated from version 19.14 or earlier where NFS was configured, NFS can
continue to be used as a backup protocol. Otherwise, only DD Boost is available and it is used by default.

Steps
1. Log in to the PowerProtect Data Manager user interface as a user with the Administrator role.

2. Click , select Disaster Recovery, and then click Configuration.

3. Select Enable backup.
4. For new deployments of PowerProtect Data Manager or deployments that have been updated from version 19.14 or earlier
where DD Boost was configured, use one of the following methods to choose a protection storage system:
● From the PowerProtect DD System drop-down list, select a backup destination from the list of existing protection
storage systems.
● Select Add to add a system and complete the details in the Add Storage window.
For initial server DR configuration, the Storage Unit field is empty. If server DR was already configured, the Storage Unit
field displays the name of the storage unit that holds server DR backups.

116 Preparing for and Recovering From a Disaster

5. For deployments of PowerProtect Data Manager that have been updated from version 19.14 or earlier where NFS was
configured, select a Protocol.
● For NFS, perform the following steps:
a. In the PowerProtect DD System field, type the IP address or hostname of the DD system for the backup.
b. In the NFS Export Path field, type the NFS path where server DR backups are stored on the target DD system.
● For DD Boost, use one of the following methods to choose a protection storage system.
CAUTION: If you change the configured protocol from NFS to DD Boost, NFS can no longer be selected or
used again.
○ From the PowerProtect DD System drop-down list, select a backup destination from the list of existing protection
storage systems.
○ Select Add to add a system and complete the details in the Add Storage window.
For initial server DR configuration, the Storage Unit field is empty. If server DR was already configured, the Storage
Unit field displays the name of the storage unit that holds server DR backups.
6. Configure the backup frequency and duration:
a. Type an interval between server DR backups, in hours.
This setting controls backup frequency, and the allowed values are 1 to 24 hours.
b. Type the number of days for which PowerProtect Data Manager should retain server DR backups.
The allowed values are 2 to 30 days.
7. To enable server DR replication:
NOTE: If the source storage unit has compliance mode retention locking enabled, you must provide the username and
password for the security officer who is associated with the source and destination protection storage systems.

a. Check Enable Replication.

b. From the Replicate Backup To drop-down list, select a target from the list of existing protection storage systems, or
select Add to add a system and complete the details in the Add Storage window.
The replication target cannot be the backup destination.
The replication frequency and retention time are the same as for the backup.
8. Click Save.

Results
For DD Boost, PowerProtect Data Manager creates system jobs to prepare the new storage unit and to configure the server DR
protection policy.
For both storage types, PowerProtect Data Manager creates a system job for the first server DR backup.
If you configured replication, PowerProtect Data Manager creates a DD Boost user and storage unit on the destination. Server
DR backups begin replicating according to the protection schedule.

Next steps
Verify that the system jobs succeed.

Record settings for server DR

Plan for DR by recording vital information. In the event of a major outage, you will need this information to recover your
systems. Some items are only required for particular DR scenarios. Record the following information on a local drive outside
PowerProtect Data Manager:

Steps
1. If PowerProtect Data Manager is deployed to vSphere, record the port groups:
a. Log in to the vSphere client.
b. Right-click the name of the virtual appliance and select Edit Settings.
c. Record the port group settings that are assigned to PowerProtect Data Manager.
This information is useful when restoring to the same VMware environment.
2. Record the PowerProtect Data Manager FQDN.
3. Log in to the PowerProtect Data Manager user interface as a user with the Administrator role.

Preparing for and Recovering From a Disaster 117

4. Record the PowerProtect Data Manager version and build numbers.
Customer Support can provide this information, which is not mandatory.

5. Click , select Disaster Recovery, and then click Configuration.

6. Record whether server DR storage uses NFS or DD Boost.
NOTE: NFS is only available for deployments of PowerProtect Data Manager that have been updated from version 19.14
or earlier where NFS was configured. Only DD Boost is available for new deployments of PowerProtect Data Manager.

7. Record the protection storage system IP address or FQDN.

8. If you configured server DR replication, record the FQDN for the replication target.
9. If you use NFS for server DR storage, record the NFS export path.
10. If you use DD Boost for server DR storage, perform the following substeps:
a. Connect to the PowerProtect Data Manager console and change to the root user.
b. Change directory:
cd /usr/local/brs/puppet/scripts
c. Obtain and record the server DR DD Boost credentials:
./get_sdr_config_credential.py SysDR_$(hostname -s)
d. Connect to the protection storage system console.
e. Obtain and record the user ID (UID) for the server DR DD Boost user:
user show list

Results

Table 30. Recorded DR settings

System Setting or Property Example Recorded Value
PowerProtect Version and build 19.15
Data Manager
FQDN server1.example.com

Backup protocol NFS or DD Boost

Server DR FQDN dd-replica.example.com
replica
Protection FQDN dd.example.com
storage system
NFS export path N/A
DD Boost username SysDR_server1

DD Boost password zD0_56c-b4e-ad4-dbb-

DD Boost UID 501

Manage PowerProtect Data Manager server DR backups

View PowerProtect Data Manager server DR backups and perform manual backups.

About this task

For DR backups, PowerProtect Data Manager supports a default retention period of 7 days plus the last 3 hourly backup copies
for the current day. You can change the frequency and retention of DR backups from the Disaster Recovery > Configuration
tab.
The system protection service automatically deletes scheduled backups according to the configured retention policy.
You can manually delete all backups except for the most recent backup marked as FULL and the most recent backup marked as
PARTIAL.

118 Preparing for and Recovering From a Disaster

Steps
1. Log in to the PowerProtect Data Manager user interface as a user with the Administrator role.

2. Click , select Disaster Recovery, and then click Manage Backups.

3. To perform a manual backup:
a. Click Backup Now.
The Enter a name for your backup dialog appears.
b. [Optional] Type a name for your backup.
You can leave the backup name blank, and PowerProtect Data Manager provides a name for the backup by using the
naming convention UserDR-. If you provide a name with the convention that PowerProtect Data Manager uses for
scheduled backups, which is SystemDR, PowerProtect Data Manager displays an error.
c. Click Start Backup.

The backup appears as an entry in the table. To view details for the backup, click .
If the Search Engine is deployed,PowerProtect Data Manager also backs up the Search Engine. The backup details
provide the status of the Search Engine backup.
To monitor the status of the backup, select Jobs > Protection and look for a job with the name Protect the server
datastore.

4. To delete a backup:
a. Select a backup from the list.
b. Click for that row.
The system displays a warning to confirm you want to delete the backup. Click Yes to proceed.
5. Click Cancel.

Recover PowerProtect Data Manager from server DR backups

You can recover PowerProtect Data Manager from a server DR backup on a protection storage system.

Prerequisites
● The version of the PowerProtect Data Manager backup is the same as the version of the PowerProtect Data Manager in
production.
● .Only the Administrator role can carry out the recovery.
● Ensure that all the information listed in Record settings for server DR is available.
● Ensure that the FQDN of the PowerProtect Data Manager is the same as the host name.
● To restore data from NFS, PowerProtect Data Manager has been updated from version 19.14 or earlier where NFS was
configured.
● To restore data from DD Boost, ensure that you have the current password for the PowerProtect Data Manager UI
predefined administrator account. If you do not know this password, contact Customer Support.
● To restore data from a server DR replica, ensure that you have the IP address or FQDN for the replication target, the
PowerProtect Data Manager hostname, and the current password for the PowerProtect Data Manager UI predefined
administrator account.
● If the Search Engine or reporting engine nodes from the previous PowerProtect Data Manager deployment are still hosted
on the vCenter server, delete the Search Engine and reporting engine nodes from the vCenter server before you recover the
PowerProtect Data Manager system. The recovery process redeploys the Search Engine and reporting engine nodes as part
of the recovery operation.
● The recovery process does not automatically redeploy protection engines. After recovery, redeploy the protection engines.

About this task

When a primary PowerProtect Data Manager system fails because of a major event, deploy a new PowerProtect Data Manager
system and recover the backup from the external DD system.

NOTE: If the recovery system has a different FQDN, see Troubleshoot recovery of PowerProtect Data Manager.

If a Search Engine is present in the recovery backup when you recover the PowerProtect Data Manager system, the Search
Engine is automatically recovered.

Preparing for and Recovering From a Disaster 119

Steps
1. Deploy a new PowerProtect Data Manager virtual appliance.
The PowerProtect Data Manager Deployment Guide for the appropriate platform provides instructions.
2. From a host that has network access to the PowerProtect Data Manager instance, use the latest version of Google Chrome
or Microsoft Edge to connect to the instance:
https://<instance_hostname>
NOTE: You can specify the hostname or the IP address of the instance.

3. On the Install window under Welcome, select Restore Backup.

4. Select After restore, keep the product in recovery mode so that scheduled workflows are not triggered.
Recovery mode provides more information.
5. To restore data from NFS:
a. For Protocol, select NFS.
NOTE: NFS is only available for deployments of PowerProtect Data Manager that have been updated from version
19.14 or earlier where NFS was configured. Only DD Boost is available for new deployments of PowerProtect Data
Manager.

b. Under Select File, enter the DD System and NFS Export Path where the backup is located, and then click Connect.
A list of the available recovery backups appears.
6. To restore data from DD Boost:
a. For Protocol, select DDBoost.
b. Type the hostname or IP address for the protection storage system that stores server DR backups.
c. If the hostname is not already populated, type the hostname for the original PowerProtect Data Manager system.
d. To restore from a server DR replica, append /R to the hostname.
For example, system1.example.com/R.
e. Type the password for the predefined administrator account (admin) of the original PowerProtect Data Manager.
f. Click Connect.
A list of the available recovery backups appears. If restoring data from a replica, the list of backups includes those on the
replica.
7. Select the backup from which to recover the system, and then click Recover.
The recovery starts. Recovery can take a few minutes.
NOTE: There is no busy indicator during the recovery process. The current recovery state can be monitored from the
text displayed in the recovery window.

Results
When recovery is complete:
● The PowerProtect Data Manager login page appears.
● The time zone of the PowerProtect Data Manager instance is set to that of the backup.
● If restoring from a replica, the replication target protection storage system is configured as the new server DR backup
target.
● All preloaded accounts are reset to default passwords, as described in the PowerProtect Data Manager Security
Configuration Guide. The preloaded UI administrator account is an exception and retains its password. Change the
passwords for all preloaded accounts as soon as possible.
● Backup copies that were created after the Server DR recovery backup used in the recovery process are discovered after the
server is recovered. However, any backup copies that had replication or cloud tier copies before the recovery operation are
replicated or cloud tiered during the next manual or scheduled job.
● If a VMware Virtual Machine, Block Volume, or NAS protection policy is configured, a copy discovery operation
is automatically performed. Copy discovery ensures that any backups taken between the times of recovery start and
completion are reconciled on the recovered server. Depending on the amount of data backed up in this time period, copy
discovery can take minutes or hours. Each type of configured protection policy that triggers the copy discovery operation is
logged as a Post Restore Copy Discovery job group in the System Jobs window.

120 Preparing for and Recovering From a Disaster

Recovery mode
If you select After restore, keep the product in recovery mode so that scheduled workflows are not triggered during
deployment, PowerProtect Data Manager enables recovery mode.
With recovery mode active, when you log in to PowerProtect Data Manager:
● A red banner appears at the top of the PowerProtect Data Manager UI. The banner indicates that the PowerProtect Data
Manager system is operational but scheduled workflows are disabled.
● All jobs defined by your protection policies that modify the backup storage (for example, backup creation, backup deletion,
and PowerProtect Data Manager Server DR jobs) are not triggered.
● All operations that write to the backup storage are disabled.
To return PowerProtect Data Manager to full operational mode and enable scheduled workflows, click Return to full
operational mode.

Recover the Search Engine from a DR backup

PowerProtect Data Manager automatically restores the Search cluster after disaster recovery of the PowerProtect Data
Manager system is complete. If the PowerProtect Data Manager system could not restore the Search cluster automatically, use
the steps in this procedure to restore only the Search cluster through the REST API. Recovery of a Search cluster must be
performed on an operational PowerProtect Data Manager system. Only the Administrator role can restore the Search cluster.

Prerequisites
Obtain the name of the Search cluster backup from System Settings > Disaster Recovery > Manage Backups.

About this task

Use the backup manifest file to create a new text document that will be used issue a POST command with the REST API:

CAUTION: Do not edit the manifest file itself.

Steps
1. Log in to the PowerProtect Data Manager user interface as a user with the Administrator role.
Use the same credentials that you used before PowerProtect Data Manager was restored.
2. Connect to the PowerProtect Data Manager console as an admin user.
3. Change directories to /data01/server_backups/<PowerProtect Data Manager Hostname>_<NodeID> to
locate the backup manifest file.
Normally, there is only a single subdirectory in /data01/server_backups, so change to that subdirectory. However, if
there is more than one subdirectory and you don't know which <NodeID> is the correct one, perform the following substeps:
a. From /data01/server_backups, run the following commands, changing the username and password as required:

TOKEN=$(curl -X POST https://localhost:8443/api/v2/login -k -d '{ "username":

"admin","password": "admin_password" }' --header "Content-Type: application/json" |
python3 -c "import sys, json; print(json.load(sys.stdin)['access_token'])")

curl -X GET https://localhost:8443/api/v2/nodes -k --header "Content-Type:

application/json" --header "Authorization:Bearer $TOKEN"

b. Run the command grep -Rnwa -e '<Name>' --include=*.manifest.

4. Copy the manifest file to a temporary file.
5. Open the temporary file.
6. Review the following example, and make the changes documented by the // comment entries.
NOTE: The // comment entries displayed here do not exist in the temporary file itself. These comment entries are
displayed here only as a guide.

{
"id": "ca8cbb13-6f3d-4ac5-87e5-de47a634379f",

Preparing for and Recovering From a Disaster 121

"jobId": "990b4ea7-c0e4-4069-8dd5-7d0e084370fc", // DELETE LINE
"creationTime": "2022-08-25T19:38:54.622275+0000",
"lastUpdated": "2022-08-25T19:40:18.165497Z",// DELETE LINE
"elapsedSeconds": 11,
"sequenceNumber": 2,
"state": "Successful",// DELETE LINE
"version": "19.12.0-1-SNAPSHOT", // DELETE LINE
"hostname": "ldpdb141.hop.lab.emc.com", // DELETE LINE
"name": "mercijTestDr", // DELETE LINE
"nodeId": "a8d2df8e-5c3e-4160-87d4-32b9bfe6c283", // DELETE LINE
"sizeInBytes": 29759075,
"consistency": "CRASH_CONSISTENT", // DELETE LINE
"checksum": "bbd97a04f296a8ed116e4a9272982d8e8411f3d0cf50dea131d5c2cd4ce224f8", //
DELETE LINE
"backupConsistencyType": "FULL", // DELETE LINE
"esSnapshotState": "UNKNOWN", // DELETE LINE
"backupTriggerSource": "USER", // DELETE LINE
"configType": "standalone", // DELETE LINE
"deployedPlatform": "vmware", // DELETE LINE
"replicationTargets": [], // DELETE LINE
"repositoryFileSystem": "BOOST_FILE_SYSTEM", // DELETE LINE
"ddHostname": "ldpdg251.hop.lab.emc.com", // DELETE LINE and add line
"recover":true,
"Components": [ // change Components to components with lower case c
{ // DELETE WHOLE PPDM COMPONENT LEAVING ONLY SEARCHCLUSTER
"name": "PPDM",
"id": "ca7cbb13-6f3d-4ac5-87e5-de47a634379f",
"lastActivityId": "2bdbe7a8-7c57-446d-b072-ad8081e2953d",
"version": "v2",
"backupPath": "ldpdg251.hop.lab.emc.com:SysDR_ldpdb141/
ldpdb141_a8d2df8e-5c3e-4160-87d4-32b9bfe6c283/PPDM",
"backupStatus": "SUCCESSFUL",
"backupsEnabled": true,
"errorResults": []
}, // STOP DELETING HERE
{
"name": "SearchCluster",
"id": "ca7cbb13-6f3d-4ac5-87e5-de47a634379f",
"lastActivityId": "198a93b1-7382-474b-89c8-c7b6b0ab4987",
"version": "v2",
"backupPath": "ldpdg251.hop.lab.emc.com:SysDR_ldpdb141/
ldpdb141_a8d2df8e-5c3e-4160-87d4-32b9bfe6c283/SearchCluster",
"backupStatus": "SUCCESSFUL",
"backupsEnabled": true, // DELETE TRAILING COMMA
"errorResults": [] // DELETE LINE
}
]
}

In summary:
● remove all lines with the // DELETE LINE comment entry displayed here
● add recover: true
● change Components to components
● remove all listed component blocks except for Search Cluster
● remove the trailing comma from "backupsEnabled": true,
The result of these changes should look similar to the following:

{
"id": "ca8cbb13-6f3d-4ac5-87e5-de47a634379f",
"creationTime": "2022-08-25T19:38:54.622275+0000",
"elapsedSeconds": 11,
"sequenceNumber": 2,
"sizeInBytes": 29759075,
"recover" : true,
"components": [
{
"name": "SearchCluster",
"id": "ca7cbb13-6f3d-4ac5-87e5-de47a634379f",
"lastActivityId": "198a93b1-7382-474b-89c8-c7b6b0ab4987",
"version": "v2",

122 Preparing for and Recovering From a Disaster

"backupPath": "ldpdg251.hop.lab.emc.com:SysDR_ldpdb141/
ldpdb141_a8d2df8e-5c3e-4160-87d4-32b9bfe6c283/SearchCluster",
"backupStatus": "SUCCESSFUL",
"backupsEnabled": true
}
]
}

7. Copy the value of the text inside the quotation marks that follow "id":.
This value replaces the variable <backupID> used in step 11. In this example, <backupID> is ca8cbb13-6f3d-4ac5-87e5-
de47a634379f.
8. Remove all carriage returns from the temporary file, so that all the text is on a single line.
9. Copy all of the text from the temporary file.
This value replaces the variable <manifestText> used in step 11.
10. Run the following command, changing the username and password credentials as required:
NOTE: Even if you ran this command in step 3.a, run it again. The validity of the value of TOKEN is time sensitive.

TOKEN=$(curl -X POST https://localhost:8443/api/v2/login -k -d '{ "username":

"admin","password": "admin_password" }' --header "Content-Type: application/json" |
python3 -c "import sys, json; print(json.load(sys.stdin)['access_token'])")

11. Run the following command:

curl -X PUT 'https://localhost:8443/api/v2/server-disaster-recovery-backups/

<backupID>' --header "Authorization: Bearer $TOKEN" --header 'Content-Type:
application/json' -k -d '<manifestText>'

● Replace <backupID> with the value obtained in step 7.

● Replace <manifestText> with all of the text obtained in step 9.
12. To monitor the status of the restore process in the PowerProtect Data Manager UI, select Jobs > System Jobs and look
for a job with the description Restoring backup Search Node.

Next steps
Delete the temporary file created in step 4.

Change the IP address or hostname of a DD system

You can change the IP address or hostname of a DD system without affecting server DR.

About this task

Before changing the IP address or hostname of a DD system, perform the following steps.
NOTE: If you have changed the IP address or hostname of a DD system without following these steps, you can recover DR
functionality. For more information, see Recover from a changed DD system IP address or hostname.

Steps
1. Disable Server DR backups.
2. Log in to the PowerProtect Data Manager server by using SSH.
3. Run the following command:
sudo umount /data01/server_backups
4. For each Search Engine node, perform the following substeps:
a. Log in to the Search Engine node by using SSH.
b. Run the following command:
sudo umount /mnt/PPDM_Snapshots
5. Remove the DD system from PowerProtect Data Manager:
a. From the PowerProtect Data Manager UI, select Infrastructure > Storage.

Preparing for and Recovering From a Disaster 123

b. Select the DD system to remove.
c. Click Delete.
6. Change the IP address or hostname of the DD system.
7. Add the DD system back to PowerProtect Data Manager.
8. Enable server DR backups.

Recover from a changed DD system IP address or hostname

If you changed the IP address or hostname of a DD system without following the supported procedure, you can recover your
server DR functionality.

About this task

Steps
1. Disable Server DR backups.
2. Log in to the PowerProtect Data Manager server by using SSH.
3. Run the following command:
ps aux | grep /data01/server_backups | grep boostfs
Make a note of the process ID next to the boostfs entry in the command output.

4. Run the following command, replacing <processID> with the process ID obtained in step 3:
sudo kill -9 <processID>
5. Run the following command:
sudo umount /data01/server_backups
6. For each Search Engine node, perform the following substeps:
a. Log in to the Search Engine node by using SSH.
b. Run the following command:
sudo umount /mnt/PPDM_Snapshots
7. Remove the DD system from PowerProtect Data Manager:
a. From the PowerProtect Data Manager UI, select Infrastructure > Storage.
b. Select the DD system to remove.
c. Click Delete.
8. Add the DD system back to PowerProtect Data Manager.
9. Enable server DR backups.

Troubleshooting NFS backup configuration issues

The following sections provide a list of error messages that might appear when you configure a server DR backup configuration
that uses NFS.

DD storage unit mount command failed with error: 'Cannot mount full path: Access
is denied'
This error message appears when an NFS export does not exist on the DD system for the full path to the server DR storage
unit. This error message also appears when the redeployed virtual appliance was not added as a client for access to the NFS
export.
To resolve this issue, ensure that you have configured an NFS export for the full path of the DD Boost storage unit and that the
virtual appliance is an Export client.

124 Preparing for and Recovering From a Disaster

DD storage unit mount command failed with error: 'Cannot resolve FQDN: The name
or service not known'
This error message appears when PowerProtect Data Manager cannot contact the DD system by using the specified FQDN. To
resolve this issue, ensure that you can resolve the FQDN and IP address of the DD system.

Troubleshoot recovery of PowerProtect Data Manager

When the FQDN of the recovery site is different from the FQDN of the primary site, a mount error might occur and the
recovery process requires a few extra steps.

About this task

If a mount error occurs during recovery, follow this work-around procedure.

Steps
1. On the DD system where the backup is located, delete the replication pair and mount it for PowerProtect Data Manager.
2. When recovery is complete, on PowerProtect Data Manager, regenerate the certificates using the following command.
sudo -H -u admin /usr/local/brs/puppet/scripts/generate_certificates.sh -c
3. Restart the system and select the URL of the primary PowerProtect Data Manager system.
The https://PowerProtect Data Manager IP/#/progress page appears and recovery resumes.
4. Log in to the primary PowerProtect Data Manager.
The PowerProtect Data Manager VM vCenter console shows an error, which you can ignore.
5. Open the primary PowerProtect Data Manager using the original IP address and log in.

Results
Recovery is complete.

Recover a failed PowerProtect Data Manager restore

Steps
1. Deploy a new PowerProtect Data Manager virtual appliance.
The PowerProtect Data Manager Deployment Guide for the appropriate platform provides instructions.
2. Contact Customer Support.

Disable server DR backups

Some maintenance procedures may require you to disable server DR backups during the procedure. Use this task only when
referenced elsewhere.

Steps
1. Log in to the PowerProtect Data Manager user interface as a user with the Administrator role.

2. Click , select Disaster Recovery, and then click Configuration.

3. Record the existing server DR settings on the Configuration page.
4. Deselect Enable backup.
5. Click Save.

Next steps
After completing the maintenance procedure, re-enable server DR backups. The manual configuration procedure provides
instructions.

Preparing for and Recovering From a Disaster 125

Quick recovery for server DR
After a disaster, the quick recovery feature enables you to restore assets and data that you replicated to a system at a remote
site.
NOTE: Quick recovery does not re-create the original backup environment and local system which protected the restored
assets. Therefore, quick recovery is not a substitute for a server DR restore. To continue backing up the restored assets at
the remote site, add the restored assets to a protection policy on the remote system.
Quick recovery is supported for the following assets protected by PowerProtect Data Manager:
● Virtual machines
NOTE: This support does not include application-aware VADP workloads.
● Kubernetes namespaces and PVCs.
● File systems.
CAUTION: Do not attempt the quick recovery of a system partition or boot disk.

Quick Recovery does not support restoring user data at the file or folder level.
Quick recovery sends metadata from the local system to the remote system, following the flow of backup copies. This
metadata enables recovery view on the remote system. You can recover your workloads at the remote site before you have the
opportunity to restore the local PowerProtect Data Manager system.
For example, the following figures show two sites that are named A and B, with independent PowerProtect Data Manager
and DD systems for protection storage. Each site contains unique assets. Figure Separate datacenters, before disaster shows
the initial configuration with both sites replicating copies to each other. Figure Separate datacenters, after disaster shows
the result, with site A down. The site A assets have been restored with quick recovery into the site B environment from the
replicated copies.

Figure 2. Separate datacenters, before disaster

126 Preparing for and Recovering From a Disaster

Figure 3. Separate datacenters, after disaster

PowerProtect Data Manager supports quick recovery for alternate topologies. You can configure quick recovery for one-to-
many and many-to-one replication. For example, the following figure shows a local system PowerProtect Data Manager
replicating to a standby remote DD system with its own PowerProtect Data Manager, all in the same data center. If the
local system fails, the quick recovery feature ensures that you can still restore from those replicated copies before you restore
the source.

Preparing for and Recovering From a Disaster 127

Figure 4. Standby DD system

The following topics explain the prerequisites, how to configure PowerProtect Data Manager to support quick recovery, and
how to use the recovery view to restore assets.

Quick recovery prerequisites

Before you configure quick recovery, complete the following items:
● Ensure that the local system and the remote system can ping each other using the same method: hostname or IP address.
● Ensure that the version of PowerProtect Data Manager is the same for both the local system and the remote system.
● Attach at least two protection storage systems to the local system: one for local protection storage and one for replication.
● Register asset sources with the local system and configure protection policies to protect those assets.
● Configure protection policies to replicate backup copies to the protection storage system at the remote site.
● Back up the protected assets and confirm that backup data successfully replicates to the remote protection storage system.
NOTE: Backup copies that have been moved to Cloud Tier cannot be used for quick recovery. To use these backup
copies, recall them from Cloud Tier.
● Ensure that the replication protection storage is discovered in the remote system.
● Add and enable the asset source on the remote PowerProtect Data Manager system.
● For Kubernetes quick recovery operations, ensure that the same Kubernetes cluster is not managed by more than one
PowerProtect Data Manager instance.

128 Preparing for and Recovering From a Disaster

Before you use the quick recovery remote view, add the remote system to the list of remote systems on the local system. If
you have changed the PowerProtect Data Manager security certificates after you configured quick recovery, the PowerProtect
Data Manager Security Configuration Guide provides instructions to resynchronize the certificates.

Identifying a remote system

Remote systems added to PowerProtect Data Manager for quick recovery can be identified using either a fully qualified domain
name (FQDN) or an IP address. If incorrectly identified, quick recovery fails with a certificate error.
If a remote system is already identified in the PowerProtect Data Manager certificate list, it must be added to PowerProtect
Data Manager for quick recovery with the same identification.
If you always use either FQDNs or IP addresses for all remote systems, do the same for quick recovery.
If a certificate entry for a remote system exists, you must use the same identification when adding it for quick recovery. If you
are unsure if a remote system you want to add for quick recovery is already in the PowerProtect Data Manager certificate list,
perform the following steps:
● Log in to the console as the root user.
● Type keytool -list -keystore.
● Review the output and look for a certificate entry that corresponds to either the FQDN or IP address of the remote system.

Add a remote system for quick recovery

Configure PowerProtect Data Manager to send metadata to another system to which you have replicated backups. Only the
Administrator role can add remote systems.

About this task

Metadata is automatically synchronized between local and remote systems every 30 minutes, so metadata might not appear on
the remote system immediately. If replication of the backups still needs to be performed, the entire process can take longer.

Steps

1. Click , select Disaster Recovery, and then click Remote Systems.

The Remote Systems tab opens and displays a table of configured remote PowerProtect Data Manager systems.
2. Click Add.
The Add Remote PowerProtect System window opens.
3. Complete the Name and FQDN/IP fields.
The Name field is a descriptive name to identify the remote system. To determine if you should enter the FQDN or IP
address of the remote system, see Identifying a remote system.
4. In the Port field, type the port number for the REST API on the remote system.
The default port number for the REST API is 8443.
5. From the Credentials field, select an existing set of credentials with the Administrator role from the list.
Alternatively, you can click Add Credentials from this list to add new credentials with the Administrator role. Provide a
descriptive name for the credentials, a username, and a password. Then, click Save to store the credentials.
6. Click Verify.
PowerProtect Data Manager contacts the remote system and obtains a security certificate for identity verification.
The Verify Certificate window opens to present the certificate details.
7. Review the certificate details and confirm each field against the expected value for the remote system. Then, click Accept
to store the certificate.
The Certificate field changes to VERIFIED and lists the server's identify.
8. Click Save.
PowerProtect Data Manager returns to the Remote Systems tab of the Disaster Recovery window. The configuration
change may take a moment to complete.
9. Click Cancel.
The Disaster Recovery window closes.

Preparing for and Recovering From a Disaster 129

10. Click , select Disaster Recovery, and then click Remote Systems.
The Remote Systems tab opens.
11. Verify that the table of remote systems contains the new PowerProtect Data Manager system.
12. Click Cancel.
The Disaster Recovery window closes.

Next steps
On the remote system:
● Wait for synchronization to complete by looking for the availability of the virtual machine.
● Enable the same asset sources that are enabled on the local system. For more information, see Enable an asset source.
Enabling an asset source on the remote system makes replicated backups of that type visible and accessible.
● Open the recovery view and verify that backups are visible and accessible. It is recommended that you perform a test
restore.

Edit a remote system

You can use the PowerProtect Data Manager user interface to change the descriptive name of the remote system, as well as
the REST API port number and credentials. You can also enable or disable synchronization with the remote system. Only the
Administrator role can edit remote systems.

Steps

1. Click , select Disaster Recovery, and then click Remote Systems.

The Remote Systems tab opens and displays a table of configured remote PowerProtect Data Manager systems.
2. Locate the row that corresponds to the appropriate remote system, and then select the checkbox for that row.
The PowerProtect Data Manager enables the Edit button.
3. Click Edit.
The Edit Remote PowerProtect System window opens.
4. Modify the appropriate parameters, and then click Save.
To enable or disable synchronization, select or deselect Enable sync. If you change the port number, you may need to
re-verify the remote system security certificate.
PowerProtect Data Manager returns to the Remote Systems tab of the Disaster Recovery window. The configuration
change may take a moment to complete.
5. Click Cancel.
The Disaster Recovery window closes.

Quick recovery remote view

Use the remote view to work with replicated copies on the remote system after the local system is no longer available. For
example, to restore critical assets before you are able to restore the local system.

On the remote system, log in as a user with the Administrator role. The remote server displays on the banner.

Click and select Remote Systems. PowerProtect Data Manager displays a drop-down that contains the name of the local
system and any connected systems. Each entry has the identifying suffix (Local) or (Remote).
Select the local system from which you have replicated backups. PowerProtect Data Manager opens the remote view and
presents a subset of the regular UI navigation tools:
● Restore
○ Assets— Shows replicated copies.
○ Running Sessions— Allows you to manage and monitor Instant Access sessions.
● Alerts— Shows alert information in a table, including audit logs.
● Jobs— Shows the status of any running restore jobs.

130 Preparing for and Recovering From a Disaster

Each tool has the same function as on the local system. However, since the remote view is intended only for restore operations,
the scope is limited to the replicated copies from the local system. While in remote view, a banner identifies the selected
system.
NOTE: For virtual machines, the quick recovery restore workflow does not include the Restore VM Tags option to restore
vCenter tags and categories from the backup.
Use Restore > Assets to locate copies. The instructions for restoring each type of asset provide more information about
restore operations.
When the recovery is complete, click Remote Systems and select the name of the local system to exit remote view.

Troubleshooting failed quick-recovery jobs

The following section provides troubleshooting information for when a quick-recovery job fails.

Quick-recovery jobs are not occurring

You might notice that expected quick-recovery jobs are not occurring.
If you review the sync.log file, you see entries similar to the following:

2022-07-14T00:10:03.235Z ERROR [] [scheduling-1] [][][][][]

[c.e.b.s.e.r.i.ServerRestClient.checkHttpStatus(441)][441 ] - Return code = 401
UNAUTHORIZED, expected = 200 OK
2022-07-14T00:10:03.236Z ERROR [] [scheduling-1] [][][][][]
[c.e.b.s.c.s.i.SyncHandshakeServiceImpl.syncHandshake(133)][133 ] - Failed to perform
handshake, version check failed.
com.emc.brs.sync.external.remote.VersionCheckResponseException: 500
INTERNAL_SERVER_ERROR "Unexpected error occured during version check."; nested exception
is com.emc.brs.sync.external.remote.RemoteRestException: Incorrect credentials.
2022-07-14T00:10:03.236Z ERROR [] [scheduling-1] [][][][][]
[c.e.b.s.c.s.i.SyncInstanceServiceImpl.syncHandshake(236)][236 ] - Failed to handshake
with the remote system: com.emc.brs.sync.model.SyncInstance

This error indicates that the password on the remote PowerProtect Data Manager system has changed.
To resolve this issue, change the credentials that are used for the remote PowerProtect Data Manager system.

Overview of PowerProtect Data Manager Cloud

Disaster Recovery
The Cloud Disaster Recovery (DR) feature enables you to utilize a cloud DR site by deploying the Cloud DR Server in the public
cloud. You can use the PowerProtect Data Manager UI for the purpose of running VM protection and DR workflows in the cloud.
Examples of Cloud DR workflows include the following:
● Cloud DR site copy management—Set the Cloud DR site by creating a VM protection policy in the PowerProtect Data
Manager UI.
● VM copy failover validation—Before a disaster occurs, you can validate the failover of a VM copy to the cloud within
PowerProtect Data Manager by running a DR test and then monitoring the test progress.
● Fail over a production VM—You can fail over a production virtual machine within PowerProtect Data Manager by running
a DR failover operation and then verifying that the restored VM appears within Amazon Web Services (AWS) or Microsoft
Azure cloud.
● Restore a production VM—You can restore virtual machines from copies that are stored in the cloud account (Amazon Web
Services (AWS) or Microsoft Azure cloud) directly to vCenter. Restore operations are performed on one virtual machine at a
time. You must manually select the target vCenter server.
The PowerProtect Data Manager Cloud Disaster Recovery Administration and User Guide provides more information about
Cloud DR workflows within PowerProtect Data Manager.

Preparing for and Recovering From a Disaster 131

9
Managing Alerts, Jobs, and Tasks
Topics:
• Configure Alert Notifications
• View and manage alerts
• View and manage audit logs
• Monitoring jobs and tasks
• Restart a job or task manually
• Restart a job or task automatically
• Resume misfire jobs after a PowerProtect Data Manager update
• Cancel a job or task
• Exporting logs
• Limitations for alerts, jobs, and tasks

Configure Alert Notifications

The Alert Notifications window of the PowerProtect Data Manager UI enables you to configure email notifications for
PowerProtect Data Manager alerts.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Alerts, and then select the Alert Notifications tab.
The Alert Notifications window appears with a table that displays the details for existing notifications.
2. Click Add.
The Add Alert Notification dialog appears.
NOTE: The Add button is disabled until you set up the email server. To add an alert notification, set up the email server
in System Settings > Support > Email Setup. Set up the email server provides more information.

3. In the Name field, type name of the individual or group who will receive the notification email.
4. In the Email field:
a. Specify the email address or alias to receive notifications. This field is required in order to create an alert notification.
Separate multiple entries with a comma.
b. Click Test Email to ensure that a valid SMTP configuration exists.
5. From the Category list, select one of the following notification categories:
● All
● Agent
● Application Host Configuration
● Cloud Tier
● Compliance
● Discover
● Export Application Log
● License
● NAS Server Disaster Recovery
● Protection
● Protection Copy
● Protection Infrastructure
● Protection Policy
● Protection Rule
● Protection Source

132 Managing Alerts, Jobs, and Tasks

● Push Update
● Replication
● Reporting
● Restore
● Security
● Self Service
● Server Disaster Recovery
● System
6. From the Severity list, select one of the following notification severities:
● All
● Critical
● Warning
● Information
7. In the Duration field, specify how often the notification email will be sent out. For example, you can set the duration to 60
minutes in order to send out a notification email every 60 minutes. If you set the duration to 0, PowerProtect Data Manager
does not send out an email notification.
8. In the Subject field, optionally type the subject that you would like to attach to the notification email.
9. Click Save to save your changes and exit the dialog.

Results
The Alert Notifications window updates with the new alert notification. At any time, you can Edit, Delete, or Disable the
notification by selecting the entry in the table and using the buttons in this window.

View and manage alerts

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Alerts.

The number that appears next to is the total number of unacknowledged critical alerts over the last 24 hours.

The Alerts window displays.

2. Select the System tab. A table with an entry for each applicable alert displays.
By default, only unacknowledged critical alerts from the last 24 hours display, unless you selected to view all

unacknowledged alerts from the links under .

Managing Alerts, Jobs, and Tasks 133

7. To acknowledge one or more alerts, select the alerts and then click Acknowledge.
8. To add or edit a note for the alert, click Add/Edit Note, and when finished, click Save.
9. To export a report of alert information to a .csv file which you can download for Excel, click Export All.

NOTE: If you apply any filters in the table, exported alerts include only those alerts that satisfy the filter conditions.

View and manage audit logs

Audit logs enable you to view specific information about jobs that are initiated in PowerProtect Data Manager so that you
can determine compliance to service level objectives. You can access the audit logs from the Administration > Audit Logs
window.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Administration > Audit Logs.
The Audit Logs window displays audit information in a table.
2. (Optional) Sort and filter audit information:

● To filter audits by Audit Type, Changed By, or Object Changed, click .

● To sort audits by Changed At, Audit Type, Changed By, or Object Changed, click a column heading.
● To filter audits based on a search string, type a keyword in the Search field.

3. To view more details about a specific entry, click next to the entry in the table.
● Review the information for the audit log.
● Audit logs display time values in the time zone used by the web browser.
● Optionally, add a note for this audit log in the Notes field.
4. To export an audit log report to a .csv file which you can download as an Excel file, click Export All.

NOTE: If you apply any filters in the table, exported audit logs include only those logs that satisfy the filter conditions.

5. To change the retention period for audit logs, click Set Boundaries, select the number of days from the Days of Retention
menu, and then click Save.

Monitoring jobs and tasks

For jobs, the PowerProtect Data Manager UI provides three window views based on the job type — Protection Jobs, Asset
Jobs, and System Jobs. These windows allow you to monitor the status of data protection, system, and maintenance jobs, and
view details about failed, in progress, or recently completed jobs. To perform analysis or troubleshooting, you can view a detailed
log of a failed job or task, and also see any errors that occurred.
Use the filtering and sorting options in each window to find specific jobs or tasks, and to organize the information that you see.
Filter, group, and sort jobs provides more information. You can also view details for a job group in addition to individual jobs and
tasks:
● For protection and system jobs, when you click the job ID next to the job entry, the Job ID Summary window displays the
information for only this job group, job, or task.
● For asset jobs, when you select the row for the job in the table, a pane opens at the right of the window that displays
information for this asset job.
From these views, you can monitor the status of individual jobs and tasks in the Step Log tab, view job and task details in the
Details tab, and, if eligible, perform certain operations on jobs and tasks such as Restart or Cancel.
NOTE: The Jobs windows have been optimized for a screen resolution of at least 1920 x 1080, with 100% scaling. Display
issues might occur for smaller screens. Set your screen resolution to at least 1920 x 1080, with 100% scaling.

134 Managing Alerts, Jobs, and Tasks

Monitor and view jobs and assets
Use the Protection Jobs, Asset Jobs and System Jobs windows to monitor and view status information for PowerProtect
Data Manager operations.
Within these windows, you can export job records and asset activities by using the Export All functionality.

Protection jobs
To view protection jobs and job groups, from the PowerProtect Data Manager UI left navigation pane, select Jobs >
Protection Jobs.
The Protection Jobs window opens to display a list of protection jobs and job groups.
Protection jobs include:
● Cloud Tier
● Cloud Protect
● Consolidated Cloud Snapshot Manager jobs
NOTE: This job type does not apply to SAP HANA databases.
● Export Reuse
● Indexing
● Protect
● Replicate
● Restore
You can monitor and view detailed information for both centralized and self-service backup and restores of database application
assets.
NOTE: The Cancel and Retry options are not available for self-service jobs that are created by database application
agents.
For application assets, the Protect, Restore, and Replicate job types can be monitored at the host or individual asset level.
For all other asset types, the Protect and Replicate job types can be monitored at the host or individual asset level.

Asset jobs
The Asset Jobs window allows you to view all jobs for a specific asset or application agent host, and to view the history of
protection activities at the asset/agent host level.
To view information about assets for which jobs have been run, from the PowerProtect Data Manager UI left navigation pane,
select Jobs > Asset Jobs.
The Asset Jobs window opens to display a list of assets. For application agent assets, you can also view the associated host.
You can filter by asset/host name or by job type.
Examples of asset job types include:
● Application Host Configuration
● Cloud Copy Recover
● Cloud Disaster Recovery
● Cloud Protect
● Cloud Tier
● Config
● Delete
● Disaster Recovery
● Export Reuse
● Indexing
● Manage
● Notify
● Protect
● Push Update
● Replicate

Managing Alerts, Jobs, and Tasks 135

● Restore
● System
● Validate
NOTE: The PowerProtect Data Manager UI Dashboard additionally provides details for any successful, partially successful,
failed and canceled jobs at the asset/host level.

System jobs
To view system jobs and job groups, from the PowerProtect Data Manager UI left navigation pane, select Jobs > System Jobs.
The System Jobs window opens to display a list of system jobs and job groups.
System jobs include:
● Config
● Console
● Delete
● Disaster Recovery
● Cloud Disaster Recovery
● Cloud Copy Recovery
● Discovery
● Manage
● Notify
● System
● Validate
System jobs can be monitored at the job group or job level.

Job information
The main Protection Jobs and System Jobs windows lists basic job information.
The following information is available in the Protection Jobs and System Jobs windows.

Table 31. Job information

Column Description
Job ID The unique and searchable identifier for the job.
Status Indicates the current state of the job. A job can be in one of the following states:
● Success
● Completed with Exceptions
● Failed
● Canceled
● Unknown
● Skipped
● Running
● Queued
● Canceling
For jobs that do not have a Success status, a count of jobs is shown next to the status.

Description Description of the job.

Policy Name Name of the protection policy that started the job.
Assets Number of individual assets or tasks within the job group.
Job Type Type of protection job or system job.
Asset Type Type of asset.
Origin Specifies how the job was initiated:

136 Managing Alerts, Jobs, and Tasks

Table 31. Job information (continued)
Column Description
● Manual: The job was started on-demand. For example, Back Up Now.
● Retried: The initial job was unsuccessful or incomplete and has been restarted.
● Scheduled: The job was started automatically according to the schedule. For example, a
daily protection policy backup.
● Self Service: The job was started outside of PowerProtect Data Manager. For example, a
self-service application agent backup.
Start Time Date and time that the job is scheduled to begin.
End Time Date and time that this job completed.
This column is not shown by default. To see a complete list of filtering and sorting columns,
click .

Duration Overall duration of the job.

This column is not shown by default. To see a complete list of filtering and sorting columns,
click .

View details for protection jobs

In the Job ID Summary window for protection jobs, you can view details and status of specific jobs. For application protection
jobs, you can view details and status of specific jobs and assets. This information can be helpful when troubleshooting to
determine whether one or more assets caused a job to fail.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Jobs > Protection Jobs.
2. Click the job ID next to the job name.
The Job ID Summary window opens and lists all jobs as entries in the table.
You can filter, group, and sort the information that appears in the window. Filter, group, and sort jobs provides more
information.
The policy name, job type, and asset type appear at the top of the Job ID Summary window.
The overall job group metrics and details also appear, as shown in the following figure.

Figure 5. Job Metrics and Job Details

Managing Alerts, Jobs, and Tasks 137

The Job Metrics section displays the number of assets, the total size of the data transferred, and the overall duration of
the job group. For each of these categories, if the job has been run multiple times you can also view the changed statistics
since the last job. For example, the differences in the number of assets, the data transferred, and the time it took for the
job to complete. Note that the total duration of jobs within the job group is shorter than the duration indicated in the job
metrics. When you restart a protection job that is part of a completed job group, the duration that is indicated in the job
metrics does not include the time that is elapsed between when the job group completed and when the job was restarted. In
addition, it does not include the time that it takes for the retried job to run.
The Job Details section displays more specific information such as the job start and end time, the protection storage target,
the average data transfer rate, the amount of data changed since the last protection job, the average throughput, and the
rate of compression applied. Total Compression Factor and Reduction % are calculated based on the pre-compression
(actual size of the data) and post-compression bytes of the protection job. For example, the Total Compression Factor
is obtained by dividing the pre-compression bytes by the post-compression bytes. Both the pre-and-post compression
statistics are specified in the Details pane that appears to the right of the job when you click the icon.
NOTE: For restore jobs of Microsoft SQL Server databases, some fields are either not applicable or set to zero. Also, job
metrics and details do not display or might be incomplete for job groups that contain Oracle database assets.
Click Hide Summary to hide job metrics and details, or click Show Summary to view job metrics and details.
When you hover over a job, the Job ID Summary displays a message for the job to indicate its progress. Depending on the
job and if any issues are detected, one of the following statuses is shown:
● No reported issues—No issues affecting the job.
● Timeout issues—Timeout issues might be affecting the job.
● Connectivity issues—Network connectivity issues might be affecting the job.
● Stats stall issues—Progress for this job is stalled.
The Job ID Summary window provides summary data for specific jobs and assets in a table view. For grouped assets, the
host-level entry indicates the sum of the values of a given metric for every asset on the host.
The following table describes the columns that might appear in the window. Not all columns appear in the Job ID Summary
window of every asset type.

Table 32. Job ID Summary window details

Column Description

Details Click in the Details column to view job statistics and summary information.
Asset Name of the job for the asset.
Status Indicates the current state of the job. A job can be in one of the following states:
● Success
● Completed with Exceptions
● Failed
● Canceled
● Unknown
● Skipped
● Running
● Queued
● Canceling
Size Size of job for the asset.
Data Transferred Total data that is transferred to storage.
Reduction % Total reduction percentage of storage capacity for the job.
Start Time Date and time that the job is scheduled to begin.
End Time Date and time that this job completed.
Error Code If the job did not successfully complete, a numeric error code appears. To view a detailed
explanation, double-click the error code.
Host/Cluster/Group Name The hostname, cluster, or group name that is associated with the asset.

138 Managing Alerts, Jobs, and Tasks

Table 32. Job ID Summary window details (continued)
Column Description
Duration Overall duration of the job. This column only appears for Protect and Replicate job types
for application assets.
Asset Size Total size of the asset in bytes.
Data Compressed Capacity that is used after client compression of the data in bytes. This column only
appears for Protect and Replicate job types for application assets.
Download log Detailed log for an asset or task that you can export and download.

3. To view job details and summary information, click in the Details column next to the job, or expand the entry for the job
group by clicking .
For grouped assets, the Job ID Summary window lists the individual jobs for each asset within the job group.
The right pane appears and displays the following information about the job or task:
● Step Log—Displays a list of steps that have been completed or are in progress for the job or task, and indicates the
amount of time that was required to complete each step. If a job step is still active, the Step Log also provides a more
detailed description about what aspect of the step is being performed.
● Details—Displays statistics and summary information, such as the start time and end time, asset size, duration, and
additional details.
● Error—Displays error details for failed jobs.
● Canceled—Displays details for canceled jobs.
● Skipped—Displays details for skipped jobs.
● Unknown—Displays details for jobs with an unknown status.

View details for asset jobs

In the right pane of the Asset Jobs window, you can view details and status information for assets that have been included in
active, completed or failed PowerProtect Data Manager jobs. This information can be helpful when tracking the progress of a
job, or when troubleshooting to determine why the configuration or protection of a particular asset was unsuccessful.

About this task

If a job is in progress or has been performed for an asset within the last 45 days, the asset appears with a link in the
Infrastructure > Assets window. When clicked, this link opens the Jobs > Asset Jobs window.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Jobs > Asset Jobs.
By default, the table displays a list of assets for which jobs have been run in the last 24 hours.
The following table describes the asset job details that might appear, depending on which columns have been customized.

Table 33. Asset Jobs window details

Column Description
Asset Name of the asset in the protection job.
Host For application agent assets, the hostname that is associated with the asset.
Status Indicates the current state of the job. A job can be in one of the following states:
● Success
● Completed with Exceptions
● Failed
● Canceled
● Unknown
● Skipped
● % (indicating the progress of the job)

Managing Alerts, Jobs, and Tasks 139

Table 33. Asset Jobs window details (continued)
Column Description
● Queued
● Canceling
Policy Name The protection policy that contains this asset
Job Type Supported asset job types include Config, Protect, Replicate, Restore, and Cloud Tier
Asset Type Indicates the specific type of asset. For example, VMware Virtual Machine.
Start Time Date and time that the job is scheduled to begin.
Duration Overall duration of the job.
Details Select the row of the asset to open the Details tab in the right pane, where you can view
statistics and summary information.
Step Log From the right pane, select the Step Log tab to view a list of steps that ave been
completed for the asset job, along with the amount of time that was required to complete
each step.
Errors If the job did not complete successfully, select the row of the asset to open the Errors tab
in the right pane, where you can view any errors along with a numeric error code.
2. Optionally, customize the asset jobs that display:
a. Select a different time period or specify a time range by clicking the Start Time box.
b. Use the filter in each column to display only assets that match the search criteria.
c. Click a status in the window's summary information to view only assets with a particular job status.
d. Sort the information by clicking the up and down arrows within each column.
When the view is customized, the time range, search filter and status filter persist in the PowerProtect Data Manager UI
until the filters are cleared. Filter, group, and sort jobs provides more information.
3. Select the row of the asset job.

A pane displays to the right of the window, as shown in the following figure. At any time, click at the top of the pane to
hide or show the details. This pane displays the following tabs:
● Step Log—Displays a list of steps that have been completed or are in progress for the asset job, and indicates the
amount of time that was required to complete each step. If a job step is still active, the Step Log also provides a more
detailed description about what aspect of the step is being performed.
NOTE: The Step Log and description only displays for jobs related to backup, restore, and disaster recovery
operations.
● Details—Displays statistics and summary information, such as the start time and end time, asset size, duration, and
additional details.
● Error—Displays any errors that occurred if the asset job failed or completed with exceptions

140 Managing Alerts, Jobs, and Tasks

Figure 6. Asset details, step log, and errors

4. If the job failed, was canceled, or completed with exceptions, and is eligible for restarting, select the radio button next to the
asset and click Restart.
5. To export the step log for an asset job, select the radio button next to the asset job and click Export Log, or click Export
All to create a .csv file for all asset jobs.

View details for system jobs and tasks

In the Job ID Summary window for system jobs, you can view details and status of specific jobs and tasks. This information can
be helpful when troubleshooting to determine whether one or more jobs or tasks caused a job to fail.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Jobs > System Jobs.
2. Click the job ID next to the job name.
The Job ID Summary window opens to display a list of all system jobs or tasks.
You can filter, group, and sort the information that appears in the window. Filter, group, and sort jobs provides more
information.
For jobs and tasks, a table appears at the bottom of the window. The success or failure of individual tasks is indicated in the
Status column. If a failed job or task requires action, a status of Critical appears.
You can view job status and summary information for scheduled discovery of application assets and application systems.
If a discovery job fails, PowerProtect Data Manager displays error details and steps to resolve the issue. An alert is also
generated in the Alerts window.
When you hover over a job or task, the Job ID Summary displays a message for the job to indicate its progress. Depending
on the job and if any issues are detected, one of the following statuses is shown:
● No reported issues—No issues affecting the job.
● Timeout issues—Timeout issues might be affecting the job.
● Connectivity issues—Network connectivity issues might be affecting the job.
● Stats stall issues—Progress for this job is stalled.
The Job ID Summary window provides summary data for specific jobs and tasks in a table view. The following table
describes the columns that might appear in the window. Not all columns will appear in the Job ID Summary window of
every asset type.

Managing Alerts, Jobs, and Tasks 141

Table 34. Job ID Summary window details
Column Description

Details Click in the Details column to view job or task statistics and summary information.
Task Name Name of the task.
Status Indicates the current state of the job or task. A job or task can be in one of the following
states:
● Success
● Completed with Exceptions
● Failed
● Canceled
● Unknown
● Skipped
● Running
● Queued
● Canceling
Asset Name of the asset.
Start Time Date and time that the job or task is scheduled to begin.
Duration Overall duration of the job or task.
Data Transferred Total data that is transferred to storage.

3. To view job or task details and summary information, click in the Details column next to the individual job or task.
The right pane appears and displays the following information about the job or task:

● Step Log—Displays a list of steps that have been completed or are in progress for the job or task, and indicates the
amount of time that was required to complete each step. If a job step is still active, the Step Log also provides a more
detailed description about what aspect of the step is being performed.
NOTE: The Step Log and description only displays for jobs related to backup, restore, and disaster recovery
operations.
● Details—Displays statistics and summary information, such as the start time and end time, asset size, duration, and
additional details.
● Error—Displays error details for failed jobs.
● Canceled—Displays details for canceled jobs.
● Skipped—Displays details for skipped jobs.
● Unknown—Displays details for jobs with an unknown status.

Filter, group, and sort jobs

The Protection Jobs, Asset Jobs, and System Jobs windows provide options to filter, group, and sort the information that
appears.

Filter jobs by status

Use the quick filters at the top of the window to filter jobs by status. By default, all jobs are shown regardless of status. To
display only jobs with a specific status, at the top of the window, select one of the following options:
● Failed
● Completed with Exceptions
● Success
● Canceled
● In Progress
In Progress jobs include Running, Queued, and Canceling jobs.

142 Managing Alerts, Jobs, and Tasks

When you select a quick filter to filter jobs by a certain status, the window displays the filter above the table. To stop filtering by
the selected status, click x.

Filter jobs by start time

Use the Start Time filter to display jobs that started in a specified period. Jobs are retained for a maximum of 45 days. Select
from one of the following options:
● All jobs
● Last 24 hours
● Last 3 days
● Last 7 days
● Last 30 days
● Specific date
● Custom date range

Group jobs
In the Protection Jobs and System Jobs windows, select a job to display its Job ID Summary window. The Group by
feature in the Job ID Summary window provides options to group assets within a protection job.
The following asset types support the Group by feature:
● Microsoft SQL Server databases
● Microsoft Exchange Server databases
● Oracle databases
● File Systems
● SAP HANA databases
● Kubernetes clusters
● Network-attached storage (NAS) shares
● VMware Virtual Machines
To group assets in a protection job, in the Job ID Summary window for the job, select an option from the Group By drop-down
list. To display all assets, select Group by > None. For example, to group virtual machine assets by ESX host, click Group by >
ESX Host.
The following table lists the available Group by options:

Table 35. Group by options

Asset type Options
Microsoft SQL Server database SQL Host
SQL Instance
Oracle database Oracle Host
Oracle Instance
File System File System Host
File System Host OS
Microsoft Exchange Server database Exchange Host
SAP HANA database SAP HANA Host
Kubernetes Kubernetes Cluster
Kubernetes Namespace
NAS NAS Server
NAS Appliance
VMware Virtual Machine Datastore

Managing Alerts, Jobs, and Tasks 143

Table 35. Group by options (continued)
Asset type Options
ESX Host
Virtual Datacenter
VM Guest OS
VMware Cluster

NOTE: Currently, the Group by filter is only available for the Protect job types.

Search filter
Use the Search field to filter jobs based on a search string. When you type a keyword in the Search field, the PowerProtect
Data Manager UI filters the results as you type. To clear the search filter, remove all keywords from the Search field.

Filter and sort information in tables

You can filter and sort the information that appears in table columns. Click in the column heading to filter the information in
a table column, or click a table column heading to sort that column.

To see a complete list of filtering and sorting columns, click . Depending on the type of job, the available filtering and sorting
columns might differ.
The following filtering and sorting options are available for jobs and tasks:

Table 36. Protection, Asset ,and System Jobs windows

Filtering options Sorting options
Filter jobs or tasks by Job ID, Status, Description, Policy Sort jobs or tasks by Job ID, Description, Policy Name, Job
Name, Job Type, End Time, and Asset Type. Type, Asset Type, Start Time, and End Time.

Table 37. Job ID Summary window for protection jobs

Filtering options Sorting options

Filter jobs by Asset, Status, Error Code, Start Time, or Sort jobs by Asset, Status, Error Code, Size, Data
End Time. Transferred, Reduction %, Start Time, End Time, or
For application assets, you can also filter jobs by Host/ Duration.
Cluster/Group Name. For application assets, you can also sort jobs by Host/
Cluster/Group Name.
NOTE: For application assets, these options are only
available when you select Group by > None. NOTE: For application assets, these options are only
available when you select Group by > None.

Table 38. Job ID Summary window for system jobs

Filtering options Sorting options
Filter jobs or tasks by Task Name, Status, Asset, or Start Sort jobs or tasks by Task Name, Status, Asset, Start
Time. Time, Duration, or Data Transferred.

144 Managing Alerts, Jobs, and Tasks

Restart a job or task manually
You can manually restart a failed virtual machine backup.

About this task

When you click Restart, the job or task restarts immediately, regardless of the scheduled activity window.
Note the following:
● If a policy with both protection and Cloud Data Recovery objectives fails, the Cloud Data Recovery job is canceled and
cannot be restarted.
● Cloud Snapshot Manager jobs cannot be restarted.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Jobs > Protection Jobs, Jobs > Asset Jobs, or
Jobs > System Jobs.
The window displays all completed and running jobs.
2. To restart a failed job or job group, select the failed job or job group from the list, and then click Restart. If the job is
ineligible for restart, the button will be grayed out.
3. To restart a failed system or protection job or task from the Job ID Summary window:
a. Click the job ID next to the name of the job or job group.
The Job ID Summary window opens to display a list of all jobs or tasks.
b. Select the job or task from the list, and then click Restart.

Results
After the job or task has been restarted, the status indicates Running or Queued.
NOTE: When you restart a protection job that is part of a completed job group, the duration indicated in the Job Metrics
includes the time that elapsed between when the job group completed and when the job was restarted, in addition to the
time it takes for the retried job to run.

Restart a job or task automatically

If a backup job fails or one of the tasks within the job fails, you can enable automatic restart of the failure by configuring auto
retry in the entrypoint.sh file. Auto retry can be useful in situations where the failure is due to an intermittent issue, such as
a network or service interruption.

Prerequisites
In PowerProtect Data Manager, some services that are required for auto retry, such as the workflow service, have been moved
into a docker container. In order to enable auto retry, ensure that the workflow service is running in a docker.

About this task

Auto retry is only supported for daily, weekly, or monthly schedules for virtual machine and File System agent protection
operations.

Steps
1. Log in to the PowerProtect Data Manager server by using SSH.
2. Copy the entrypoint.sh file from the workflow container by typing the following:
docker cp workflow:/workflow/bin/entrypoint.sh .
3. Configure auto retry by adding a line to entrypoint.sh:
a. Type vi entrypoint.sh
b. Before the last line in the output, add the following:
-Denable.auto.retry.scheduler=true \

Managing Alerts, Jobs, and Tasks 145

NOTE: Auto retry is disabled by default. After adding this line, if you want to disable this setting at any point, change
the entry to -Denable.auto.retry.scheduler=false \

4. Optionally, add the following application properties to the file to specify a maximum number of auto retries and a time
interval at which subsequent auto retry attempts will occur:
-Dfailed.job.retry.max.count=2 \
-Dfailed.job.retry.interval=PT30M \
NOTE: The values specified above are the recommended default values. Auto retries will only occur during the activity
window. If you perform a manual retry in the PowerProtect Data Manager UI, this retry will not count towards the auto
retry max count.

For the interval duration, the value must be specified in ISO-8601 format.

5. Save the entrypoint.sh file to the workflow container by typing the following:
docker cp entrypoint.sh workflow:/workflow/bin/
6. Restart the workflow service by using one of the following methods:
● Type docker container restart workflow
NOTE: For the configuration to be applied successfully using this method, you can only restart the container. If you
restart your workflow service or your PowerProtect Data Manager operating system, the configuration will be lost.
● Type the following to save the docker image and restart the workflow service. For example:
docker commit workflow dpd/ppdm/ppdmc-workflow:PowerProtect Data Manager version
workflow restart
where PowerProtect Data Manager version is the PowerProtect Data Manager version that is deployed on your system.
You can use this method to permanently apply the configuration change after restoring the docker image.

Results
After configuration, the workflow service is scheduled to run every 30 minutes to determine if any jobs or tasks have failed. If
a restart occurs, the status indicates Running or Queued. To view whether a failed job or task has restarted, go to the Jobs
window in the PowerProtect Data Manager UI and select Running or Queued.

Resume misfire jobs after a PowerProtect Data

Manager update
During an update, the PowerProtect Data Manager system enters maintenance mode. Any job that is not in queue and is
scheduled to run during the time that the PowerProtect Data Manager system is in maintenance mode will be missed. These
missed jobs are known as misfires. As of this release, PowerProtect Data Manager uses the Quartz Scheduler to resume
scheduled workflows when the service recovers or when the schedule resumes.

About this task

The trigger and firing data of jobs are stored in a database application. If the schedule service is down, such as during an update,
the Quartz Scheduler recovers this data and resumes the jobs when the PowerProtect Data Manager system is operational
again.

NOTE: In the current release, this feature is enabled by default.

You can enable or disable the misfire feature by configuring the entrypoint.sh file.

Steps
1. Log in to the PowerProtect Data Manager server by using SSH.
2. Copy the entrypoint.sh file from the scheduler container by typing the following:
docker cp scheduler:/scheduler/bin/entrypoint.sh .
3. Configure the misfire conditions in the entrypoint.sh file:

146 Managing Alerts, Jobs, and Tasks

NOTE: Before the last line in the output, -jar /${APP_NAME}/lib/scheduler-core.jar), add the lines for
each misfire condition.

a. To enable misfire and trigger each job once, add the following properties and corresponding values:
-Dspring.quartz.properties.misfire.cron.strategy=WITH_MISFIRE_HANDLING_INSTRUCTION_FIR
E_AND_PROCEED \

NOTE: This condition is enabled by default.

-Dspring.quartz.properties.misfire.calendar.strategy=WITH_MISFIRE_HANDLING_INSTRUCTION
_FIRE_AND_PROCEED \

b. To enable misfire and trigger each job as many times as misfire happens, add the following properties and corresponding
values:
-Dspring.quartz.properties.misfire.cron.strategy=WITH_MISFIRE_HANDLING_INSTRUCTION_IGN
ORE_MISFIRES \
-Dspring.quartz.properties.misfire.calendar.strategy=WITH_MISFIRE_HANDLING_INSTRUCTION
_IGNORE_MISFIRES \

c. To disable misfire, add the following properties and corresponding values:

-Dspring.quartz.properties.misfire.cron.strategy=WITH_MISFIRE_HANDLING_INSTRUCTION_DO_
NOTHING \
-Dspring.quartz.properties.misfire.calendar.strategy=WITH_MISFIRE_HANDLING_INSTRUCTION
_DO_NOTHING \

4. Save the entrypoint.sh file to the scheduler container by typing the following:
docker cp entrypoint.sh scheduler:/scheduler/bin/
5. Restart the scheduler service by using one of the following methods:
● Type docker container restart scheduler
NOTE: For the configuration to be applied successfully using this method, you can only restart the container. If you
restart your scheduler service or your PowerProtect Data Manager operating system, the configuration will be lost.
● Type the following to save the docker image and restart the scheduler service:
docker commit scheduler dpd/ppdm/ppdmc-scheduler:PowerProtect Data Manager version
scheduler restart
where PowerProtect Data Manager version is the PowerProtect Data Manager version that is deployed on your system.
You can use this method to permanently apply the configuration change after restoring the docker image.
NOTE: Ensure that the PowerProtect Data Manager version specified in the commit command matches the
PowerProtect Data Manager version that is deployed on your system.

Cancel a job or task

From the PowerProtect Data Manager UI, you can cancel a backup or restore that is still in progress, or any asset protection
and replication activities when the tasks are queued.

About this task

NOTE: The Cancel operation is available for the following supported jobs and tasks only:
● Backup and restore of:
○ Virtual machine assets
○ Kubernetes assets
○ NAS assets
○ File System assets
○ Microsoft SQL Server assets
○ Block volume assets

Managing Alerts, Jobs, and Tasks 147

○ Server DR
○ Cloud DR
● Backup (only) of:
○ Microsoft Exchange Server assets
○ Oracle assets
○ SAP HANA assets
○ Transaction logs of application-aware asset backups
● Replication
● Compliance
○ Copy deletion
○ Compliance verification
○ Auto promotion to full backup
○ Cleaning MTree or deleting user
○ On-demand update retention
● Support
○ Communication of telemetry data
○ Export of job and job group logs
○ Adding log bundles

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Jobs > Protection Jobs, Jobs > Asset Jobs, or
Jobs > System Jobs.
The relevant Jobs window appears, displaying all completed and running jobs.
2. To cancel a job or job group, select a job or job group that is in-progress, and then click Cancel.
NOTE: If a job is almost complete, the cancellation might fail. If the cancellation fails, a message displays indicating that
the job cannot be canceled.

The window displays the status of the canceled job or job group. If the cancellation is successful, then the status eventually
changes to Canceled. If the cancellation is not successful, then the status might indicate either Success or Critical.
3. For protection and system jobs, to cancel an individual job or task from the Job ID Summary window:
a. Click the job ID next to the name of the job or job group.
The Job ID Summary window opens to display a list of all jobs or tasks.
b. Select a job or task that is in-progress, and then click Cancel.
NOTE: If a job or task is almost complete, the cancellation might fail. If the cancellation fails, a message displays
indicating that the task cannot be canceled.

c. Click Close.
The Job ID Summary window displays the status of the canceled job or task. If the cancellation is successful, then the
status eventually changes to Canceled. If the cancellation is not successful, then the status might indicate either Success
or Critical.

Exporting logs
The PowerProtect Data Manager UI enables you to export and download a detailed log of a job, asset, or task to perform
analysis or troubleshooting.
You can export and download a log for a job, asset, or task with any status. After you export a log, you can download it by
clicking .

148 Managing Alerts, Jobs, and Tasks

Export logs for jobs
You can export and download a log for a protection job or system job by using the PowerProtect Data Manager UI.

About this task

PowerProtect Data Manager restricts the log export function in the following situations:
● The job is from a different PowerProtect Data Manager tenant.
● The job supports exporting an external log at the current stage for the following asset sources:
○ Virtual machines
○ Kubernetes
○ Microsoft SQL Server
○ Microsoft Exchange Server
○ File Systems
○ Oracle
○ SAP HANA
○ Network-attached storage (NAS)
In these situations, create a log bundle instead. In the PowerProtect Data Manager UI, select Settings > Support > Logs to
add a log bundle.

Hover over next to the asset or task in the Download Log column to display the progress. When the log export is
complete, you can download the log.

3. Click next to the ID for the job to download the exported log.

Export logs for assets or tasks

You can export and download a log for an individual asset or task.

Steps
1. From the PowerProtect Data Manager UI left navigation pane, select Jobs > Asset Jobs.
The Asset Jobs window appears.
2. Select the row of the asset, and then click Export Log.

Hover over next to the asset or task in the Download Log column to display the progress. When the log export is
complete, you can download the log.

3. Click in the Download Log column to download the exported log.

Managing Alerts, Jobs, and Tasks 149

Limitations for alerts, jobs, and tasks
Review the following limitations that are related to alerts, jobs, and tasks.

For in-progress jobs, the details pane displays the "Error" tab and indicates
"Failed"
When you open the Details pane for in-progress jobs, the Error tab appears and incorrectly indicates Failed in the error details.
Workaround
Ignore the Error tab for in-progress jobs.

Self-service jobs are not showing on PowerProtect Data Manager

Protection Jobs window after recreating lockbox entry
On both Windows and Linux, self-service jobs do not appear on PowerProtect Data Manager Protection Jobs window after
recreating a lockbox entry.
Workaround
Restart the agent service or change the system time (+24 hrs).

The history of viewable backup jobs is limited to the 10,000 most recent
If viewing a history of backup jobs and trying to move to a page in the interface that would show the 10,000th or earlier backup
job, the following error is seen:

error: 416: "The query will return too many results."

Workaround
To view earlier backup jobs, use a filter that includes the earlier backup jobs but limits the number of entries to less than 10,000.

Total protection jobs count on the PowerProtect Data Manager dashboard

does not include skipped jobs
The Total Jobs count shown in the Jobs | Protection widget on the dashboard does not include skipped jobs. As a result, this
count does not reflect the total count of protection jobs that is shown in the Protection Jobs window.

150 Managing Alerts, Jobs, and Tasks

10
Modifying the System Settings
Topics:
• System settings
• Modifying the PowerProtect Data Manager virtual machine disk settings
• Configure the DD system
• Virtual networks (VLANs)
• Syslog server disaster recovery
• Troubleshooting the syslog connection

System settings
You can use the PowerProtect Data Manager UI to modify system settings that are typically configured during PowerProtect
Data Manager deployment.

To access System Settings, click .

Modify the network settings

Perform the following steps if you want to change the hostname or IP address of the PowerProtect Data Manager server, or
modify other network settings such as the subnet mask, gateway, or DNS servers.

About this task

CAUTION: Changing the hostname or IP address of the PowerProtect Data Manager server can require further
actions to ensure the continued operation of external components. For more information, see Changing the
hostname or IP address.

Steps

1. From the PowerProtect Data Manager UI, click , and then click Default Network.
2. Update the following fields as necessary:
● Hostname
● Primary DNS
● Secondary DNS
3. In the Configuration Details pane, click Edit, and then update the following fields for the IP address as necessary:
● IP Address
● Subnet Mask
● Gateway
4. Click Save.

Modifying the System Settings 151

Changing the hostname or IP address
Changing the hostname or IP address of the PowerProtect Data Manager server can affect registered application hosts and VM
Direct Engines.
If the PowerProtect Data Manager IP address has changed and you are using the File System agent or an application agent, you
must reregister the agent host with PowerProtect Data Manager using the new IP address. Follow the steps documented in the
appropriate agent user guide for reregistering the agent after a PowerProtect Data Manager IP address change.
If a VM Direct Engine is deployed for VMware virtual machine, Tanzu Kubernetes, or NAS protection, redeploy the protection
engine. The PowerProtect Data Manager Virtual Machine User Guide provides instructions.

Modify the DNS search domain

Perform the following steps if you want to change the DNS search domain of the PowerProtect Data Manager server.

About this task

PowerProtect Data Manager automatically configures a search domain that is based on the domain name of the server. For
example, if the FQDN of PowerProtect Data Manager is ppdm.subdomain.domain.com, the search domain is configured as
subdomain.domain.com. This value can be modified, and more than one search domain can be used.

Steps
1. Use ssh to log in to PowerProtect Data Manager.
2. Run the following commands:

cd /usr/local/brs/puppet/scripts
./search_domains.sh

3. Follow the prompts to provide the new search domain information.

The following example adds the search domain domain2.com to the existing search domain subdomain.domain.com:

Setting search domains.

Current search domains: subdomain.domain.com
Change search domains to: subdomain.domain.com domain2.com
Applying search domains to [subdomain.domain.com domain2.com], input root password to
continue
[sudo] password for root:
New search domains: subdomain.domain.com domain2.com

Synchronizing the time between PowerProtect Data Manager and

other systems
The PowerProtect Data Manager system time is synchronized with the ESXi host system.
The PowerProtect Data Manager system time must match those of the systems it interfaces with or compliance checks fail. It is
recommended that all systems be configured to use an NTP server.
NOTE: Times displayed in the UI can use the time zone of each web browser or use a configurable time zone that applies to
all access regardless of the local time zone. The PowerProtect Data Manager system might be in a different time zone than
that displayed by the UI. All log-file entries display time values in UTC except those entries that are related to client browser
connections, which use the server time zone, and audit-log entries, which use the browser time zone.

Modify the user-interface time zone, system time zone, and NTP
server
Use this procedure to modify the time zones and NTP server.

152 Modifying the System Settings

Steps

1. From the PowerProtect Data Manager UI, click , and then click Time Zone.
2. From the User Interface Time Zone list, select the applicable user-interface time zone. If a specific time zone is set
instead of using that of the web browser, that time zone overrides the time zone used by the web browser when displaying
information in the user interface.
3. From the Server Time Zone list, select the applicable time zone used by PowerProtect Data Manager. This time zone is
used in component communication.
4. (Optional) To modify the NTP server:
a. Click .
b. In NTP Servers, provide the hostname or IP address of an NTP server.
5. Click Save.

Encryption in-flight
Using Transport Layer Security (TLS), you can encrypt backup or restore data that is in transit for centralized and self-service
operations with DD Boost encryption. Encryption in-flight is available for agent host assets, Kubernetes cluster assets, Network-
attached storage (NAS) assets, PowerStore block volume assets, and VMware virtual machine assets only.
By default, PowerProtect Data Manager supports an encryption strength of HIGH and uses DD Boost anonymous authentication
mode. The DD Boost encryption software uses the ADH-AES256-SHA cipher suite. The DD Boost for OpenStorage
Administration Guide provides more information about the cipher suite for high encryption.
Encryption in-flight is enabled for new installations. You can enable or disable encryption in-flight in the PowerProtect Data
Manager UI. Enabling encryption in-flight is strongly recommended for all installations.
The following table lists the workloads and operations that support encryption in-flight:

NOTE: Refer to the agent user guides for more information about the supported centralized and self-service operations.

Table 39. Supported workloads

Workload Centralized backup Centralized restore Self-service backup Self-service restore
File System with Yes Yes (image-level Yes Yes (image-level restore
Application Direct restore only) only)
Kubernetes cluster Yes Yes N/A Yes (from the most recent
backup)
Microsoft SQL Server Yes Yes (database-level Yes Yes (database-level restore
with Application Direct restore only) only)
Microsoft Exchange Yes N/A Yes Yes
Server with
Application Direct
NAS Yes Yes N/A N/A
Oracle with Yes N/A Yes Yes
Application Direct
SAP HANA with Yes N/A Yes Yes
Application Direct
Virtual machines Yes Yes N/A N/A
PowerStore Yes Yes N/A N/A

Enabling encryption in-flight imposes additional overhead. Backup and restore performance for any client could be affected by
5-20%.
PowerProtect Data Manager supports encryption in-flight for all supported DD Boost and DDOS versions. The most up-to-date
software compatibility information for PowerProtect Data Manager is provided by the E-Lab Navigator.
NOTE: You do not need to enable in-flight encryption on connected DD systems. If DD encryption settings exist, the higher
setting takes precedence.

Modifying the System Settings 153

Enable backup and restore encryption
You can ensure that the backup and restore content is encrypted when read on the source, transmitted in encrypted form, and
then decrypted before it is saved on the destination.

Prerequisites
Review the information in Encryption in-flight to learn more about encryption in-flight.
The encryption settings determine if data transfers are encrypted during backup and restore operations.
● For File System, Microsoft Exchange Server, Oracle, SAP HANA, and Network Attached Storage (NAS) workloads, backup
and restore encryption is only supported for Application Direct hosts. For Microsoft SQL Server, backup and restore
encryption is supported for Application Direct and VM Direct hosts.
● When you add a new host to PowerProtect Data Manager, host configuration pushes the backup and restore encryption
settings to the host.
● Only hosts that have the same version of PowerProtect Data Manager application agents installed support the host
configuration.

Steps

1. From the PowerProtect Data Manager UI, click , and then select Security.
The Security dialog box appears.
2. Click the Backup/Restore Encryption switch so it is enabled, and then click Save.

Next steps
The Jobs > System Job window of the PowerProtect Data Manager UI creates a job to enable protection encryption. This
job pushes encryption in-flight settings to the hosts to be used for self-service operations. Within the system job, a host
configuration job is created for each host. If an error occurs, you can retry the system job or individual host configuration job.
NOTE: For centralized backup and restore operations, PowerProtect Data Manager sends the encryption in-flight settings
to the application agents on the Application Direct hosts and network-attached storage (NAS).
You can disable backup and restore encryption by clicking the Backup/Restore Encryption switch. PowerProtect Data
Manager creates a system job in the Jobs > System Job window to disable backup and restore encryption.

Enable replication encryption

You can use managed file replication (MFR) to ensure that replicated content is encrypted while in-flight to the destination
storage, and then decrypted before it is saved on the destination storage.

About this task

The encryption settings on both the source and destination systems must match for successful replication. If there is an
encryption mismatch and the source DD version is earlier than 7.10, then replication targets are unavailable in the UI. However,
if the source and replication targets are both version 7.10 or later, then MFR automatically chooses the most secure setting
based on the encryption settings of the source and destination DD systems. For example, if you enable replication encryption in
PowerProtect Data Manager, enable the setting on both the source and destination DD systems before you define replication
objectives. If you enable replication encryption after you initially define replication objectives, any replication jobs that were
initiated during the period when the source and destination encryption settings did not match fail.
MFR replication encryption and authentication
This setting applies to each replication connection independent of the global replication encryption setting configured for the
system.
The following table displays the settings configured for the system.

Table 40. Setting details

Source Destination Desired Connection Outcome

Enabled (anonymous) Disabled Enable Destination Authentication:

anonymous

154 Modifying the System Settings

Table 40. Setting details (continued)
Source Destination Desired Connection Outcome

Disabled Enabled(anonymous) Enable Source Authentication:

anonymous

Enabled (one-way) Disabled Enable Destination Authentication: one-

way*

Disabled Enabled(one-way) Enable Source Authentication: one-way*

Enabled (two-way) Disabled Enable Destination Authentication: two-

way*

Disabled Enabled(two-way) Enable Source Authentication: two-way*

Disabled Disabled Disabled

NOTE: For one-way and two-way authentication, the certificates must already be configured in the system. If the
certificates are not present, an error is logged.

Steps

1. From the PowerProtect Data Manager UI, click , and then select Security.
The Security dialog box appears.
2. Click the Replication Encryption switch so it is enabled, and then click Save.

Next steps
The Infrastructure > Storage window of the PowerProtect Data Manager UI displays the replication encryption setting for all
protection storage systems.
NOTE: For protection storage systems with DDOS version 6.2 and earlier installed, the status might display as Unknown.
DDOS version 6.3 and later support authentication mode. DDOS versions earlier than version 6.3 support only anonymous
authentication mode. PowerProtect Data Manager supports only anonymous and two-way authentication modes. Ensure
that both source and destination use the same authentication mode.
You can take additional steps on your PowerProtect Data Manager server to enable in-flight encryption on connected DD
systems by using DD System Manager, as described in the DDOS Administration Guide.

Additional considerations
Review the following additional considerations for encryption in-flight.
To validate that encryption is in use, you can check the status of existing connections on the DD system by running the
ddboost show connections command in the DD Boost CLI:
If a connection was established with encryption, the value in the Encrypted column is Yes.
If a client establishes a connection with encryption, and establishes another connection without encryption, the value in the
Encrypted column is Mixed. This circumstance might occur for one of the following reasons:
● Encryption settings that are defined on a per-client basis remain in place for a while after the client has disconnected. If the
client previously established a connection without encryption and then later established a connection with encryption, the
value shows as Mixed.
● Encryption settings are not specified for the DD Boost connections that are created on the application agent. The individual
agent user guides provide more information.
If encryption settings exist on the DD and are also enabled in PowerProtect Data Manager, the higher setting takes precedence.
As a result, the Encrypted column always shows Mixed or Yes.

Modifying the System Settings 155

Server monitoring with syslog
The syslog system logging feature collects system log messages and writes them to a designated log file. You can configure the
PowerProtect Data Manager server to send event information in syslog format.
PowerProtect Data Manager serves as a syslog client to send diagnostic and monitoring data to the syslog server. You can
access this data to perform audits, monitoring, and troubleshooting tasks.
The syslog server firewall is configured to receive data from PowerProtect Data Manager using the required ports listed in
the PowerProtect Data Manager Security Configuration Guide. If your syslog server uses a port that is not listed, open the
corresponding port on the PowerProtect Data Manager system.
Refer to the PowerProtect Data Manager Security Configuration Guide for the following information:
● Port usage
● Instructions for modifying firewall rules to add custom ports
It is recommended that you configure the PowerProtect Data Manager system to use an NTP server. NTP configuration is
required to synchronize the PowerProtect Data Manager system time with the syslog server.
The selected severity level applies to all selected components. You cannot apply independent severity levels to each component.
For example, selecting Critical forwards critical messages from all selected components. An exception is when you select OS
Kernel or PPDM Alert and Audit, the corresponding audit log is forwarded by default, regardless of the selected severity
level.
If no log messages are transmitted during a 24-hour period, PowerProtect Data Manager generates an alert to check the
PowerProtect Data Manager and syslog server connection to verify that there are no problems preventing the exchange of
messages.

Configure the syslog server

Use the following procedure to enable the syslog server, change the syslog server, change which events are forwarded, and
disable syslog forwarding.

Prerequisites
To use TLS for the syslog connection:
● Import the syslog server security certificate into PowerProtect Data Manager. The PowerProtect Data Manager Security
Configuration Guide provides instructions.
● By default, PowerProtect Data Manager uses anon authentication. If your syslog server uses another form of
authentication, contact Customer Support.

Steps

1. From the PowerProtect Data Manager UI, click , select Logs, and then click Syslog.
The Logs window opens to the Syslog page.
To enable syslog forwarding:
2. Move the Syslog Forwarding slider to the right to enable syslog forwarding.
3. Provide the following information:
● IP Address / FQDN—IP address or fully qualified domain name of the syslog server.
● Port—Port number for PowerProtect Data Manager and syslog server communications.
● Protocol—Protocol to use for communications (TLS, UDP, or TCP).
● Components—Syslog message components.
● Severity Level—Specify the scope of the messages to forward to the syslog server.
To change the syslog server:

4. From the PowerProtect Data Manager UI, click , select Logs, and then click Syslog.
The Logs window opens to the Syslog page.
5. Change the following syslog configuration details:
● IP Address / FQDN—IP address or fully qualified domain name of the syslog server.
● Port—Port number for PowerProtect Data Manager and syslog server communications.

156 Modifying the System Settings

● Protocol—Protocol to use for communications (TLS, UDP, or TCP).
To change which events are forwarded:

6. From the PowerProtect Data Manager UI, click , select Logs, and then click Syslog.
The Logs window opens to the Syslog page.
7. Change the Components and Severity Level.
To disable syslog forwarding:

8. From the PowerProtect Data Manager UI, click , select Logs, and then click Syslog.
The Logs window opens to the Syslog page.
9. Move the Syslog Forwarding slider to the left to disable syslog forwarding.
To apply the changes:
10. Click Save.

Next steps
Once the syslog configuration is complete, check the connection status. Go to System Settings > Logs > Syslog and verify
that the syslog server connection status indicates Connected. If the syslog server is not connected, the status indicates Not
Connected.

Additional system settings

Some system settings directly relate to the deployment and maintenance of PowerProtect Data Manager.
For detailed information about the following topics, see System Maintenance.
● Licensing PowerProtect Data Manager
● Specifying a PowerProtect Data Manager host

Modifying the PowerProtect Data Manager virtual

machine disk settings
You can expand the size of the data disk or system disk.
CAUTION: Only follow the steps in this section under the guidance and recommendations of Customer Support.

Modify the data disk size

Follow these steps to expand the size of the data disk.

Prerequisites
● The data disk has a single partition.
● The log partition is on the system disk

Steps
1. Perform the following steps from the vSphere Web Client:
a. Right-click the virtual machine and select Shut Down Guest OS.
b. After the power off completes, right-click the virtual machine and select Edit Settings.
The Edit Settings window appears with the Virtual Hardware button selected.
c. Increase the provisioned size of Hard disk 2 to the desired size, and then click OK.
NOTE: You cannot decrease the provisioned size of the disk.

d. Right-click the virtual machine and select Power On.

2. Perform the following steps from the system console, as the root user.

Modifying the System Settings 157

NOTE: If you use ssh to connect to the system console, log in with the admin account, and then use the su command
to change to the root account.

a. Restart the system by typing reboot.

b. On the GNU GRUB menu, press Esc to edit the GNU GRUB menu.
c. In the edit screen, search for the line that starts with Linux, and then add word single before the entry splash=0
The following figure provides an example of the edit screen with the updated text.

Figure 7. Editing the GNU GRUB menu

d. Press Ctrl-x to restart into single-user mode.

e. When prompted, type the password for the root account.
f. Unmount the data disk, by typing umount /data01.
g. Start the partition utility, by typing parted, and then perform the following tasks:
i. Type select /dev/sdb.
ii. Type print. If you are prompted to fix issues, type fix at each prompt. The output displays the new disk size in the
Size field and the current size in the table.
iii. Type resize 1 new_size. Where new_size is the value that appears in the Size field in the output of the print
command.

For example, to resize the disk to 700 GB, type: resize 1 752GB
iv. Type quit.
3. Restart the system by typing systemctl reboot.
4. Log in to the system console as the root user.
NOTE: If you use ssh protocol to connect to the system, log in with the admin account, and then use the su command
to change to the root account.

5. Grow the xfs file system by typing xfs_growfs -d /data01.

6. Confirm the new partition size by typing df -h.

158 Modifying the System Settings

Modify the system disk size
Follow these steps to expand the size of the system disk.

Prerequisites
The log partition is the last partition.

Steps
1. Perform the following steps from the vSphere Web Client:
a. Right-click the virtual machine and select Shut Down Guest OS.
b. After the power off completes, right-click the virtual machine and select Edit Settings.
The Edit Settings window appears with the Virtual Hardware button selected.
c. Increase the provisioned size of Hard disk 1 to the desired size, and then click OK.
NOTE: You cannot decrease the provisioned size of the disk.

d. Right-click the virtual machine and select Power On.

2. Boot from a supported SUSE Linux Enterprise Server (SLES) CD.
NOTE: For the version of SLES used by PowerProtect Data Manager, see the E-Lab Navigator.

3. Start the partition utility, by typing parted, and then perform the following tasks.
a. Type select /dev/sdx.
b. Type print. If you are prompted to fix issues, type fix at each prompt. The output displays the new disk size in the
Size field and the current size in the table.
c. Type quit.
4. Restart the system by typing systemctl reboot.
5. Log in to the system console as the root user.
NOTE: If you use ssh protocol to connect to the system, log in with the admin account, and then use the su command
to change to the root account.

6. Grow the xfs file system by typing xfs_growfs -d /data01.

7. Confirm the new partition size by typing df -h.

Configure the DD system

Prerequisites
Before you can use DD to protect the system, use NFS to export the MTree that PowerProtect Data Manager uses on the DD
system. The setup on the DD system requires that you add the PowerProtect Data Manager client with no_root_squash.

Steps
1. Use a web browser to log in to the DD System Manager as the system administrator.
2. In the Summary tab, Protocols pane, select NFS export > create export.
The Create NFS Exports window appears.
3. In the Create NFS Exports window:
a. In the Export Name field, specify the name of the DD MTree.
b. If you have not yet created the DD MTree, follow the prompts to create the MTree and click Close.
c. In the Directory path field, specify the full directory path for DD MTree that you created. Ensure that you use the same
name for the directory.
d. Click OK.
A message appears to indicate that the NFS export configuration save is in progress and then complete.
e. Click Close.

Modifying the System Settings 159

Virtual networks (VLANs)
PowerProtect Data Manager can separate management and backup traffic onto different virtual networks (VLANs). Virtual
networks help to improve data traffic routing, security, and organization.
The default configuration routes the management traffic over the same network as backup traffic. All assets are part of the
same network.

Figure 8. Flat network

You can also configure virtual networks to separate management traffic from backup traffic. This configuration can also
separate traffic that originates from different networks. In that case, you can use the same virtual network for management and
backup traffic, or separate virtual networks for each.

Figure 9. Virtual networks

160 Modifying the System Settings

To use virtual networks with PowerProtect Data Manager, you must configure the DD and network infrastructure before you
configure the PowerProtect Data Manager or assign networks to assets.
Configuration follows a multistep workflow:
1. Configure the virtual network on the DD.
2. Add the DD as storage and name the network interface.
3. Add the virtual network to the PowerProtect Data Manager.
4. Register the assets with the PowerProtect Data Manager.
5. Create a protection policy (or edit an existing policy) and assign the preferred virtual network.
6. Optionally, assign the virtual network to individual assets. This action overrides any preferred virtual network that you may
have specified through a protection policy.
The initial steps to configure and add each virtual network are one-time events. The subsequent steps to assign virtual networks
to protection policies or assets happen as required.
Configuration is nondisruptive. You can add, edit, or delete virtual networks without affecting background activities,
disconnecting network interfaces, or affecting the PowerProtect Data Manager user interface.
PowerProtect Data Manager logs network changes in the audit log. Failed network changes appear in the System alerts.

Virtual network traffic types

PowerProtect Data Manager supports virtual networks for the following traffic types:

Table 41. Traffic types

Type Description
Management Control traffic, typically HTTPS REST API operations; small file transfers, such as logs and update
packages; other essential traffic, such as identity provider authentication.
Data Large amounts of customer data, such as backup and restore traffic, cloud tiering, and CloudDR
traffic.
Data for Management Customer data that is related to management and control operations, such as ServerDR, indexing
Components and searching, replication monitoring, and copy deletion.

The Data for Management Components type carries traffic which relates to management operations but which can contain
customer information. Where required, you can separate this traffic from either the Management network, the Data network, or
both.
For example, some environments may support different speeds for each network: a 1 Gbps network for management and a 10
Gbps network for data. Other environments may have policies or rules that govern whether customer data can flow across
the Management network. Separating the Data for Management Components traffic enables you to optimize flow for security,
speed, and other priorities.

Virtual network planning

When you plan your virtual network configuration, observe the following requirements:

Table 42. Component traffic type requirements

Component Compatible types Incompatible types
PowerProtect Data Manager Management, Data for Management Data
Components
Protection engines Data for Management Components, Data Management
Search Engine nodes Data for Management Components Management, Data
Reporting Engine Management, Data for Management Data
Components

While the table indicates compatible traffic types, protection engines can operate without virtual networks.

Modifying the System Settings 161

Separating the Data for Management Components traffic from the Management traffic requires you to name the virtual
networks for protection storage. Change network settings for protection storage provides instructions. If you do not name the
virtual networks for protection storage, this traffic defaults to the Management network.

Parallel virtual networks

Your environment may have more than one virtual network for each traffic type, such as different Data networks for different
departments. Where parallel virtual networks exist, all protection engines require an interface to at least one virtual network of
each required type. However, each protection engine does not require connections to all virtual networks of the required types.
For example:
● Your environment has Finance and Engineering departments with their own assets.
● Your environment has the following virtual networks: Management, Finance Data, and Engineering Data.
The following table describes the connections to each virtual network for scenarios where both departments share a protection
engine and where departments have private protection engines.

Table 43. Example: virtual network interfaces

Virtual network name Shared protection engine Private protection engines
Finance protection engine Engineering protection
engine
Management Yes Yes Yes
Finance Data Yes Yes No
Engineering Data Yes No Yes

Even though protection engines require connections for Data traffic, the private protection engines maintain separation
between the virtual networks for each department.
Several of the diagrams for supported virtual network topologies include parallel virtual networks.

162 Modifying the System Settings

Virtual network topologies
The following diagrams illustrate the supported virtual network topologies and how they relate to traffic types:

Single network
This topology assigns all traffic types to the same network. There is no separation between Management and Data or between
agents which belong to different logical organizations.

Figure 10. Single network

Data for Management Components traffic on Management network

This topology separates Management traffic from Data traffic but keeps the Data for Management Components traffic with the
Management traffic.
This tradeoff operates well in environments where the Management network can support frequent large data transfers and
which allow customer data on the Management network.
Thick lines indicate paths that transfer comparatively more data, such as files and update packages. Thin lines indicate paths
that transfer comparatively less data, such as HTTPS API traffic only.

Modifying the System Settings 163

Figure 11. Data for Management Components traffic on Management network

Data for Management Components traffic on Data network

This topology separates Management traffic from Data traffic but keeps the Data for Management Components traffic with the
Data traffic.
This tradeoff operates well in environments where the Management network cannot support frequent large transfers or which
do not allow customer data on the Management network. However, there is no separation between backup data and control
data, and Data for Management Components traffic competes with other traffic.
Thick lines indicate paths that transfer comparatively more data, such as files and update packages. Thin lines indicate paths
that transfer comparatively less data, such as HTTPS API traffic only.

164 Modifying the System Settings

Figure 12. Data for Management Components traffic on Data network

Full separation
This topology implements complete separation between all traffic types for maximum throughput and security. Customer data
does not flow across the Management network.
Thick lines indicate paths that transfer comparatively more data, such as files and update packages. Thin lines indicate paths
that transfer comparatively less data, such as HTTPS API traffic only.

Modifying the System Settings 165

Figure 13. Full separation

Supported scenarios
PowerProtect Data Manager supports virtual networks for the following use cases:
● Virtual machine backups
● Kubernetes backups
● Database backups
● Microsoft Exchange Server backups
● File system backups
● Replication
● Disaster recovery
● Cloud DR
● Search Engine
NOTE: The first time that you use the Networks page to add a virtual network to an environment with existing Search
Engine nodes, PowerProtect Data Manager does not automatically add the virtual network to the Search Engine. Instead,
manually edit each Search Engine node to add the virtual network. This action makes the Search Engine aware of virtual
networks. Any subsequent new virtual networks are automatically added to the Search Engine.

166 Modifying the System Settings

Virtual network prerequisites
Before you configure a virtual network, complete the following actions:
● Register the vCenter server on which PowerProtect Data Manager is deployed. You can verify this on the vCenter tab of
the Asset Sources page. You can also add a hosting vCenter. Specifying the PowerProtect Data Manager host provides
instructions.
● Configure the network switch port for trunk mode. This setting allows the port to carry traffic for multiple VLANs.
● Enable Virtual Guest Tagging (VGT) or Virtual Switch Tagging (VST) mode on the VMware ESXi virtual network switch port
for PowerProtect Data Manager. You can use a standard port group or a distributed port group.
○ VGT—For port groups on standard virtual switches, configure the virtual switch port for VLAN ID 4095, which makes all
VLANs accessible. For port groups on distributed virtual switches, use VLAN trunking, which supports specifying multiple
VLANs by ID or range. For more information, see the VMware ESXi documentation.
○ VST—You can configure the port group with a VLAN ID from 1-4094.
● Configure a VLAN interface for the DD through the Interfaces tab on the Hardware > Ethernet window in the DD System
Manager. The DD documentation provides more information.
It is recommended that you choose an interface name that incorporates the VLAN ID. For example, the interface name
ethV1.850 for VLAN ID 850.

● Add the DD as protection storage for PowerProtect Data Manager.

PowerProtect Data Manager does not verify the network switch configurations. If the physical or virtual network switch is
incorrectly configured, then virtual network configuration fails.

Configuring virtual networks

The following topics create and maintain virtual networks in PowerProtect Data Manager for use with assets on different
VLANs.
PowerProtect Data Manager names each virtual network in two places: the interface to the protection storage system and the
interface to the protected assets. These names are not required to match. However, it is strongly recommended that you use
the same network name in both locations for each virtual network. Record each network name for later use.
It is also recommended that you choose network names that incorporate the VLAN ID. For example, sales-vlan850 for VLAN
ID 850.
Adding a virtual network includes creating a pool of static IP addresses. PowerProtect Data Manager uses these addresses for
the local interfaces to the virtual network and for any VM Direct protection engines or Search Engine nodes that you deploy on
this network.
Each VM Direct protection engine or Search Engine node requires an IP address on the virtual network. The PowerProtect Data
Manager interface requires one IP address. Ensure that you have enough IP addresses available on each network to meet this
requirement. To prepare for future expansion, you can add more IP addresses than are initially required.

When you review the list of virtual networks, rows that require attention are indicated with a beside the name. View the
network details for more information.

Add a virtual network

Configure a new virtual network for use with assets and protection policies.

About this task

Each new virtual network requires at least one IP address for each PowerProtect Data Manager network interface. Review the
Number of IP addresses needed field before you supply the required static IP addresses.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Networks.
The Networks window appears.
2. Click Add.
The Add Network wizard opens.
3. For Purpose, select one or more traffic types.

Modifying the System Settings 167

Virtual network traffic types provides more information.
4. In the Network Name field, type the name of the new virtual network.
It is recommended that you keep the network names consistent for each VLAN.
5. In the VLAN ID field, type the numeric value 1 through 4094 that corresponds to the VLAN which this virtual network
represents.
6. Provide the MTU (maximum tr r the virtual network.
Allowable MTU values range from 1500 to 9000.
7. Click Next.
The Add Network wizard moves to the Static IP Pool page.
8. From the Static IP Pool page:
a. Select the Type of IP pool.
If you need more than one type of IP pool, click Add Alternate Configuration Details. You can edit this additional IP
pool by clicking Edit, or delete it by clicking Delete.
b. Provide the Subnet Mask for an IPv4 pool or the Prefix for an IPv6 pool.
c. Provide the number of reserved IP addresses for PowerProtect Data Manager to use for communication on this virtual
network.
You can add or remove individual IP addresses or ranges of IP addresses.
● To add an individual IP address or range of IP addresses, click , select Value or Range, and then provide the value or
range.

● To remove an individual IP address or range of IP addresses, click next to its entry.

9. Verify that the static IP address pool contains enough addresses to add the virtual network.
10. Click Next.
The Add Network wizard moves to the Routes page.
11. If applicable, click Add to define any required routes.
The Add Routes page opens. Complete the following substeps:
a. Select a route type:
● If you select Subnet, define the subnet in CIDR format. For example, 10.0.0.0/24 for IPv4 or
fe80:7f03:79a5:2d11::f9a5/64 for IPv6.
● If you select Host, type the IP address.
b. Type the IP address of the default gateway through which PowerProtect Data Manager should reach the subnet or host.
c. Click Add.
The Add Routes page closes. The Routes list displays the new route.
d. Review the route information.
If any parameters are incorrect, select the checkbox for that route and then click Delete.
e. Repeat these substeps for any additional required routes.
12. Click Next.
The Add Network wizard moves to the Summary page.
13. Verify the network configuration information, and then click Finish.
The Add Network wizard closes. The Networks page displays the new network with the Initiating status.

Next steps
PowerProtect Data Manager may take a short time to configure the virtual network.
If the virtual network status changes to Failed, then a corresponding system alert contains more information about the cause
of the failure. Troubleshoot the failure and then complete one of the following actions:
● If the failure was caused by a configuration issue, click Edit to update the network configuration.
● If the failure was transient or had an external cause, and the configuration is correct, click Retry to use the same settings.
NOTE:

When you edit or retry a virtual network operation that failed and there are additional IP addresses in the address pool,
PowerProtect Data Manager marks the last failed IP address as abandoned. PowerProtect Data Manager does not try to
reuse any IP addresses that are marked as abandoned. The UI does not display this condition.

168 Modifying the System Settings

View the details of a virtual network
If the virtual network name is ambiguous, you can view the details to further identify the virtual network before making changes.
You can also identify components that require attention after a change.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Networks.
The Networks window appears.
2. Locate the row that corresponds to the appropriate virtual network.
The columns for each row indicate the associated VLAN ID and network status. Rows that require attention are indicated
with a beside the name.
3. Click for that row.
The Details pane opens to the right.
This pane contains information about the virtual network configuration, such as the static IP address pool details, assigned
traffic types, and configured routes. This pane also lists any components that are configured with an interface on this
network, their types, and their assigned IP addresses.
4. Click X to close the details pane.

Changing virtual network traffic types after configuration

Under normal operation, you configure a virtual network and then assign the interface to new or existing components which
support the selected traffic types. However, should your environment change, you can later change the traffic type settings for
a virtual network.
After you reconfigure a virtual network, the new traffic type settings may no longer align with the interface assignments for
existing components on that virtual network. In these cases, PowerProtect Data Manager notifies you about conflicts between
traffic types and interface assignments, but does not take automatic action.

Instead, the UI marks conflicts with a warning symbol ( ). Administrators should review any warnings and edit the indicated
components to manually remove the incompatible network interfaces. For example:
● Search Engine node interfaces to virtual networks that carry Data traffic, but not Data for Management Components traffic.
● Protection engine interfaces to virtual networks that carry Data for Management Components traffic.
● PowerProtect Data Manager interfaces to virtual networks that carry Data traffic, but not Data for Management
Components traffic.
Under these circumstances, PowerProtect Data Manager continues to operate normally. However, resolving the conflict returns
the IP address to the address pool.

Edit a virtual network

You can change any parameter for a virtual network without deleting the network. For example, to add more IP addresses to the
static IP pool.

Prerequisites
If an IP address from the static IP pool is already in use, you cannot remove the address from the pool.
Before you change the traffic types for a network, disable indexing. Set up and manage indexing provides instructions.

About this task

After deployment, the default network has all traffic types enabled. You can remove the Data and Data for Management
Components types from this network, but not the Management type.

Modifying the System Settings 169

The PowerProtect Data Manager enables the Edit and Delete buttons.
3. Click Edit.
The Edit Network wizard opens to the Summary page.
4. Click Edit for the Configuration, Static IP Pool, and Routes sections.
The Edit Network wizard moves to the Configuration, Static IP Pool, or Routes page.
5. Modify the appropriate network parameters, and then click Next.
If you modify the virtual network in a way that requires more IP addresses, you cannot continue until you add more
addresses to the static IP address pool.
The Edit Network wizard moves to the Summary page.
6. Verify the network configuration information, and then click Finish.
The Edit Network wizard closes. The Networks page reflects the updated information, where applicable.
You may need to view the details for the virtual network to verify some changes.

Next steps
If you disabled indexing, re-enable indexing. Set up and manage indexing provides instructions.

Delete a virtual network

Although optional, it is recommended that you delete virtual networks when they are no longer required.

Prerequisites
● Unassign the virtual network from any applicable assets.
● Disable indexing. Set up and manage indexing provides instructions.
● Disable every VM Direct Engine that is configured to use the virtual network.
● Disable every Search cluster that uses the virtual network.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Networks.
The Networks window appears.
2. Locate the row that corresponds to the appropriate virtual network, and then click the radio button to select that row.
PowerProtect Data Manager enables the Edit and Delete buttons.
3. Click Delete.
4. Verify the network information, and then click OK to acknowledge the deletion warning.
The PowerProtect Data Manager removes the virtual network from the list on the Networks page.

Next steps
Re-enable indexing, VM Direct Engines, and Search clusters.

Change network settings for protection storage

After you add protection storage, name the virtual network or networks between the PowerProtect Data Manager and the
protection storage system. To rename a virtual network (edit the network name), repeat these steps.

About this task

Separating the Data for Management Components traffic from the Management traffic requires you to name the virtual
networks for protection storage. If you do not name the virtual networks for protection storage, components such
PowerProtect Data Manager and Search Engine nodes have no route to protection storage over the Data for Management
Components network. This traffic defaults to the Management network.
NOTE: Network interfaces that exist on a DD 7.4.x or earlier system and that are configured
to use an uncompressed IPv6 format cannot be discovered. An example of an uncompressed IPv6
format is 2620:0000:0170:0597:0000:0000:0001:001a. An example of a compressed IPv6 format is

170 Modifying the System Settings

2620:0:170:597::1:1a. To use these network interfaces, reconfigure them to use either an IPv4 address or a
compressed IPv6 address, and then initiate a discovery.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Storage.
The Storage window appears.
2. On the Protection Storage tab, select the storage system, and then select More Actions > Change Network Settings.
The Change Network Settings window opens and displays a list of known network interfaces, assigned IP addresses, link
speeds, and network purposes.
3. Identify the interfaces for each new virtual network, and then select or type names for the virtual networks in the
corresponding fields.
Each interface indicates an IP address, link speed, and network purposes.
4. If you typed a name for a virtual network in step 3, select one or more network purposes for the virtual network.
5. Click Save.
The PowerProtect Data Manager stores the network names.

Virtual network asset assignment

Assignments identify which assets should use each virtual network. There are two methods to associate an asset with a virtual
network:
● By protection policy

You can configure the PowerProtect Data Manager to choose a preferred virtual network for all assets on a protection
policy.
● By asset

You can assign virtual networks to individual assets. This method is optional and overrides any virtual network assignment
from a protection policy. Assets which are not individually assigned automatically use the preferred virtual network.

You can use this method to specify a virtual network for any asset. However, this method is especially suited to configuring
assets which are exceptions to the rule. You can also split assets on the same application host across multiple virtual
networks. For example, when an asset has its own network interface or belongs to another department.
It is recommended that you assign assets to virtual networks by protection policy, where possible.
Before you assign an asset, perform the following actions:
● Test connectivity from the asset host to the PowerProtect Data Manager by pinging the PowerProtect Data Manager IP
address on that virtual network.
● Register the asset source with the PowerProtect Data Manager.
● Approve the asset source.

Assign a virtual network by protection policy

The following steps apply a virtual network to an existing protection policy. You can also assign a virtual network when you
create a protection policy.

About this task

The Network Interface field selects the network interface for communication with the destination protection storage system.
This network carries the backup data.

Steps
1. From the PowerProtect Data Manager UI, select Protection > Protection Policies.
The Protection Policies window appears.
2. Locate an existing protection policy for which you want to configure a virtual network.
3. Select the radio button for the protection policy, and then click Edit.
The Edit Policy wizard opens to the Summary page.
4. In the Objectives block, click Edit.
The Edit Policy wizard moves to the Objectives page.

Modifying the System Settings 171

5. Select the checkbox for the appropriate schedule.
6. In the Network Interface field, select the correct virtual network from the list. Only network interfaces with a network
purpose of Data are listed. Review the section Change network settings for protection storage when changing network
settings.
Each list entry indicates the interface name, interface speed, and virtual network name.
If the network was not named, a combination of the interface name and VLAN ID replaces the virtual network name. For
example, ethV1.850. An interface without a virtual network name behaves as if a virtual network was not configured.

7. Click Next.
The Edit Policy wizard moves to the Summary page.
8. Verify the policy information, and then click Finish.
Ensure that the selected assets are part of the virtual network.
The Edit Policy wizard closes.
9. Click OK to acknowledge the update, or click Go to Jobs to monitor the update.

Assign a virtual network by asset

This procedure is optional. You can assign a virtual network for individual assets or for all assets on a particular application host.

About this task

This setting overrides the network assignment from the protection policy. If PowerProtect Data Manager cannot use this
network assignment for any reason, the setting falls back to the assignment from the protection policy.
NOTE: You cannot back up individual assets across different networks on the same protection policy and application host.
Instead, create a separate protection policy for the assets on each network.

Steps
1. From the PowerProtect Data Manager UI, select Infrastructure > Assets.
The Assets window appears.
2. Locate the appropriate assets from the list on any tab.
Use the checkbox to select each asset. You can select more than one asset at a time.
3. Click More Actions > Assign Network.
The Associated Assets window opens.
4. To use the virtual network for all assets on the same application host, click Include.
Otherwise, to use the virtual network for only the selected assets, click Do Not Include. Consider whether you require a
separate protection policy for assets on different networks.
The Assign Network window opens.
5. Select a virtual network from the Network Label list, and then click Save.

Results
The PowerProtect Data Manager applies the network selection to the selected assets. The Network column in the list of assets
for each tab now indicates the selected virtual network.

Syslog server disaster recovery

Use the following procedure to restart the log manager service for the syslog server in a server disaster recovery (DR) scenario.

Prerequisites
After disaster recovery of the PowerProtect Data Manager system is complete, perform the following steps on the restored
PowerProtect Data Manager system.

172 Modifying the System Settings

Steps
1. Verify that all PowerProtect Data Manager services are running in System Settings > Support > System Services
Status.
2. Restart the logmgr service by running the command logmgr restart, and then wait for a few seconds for the service
to restart.

Next steps
If your syslog server uses a custom port, open the corresponding port on the restored PowerProtect Data Manager system. The
PowerProtect Data Manager Security Configuration Guide provides more information.

Troubleshooting the syslog connection

Review the following information that is related to troubleshooting the syslog connection.

No messages are transmitted to the syslog server

Log messages are generated in the PowerProtect Data Manager services log files, however these messages are not transmitted
to the syslog server. If this issue occurs, complete the following tasks:
1. Verify that the PowerProtect Data Manager firewall is using the required ports. If your syslog server uses a different port,
open the corresponding port on the PowerProtect Data Manager system.
2. Verify the syslog server firewall. Ensure that the ports are configured to accept data.
3. Verify that the protocol is the same for both PowerProtect Data Manager and the syslog server. If you are using TLS,
PowerProtect Data Manager uses anon authentication by default. If your syslog server uses another form of authentication,
contact Customer Support.

Modifying the System Settings 173

11
Managing Reports
Topics:
• PowerProtect Data Manager reporting
• Port requirements
• Server requirements
• Unsupported reporting engine vCenter operations
• Known issues with the reporting engine and Report Browser
• Configure and deploy the reporting engine
• Report Browser
• Deleting the reporting engine
• Managing disaster recovery of the reporting engine

PowerProtect Data Manager reporting

PowerProtect Data Manager comes with a reporting engine that offers reporting capabilities from within the PowerProtect Data
Manager user interface. You can access built-in report templates that you can directly run to generate reports. Feedback can be
provided for future releases.
These reports help you retrieve information about the data protection activities in your environment. Using these reports, you
can diagnose problems, plan to mitigate risks, and forecast future trends. You can also run reports on-demand and export
reports in CSV format.
With the exception of audit logs, all events in report data are shown in UTC. Audit logs display time values in the time zone used
by the web browser.
PowerProtect Data Manager reporting is available for on-premises PowerProtect Data Manager deployments.

NOTE: PowerProtect Data Manager reporting is not supported with PowerProtect Data Manager in cloud environments.

Configure the reporting engine to set up reporting capabilities for PowerProtect Data Manager. After the reporting engine is
configured, you can run reports from Reports > Report Browser.
NOTE: If you are using another reporting tool such as CloudIQ, you can choose not to configure PowerProtect Data
Manager reporting.

Port requirements
For reporting-engine port requirements, see the PowerProtect Data Manager Security Configuration Guide.

Server requirements
Observe the following requirements for the reporting engine.
● SUSE Linux Enterprise Server (SLES) version 15 SP4
● 8 vCPUs, 16 GB RAM
● Disk 01: 48 GB to install the operating system and Reporting Application Server
● Disk 02: 512 GB to store the report data
● Disk 03: 8 GB to store log information
NOTE: The reporting engine only supports IPv4 communication.

174 Managing Reports

Unsupported reporting engine vCenter operations
The reporting engine should only be managed according to documentation and guidance.
Unless communicated by Customer Support, using vCenter to change or control the virtual machine where the reporting engine
is deployed is unsupported. Unsupported vCenter operations include:
● Changing the virtual machine power state
● Changing the virtual machine properties
● Cloning the virtual machine
● Deleting the virtual machine
● Performing a manual vMotion
● Taking or restoring snapshots

Known issues with the reporting engine and Report

Browser
Administrators should familiarize themselves with the known issues of the new reporting feature before using it. Understanding
the known issues will help with the maintenance of the feature and interpretation of the reports.
The following table describes the known issues of the new reporting feature.

Table 44. Known issues with the reporting engine and Report Browser
Issue
The entries in the Asset Name column of the Jobs Summary report prefix the name of the asset with the hostname of the
asset host.
The entries in the Host column of the Jobs Summary report show the hostname of the PowerProtect Data Manager server
instead of the hostname of the asset host.

You might receive error messages similar to the following when trying to configure the Report Browser or generate a report:

The reporting engine is not configured

Configure the reporting engine to access reports.
An error occurred in obtatining the reporting engine configuration details.

To resolve this issue:

1. If the Report Browser has not been configured, configure it.
2. If the Report Browser has been configured or you are trying to configure it, reload the dashboard in your web browser.
NOTE: PowerProtect Data Manager only supports the latest versions of Google Chrome and Microsoft Edge.

The Report Browser is not integrated with Cloud Snapshot Manager. Since the Report Browser does not display Cloud
Snapshot Manager jobs, it might display a lower total job count than the total job count displayed in the Protection Jobs
window.

The Report Browser displays an entry for each retried job that originally had a Failed status. This display of multiple entries
does not match the behavior of the Protection Jobs window, which only displays a single entry for the failed job. This
discrepancy can result in the Report Browser displaying a higher total job count than the total job count displayed in the
Protection Jobs window.

If the total amount of data transferred for a job is less than 1 MB, the job entry shows 0 bytes in the Data Transferred
column.
The reporting engine is listed as an unidentified entry in the Application Agents pane.
CAUTION: Do not remove this entry. If you do, see Configure and deploy the reporting engine.

The selection of SMIS assets from a custom filter is ignored. Even if these assets are selected, they are not displayed on the
report that uses the filter.
In the Jobs Summary - Table View report, the search functionality only supports an "equals" filter type.

Managing Reports 175

Table 44. Known issues with the reporting engine and Report Browser (continued)
Issue
If you edit an existing custom scope, using the search function removes the previously selected assets. To add new assets and
keep the previously selected assets, do not use the search function. Add new assets by scrolling through the list of all assets
and changing the current selections.

Configure and deploy the reporting engine

Perform the following steps in the PowerProtect Data Manager UI to configure and deploy the reporting engine.

Prerequisites
● You must deploy the reporting engine on a separate virtual machine.
● The vCenter server must be added as an asset source from Infrastructure > Asset Sources.
● The virtual machine requires 500 GB to function properly.

About this task

It is recommended that you deploy the reporting engine to the vCenter server that hosts PowerProtect Data Manager. To verify
the hosting vCenter:
1. Click the Settings > Hosting vCenter link.
2. Provide the details for the vCenter server that hosts PowerProtect Data Manager or select the hosting vCenter server from
asset sources.

Steps
1. From the PowerProtect Data Manager UI, select Reports > Reporting Engine.
2. Click Configure.
The Configure Reporting Engine dialog box opens.
3. In the Configure Reporting Engine dialog box, complete the required fields:
● vCenter server to deploy—Specify the vCenter server on which to deploy the reporting engine.
If you specified the hosting vCenter server, PowerProtect Data Manager populates the fields with the required
information.
● ESX host or cluster—Select on which cluster or ESXi host you want to configure the reporting engine.
● Host FQDN—Specify the fully qualified domain name (FQDN).
● IP address, Gateway, Netmask, and Primary DNS—Note that only IPv4 addresses are supported.
● Network—Displays all the networks that are available under the selected ESXi host or cluster.
For virtual networks (VLANs), this network carries Management traffic.
● Data Store—Displays all datastores that are accessible to the selected ESXi host or cluster. Select the datastore.
4. Click Deploy.

Results
PowerProtect Data Manager starts the configuration process. Go to Reporting Engine to check the status. You can also go to
the System Jobs window to monitor the progress of the configuration job.
When the process is complete, a notification appears in the Reporting Engine window to indicate that the configuration is
successful. You can now access reports from Reports > Report Browser.

176 Managing Reports

Report Browser
Use the Report Browser to view detailed reports for the data protection activities in your environment.

Report templates
Report templates are used to generate reports. When a template is selected, a particular report type is used. This report type is
further modified by applying filters. Report templates and reports belong to either a job-activity category or an asset-protection
category.

Built-in report templates

The Report Browser provides six job-activity built-in report templates and four asset-protection build-in report templates. If no
reports are listed in a tab in the Report Browser pane, the built-in report templates are displayed. If one or more reports are
listed in a tab in the Report Browser pane, the built-in report templates are displayed when a report is generated.
Built-in report templates cannot be edited or deleted, but reports and custom report templates based on them can be edited or
deleted.

Custom report templates

Custom report templates can be created, edited, and deleted:
● When a report is generated, a custom report template associated with it is also created.
● If you edit a report from the Report Browser pane, the associated report template is updated.
● To view all custom report templates, go to Reports > Report Templates.
● To edit a custom report template:
1. Click the name of the template from the Report Templates pane.
2. After selecting the template, the UI changes to the Report Browser pane with the tab for the associated report
selected.
3. Click and select Edit.
4. To change the name of the report, click to the right of the name, edit the name, and then click .
5. To change the description of the report, click to the right of the description, edit the description, and then click .
6. Update the filters to apply to the report and click Apply.
NOTE: To reset the filters to their default value, click Reset.

7. Click and select Save Template.

● To delete a custom report template, select the radio button to the left of its entry in the Report Templates pane and click
Delete.

Reports
Learn about the reports that are available in the Report Browser.
The following figure provides an example Jobs Status Summary report.

Managing Reports 177

Figure 14. Jobs Status Summary report

For each report, you can:

● Filter reports by choosing specific metrics.
● Show detailed information of a summary report.

Generate a report
To generate a report, perform the following actions:
1. To generate a report based on a built-in report template:
a. Go to Reports > Report Browser
b. Click Generate Report under the template that the report should be based on.
NOTE: If you do not see the built-in report templates, click
2. To generate a report based on a custom report template:
a. Go to Reports > Report Templates.
b. Click the name of the template that the report should be based on.
3. To change the name of the report, click to the right of the name, edit the name, and then click .
4. To change the description of the report, click to the right of the description, edit the description, and then click .
5. Select the filters to apply to the report and click Apply.
NOTE: To reset the filters to their default value, click Reset.

Edit a report
To edit a report:
● From the Report Browser pane, select the tab of the report.
● Click and select Edit.
● To change the name of the report, click to the right of the name, edit the name, and then click .
● To change the description of the report, click to the right of the description, edit the description, and then click .
● Update the filters to apply to the report and click Apply.
NOTE: To reset the filters to their default value, click Reset.

178 Managing Reports

Data collection frequency
The reporting engine collects report data at regular intervals. The following table provides information about the type of data
that the reporting engine collects and the data collection frequency.
NOTE: Data collection only starts after the reporting engine is deployed. Events that occurred before the reporting engine
is deployed are not shown in the Report Browser or reports.

Table 45. Data collection frequency

Type of data Description Data collection frequency
Status Overall status of the PowerProtect Data Manager Every 15 minutes.
server.
Configuration Information about assets. Every hour.
Protection jobs Information about data protection activities, including Every 5 minutes.
Protect, Restore, and Replicate jobs.

NOTE: Report data is not live and is only as up-to-date as the last successful data collection request. Therefore, reports
should be used for historical purposes only.
● To view live jobs data, go to Jobs > Protection Jobs.
● To view live asset data, go to Infrastructure > Assets.
● For a high-level view of the overall state of the PowerProtect Data Manager system, go to Dashboard.

Detailed report information and report timing

When you view detailed information by clicking the chart in a summary report, a new report is run and the latest data is
displayed. Depending on when the two reports are run, this can result in the detailed report providing a job count that is
different from the job count provided by the summary report. If the job counts are different, the job count provided by the
detailed report is accurate. You can refresh the summary report page to update its information.

Report Browser options

From the Report Browser pane, click to configure options for your reports.
The following table describes the menu items for reports:

Table 46. Report options

Menu item Select the menu item to:
Edit Configure filters and customization options.
Email Email the report to one or more recipients.
Export Export the report to a .csv file.

Save Template Save the template of this report.

Schedule Automatically send the report to one or more email recipients
on a recurring schedule.

Emailing a report to one or more recipients

To send a report as a .csv file attachment, perform the following steps:

NOTE: SMTP must be configured before performing these actions. For more information, see Set up the email server.

1. From the Report Browser pane, select the tab of the report.

Managing Reports 179

2. Click and select Email. The Email Report window opens.
3. Provide information for Report Name.
4. Provide information for To, Subject, and Body.
5. Click Send.

Scheduling automatic reporting

To automatically send a report as a .csv file attachment on a recurring schedule, perform the following steps:
1. To send a report based on a custom report template, from the Report Templates pane, click the name of the template that
the report should be based on.
2. From the Report Browser pane, select the tab of the report.
3. Click and select Schedule. The Schedule Report pane opens.
4. Provide information for Report Name and Schedule Name.
5. Select a daily, weekly, or monthly schedule from the Frequency drop-down list.
6. Provide information for the time of day from the At drop-down lists.
7. If a weekly or monthly schedule is selected, select the day of the week or month from the appropriate controls.
8. Click Next.
9. Provide information for To, Subject, and Body.
10. Click Next to view a summary of the report name, schedule, and email details.
11. Click Set Schedule.
NOTE: After automatic reporting has been scheduled for a report, you can see information about the report and its
schedule by selecting the tab with its name from the Report Browser pane or its associated template in the Report
Templates pane. When viewing the schedule information, you can disable or enable the schedule, delete the schedule, or
edit the schedule.

Types of reporting information

Different reports provide different kinds of information. It is useful to know what types of information are available.
The following tables describe the different types of reports and what information they provide. The tables are grouped by
category.
NOTE: This information is available across multiple reports and configurations. Individual reports might contain a subset of
the information.

Table 47. Report types by job activity

Report type Information displayed
Job Status Summary The total number of successful and failed backup, restore, or replication jobs, along with a
percentage summary.
Job Status by Asset Type The total number of successful and failed backup, restores, or replication jobs, based on asset
type.
Time-based Job Status The number of successful and failed backup, restore, or replication jobs, restore jobs over a period
of time.
Data Transfer Rate The rate of data transfer over a period of time.
Asset Job Failures The assets with job failures over a period of time, including:
● Asset Name
● Asset Type
● Job Type
● Policy
● Number of Failures
Jobs Summary - Table The details and status of all jobs, including:
View ● Asset Name

180 Managing Reports

Table 47. Report types by job activity (continued)
Report type Information displayed
● Asset Type
● Host
● Start Time
● Job Status
● Policy Name
● Data Transferred

Table 48. Report types by asset protection

Report type Information displayed
Asset Protection A summary of the total number of protected and unprotected assets, as well as those in an
Exclusion protection policy.
Asset Protection by Asset A summary of the total number of protected and unprotected assets, as well as those in an
Type Exclusion protection policy. The information is grouped by asset type.
Time-based Asset A summary of the last 7 days of the total number of protected and unprotected assets, as well as
Protection those in an Exclusion protection policy. The information is graphed.
Asset Jobs Distribution The details and status of all jobs, including:
● Name
● Asset Type
● Host
● Policy Name
● Self Service
● Last Copy
● Asset Status
● Protection Status

Filtering and customizing reports

The Report Browser provides options to filter and customize report data.
Filters that are applied to open reports are retained for the duration of the browser session. However, if a report is closed and
then reopened during the same browser session, applied filters are not retained.

Using the search function when adding assets to a custom scope

You can use the search function to select assets in a custom scope. If you perform a search, only the assets selected from the
search results are added to the custom scope.
CAUTION: If you edit an existing custom scope, using the search function removes the previously selected
assets. To add new assets and keep the previously selected assets, do not use the search function. Add new
assets by scrolling through the list of all assets and changing the current selections.

Deleting the reporting engine

Review the following information about deleting the reporting engine.
CAUTION: Deleting the reporting engine deletes all report data from the server. After the report data is deleted,
only the report data backed up by a server DR backup can be recovered.
It is recommended that you do not delete the reporting engine.
To delete the reporting engine from PowerProtect Data Manager, go to Reports > Reporting Engine and click Delete. A
notification appears in the window to indicate that deleting the reporting engine results in data loss.

Managing Reports 181

NOTE: To delete report data stored in a server DR backup, the entire server DR backup must be deleted. This deletion
occurs according to the configured retention policy, or a manual deletion can be performed, so long as the backup to be
deleted is not the most recent backup marked as FULL or PARTIAL.

Reconfiguring the reporting engine after deletion

To reconfigure the reporting engine, go to Reports > Reporting Engine and click Configure. For detailed steps on how to
configure the reporting engine, go to Configure and deploy the reporting engine.

Managing disaster recovery of the reporting engine

As an administrator, you want to ensure that the reporting engine is protected from a disaster.
NOTE: Only the DD Boost storage type supports reporting server disaster recovery (DR). NFS is not supported.

When the reporting engine is deployed, the following occurs:

● The reporting engine and all report data are automatically backed up with configured server DR backups.
● If PowerProtect Data Manager is recovered from a server DR backup:
○ The reporting engine and all report data from the time of the DR backup are also recovered.
○ All report data since the time of the server DR backup is lost.

Recover the reporting engine from a DR backup

PowerProtect Data Manager automatically restores the reporting engine after disaster recovery of the PowerProtect Data
Manager system is complete. If the PowerProtect Data Manager system could not restore the reporting engine automatically,
use the steps in this procedure to restore only the reporting engine through the REST API. Recovery of a reporting engine
must be performed on an operational PowerProtect Data Manager system. Only the Administrator role can restore the reporting
engine.

Prerequisites
Obtain the name of the reporting engine backup from System Settings > Disaster Recovery > Manage Backups.

About this task

Use the backup manifest file to create a new text document that will be used issue a POST command with the REST API:

CAUTION: Do not edit the manifest file itself.

TOKEN=$(curl -X POST https://localhost:8443/api/v2/login -k -d '{ "username":

"admin","password": "admin_password" }' --header "Content-Type: application/json" |
python3 -c "import sys, json; print(json.load(sys.stdin)['access_token'])")

curl -X GET https://localhost:8443/api/v2/nodes -k --header "Content-Type:

application/json" --header "Authorization:Bearer $TOKEN"

182 Managing Reports

b. Run the command grep -Rnwa -e '<Name>' --include=*.manifest.
4. Copy the manifest file to a temporary file.
5. Open the temporary file.
6. Review the following example, and make the changes documented by the // comment entries.
NOTE: The // comment entries displayed here do not exist in the temporary file itself. These comment entries are
displayed here only as a guide.

{
"id": "ca8cbb13-6f3d-4ac5-87e5-de47a634379f",
"jobId": "990b4ea7-c0e4-4069-8dd5-7d0e084370fc", // DELETE LINE
"creationTime": "34e1c9dd-1b54-48b4-8283-151331d193ff",
"lastUpdated": "2022-08-25T19:40:18.165497Z",// DELETE LINE
"elapsedSeconds": 115,
"sequenceNumber": 89
"state": "Successful",// DELETE LINE
"version": "19.12.0-1-SNAPSHOT", // DELETE LINE
"hostname": "ldpdb141.hop.lab.emc.com", // DELETE LINE
"name": "mercijTestDr", // DELETE LINE
"nodeId": "a8d2df8e-5c3e-4160-87d4-32b9bfe6c283", // DELETE LINE
"sizeInBytes": 18244130,
"consistency": "CRASH_CONSISTENT", // DELETE LINE
"checksum": "bbd97a04f296a8ed116e4a9272982d8e8411f3d0cf50dea131d5c2cd4ce224f8", //
DELETE LINE
"backupConsistencyType": "FULL", // DELETE LINE
"esSnapshotState": "UNKNOWN", // DELETE LINE
"backupTriggerSource": "USER", // DELETE LINE
"configType": "standalone", // DELETE LINE
"deployedPlatform": "vmware", // DELETE LINE
"replicationTargets": [], // DELETE LINE
"repositoryFileSystem": "BOOST_FILE_SYSTEM", // DELETE LINE
"ddHostname": "ldpdg251.hop.lab.emc.com", // DELETE LINE and add line
"recover":true,
"Components": [ // change Components to components with lower case c
{ // DELETE WHOLE PPDM COMPONENT LEAVING ONLY REPORTING
"name": "PPDM",
"id": "ca7cbb13-6f3d-4ac5-87e5-de47a634379f",
"lastActivityId": "2bdbe7a8-7c57-446d-b072-ad8081e2953d",
"version": "v2",
"backupPath": "ldpdg251.hop.lab.emc.com:SysDR_ldpdb141/
ldpdb141_a8d2df8e-5c3e-4160-87d4-32b9bfe6c283/PPDM",
"backupStatus": "SUCCESSFUL",
"backupsEnabled": true,
"errorResults": []
}, // STOP DELETING HERE
{
"name": "REPORTING",
"id": "34e1c9dd-1b54-48b4-8283-151331d193ff",
"lastActivityId": "ed2dc805-c1f7-42fd-b9af-71897fc1da01",
"version": "v2",
"backupPath": "192.168.100.109:SysDR_DPDII2201IDPA10/
ppdm_64d2f00a-1ce0-47b5-9c60-914ea7d0e1e8/REPORTING",
"backupStatus": "SUCCESSFUL",
"backupsEnabled": true, // DELETE TRAILING COMMA
"errorResults": [] // DELETE LINE
}
], // DELETE TRAILING COMMA
"componentVersions": [],// DELETE LINE
"expirationTime": "2023-06-11T09:41:20.383633Z",// DELETE LINE
"protectionCopySetId": "07e7af37-1a80-5436-b320-9e537fba1317"// DELETE LINE
}

In summary:
● remove all lines with the // DELETE LINE comment entry displayed here
● add recover: true
● change Components to components
● remove all listed component blocks except for REPORTING
● remove the trailing comma from "backupsEnabled": true,

Managing Reports 183

● remove the trailing comma from [,
The result of these changes should look similar to the following:

{
"id":"ca8cbb13-6f3d-4ac5-87e5-de47a634379f",
"creationTime":"2022-10-12T15:01:13.476401+0000",
"elapsedSeconds":115,
"sequenceNumber":89,
"sizeInBytes":18244130,
"recover":true,
"components":[
{
"name":"REPORTING",
"id":"ca8cbb13-6f3d-4ac5-87e5-de47a634379f",
"lastActivityId":"ed2dc805-c1f7-42fd-b9af-71897fc1da01",
"version":"v2",
"backupPath":"192.168.100.109:SysDR_DPDII2201IDPA10/
ppdm_64d2f00a-1ce0-47b5-9c60-914ea7d0e1e8/REPORTING",
"backupStatus":"SUCCESSFUL",
"backupsEnabled":true
}
]
}

TOKEN=$(curl -X POST https://localhost:8443/api/v2/login -k -d '{ "username":

"admin","password": "admin_password" }' --header "Content-Type: application/json" |
python3 -c "import sys, json; print(json.load(sys.stdin)['access_token'])")

11. Run the following command:

curl -X PUT 'https://localhost:8443/api/v2/server-disaster-recovery-backups/

<backupID>' --header "Authorization: Bearer $TOKEN" --header 'Content-Type:
application/json' -k -d '<manifestText>'

● Replace <backupID> with the value obtained in step 7.

Next steps
Delete the temporary file created in step 4.

184 Managing Reports

Glossary
This glossary provides definitions of acronyms used across the product documentation set.

A
AAG: Always On availability group

ACL: access control list

AD: Active Directory

AKS: Azure Kubernetes Service

API: application programming interface

ARM: Azure Resource Manager

AVS: Azure VMware Solution

AWS: Amazon Web Services

AZ: availability zone

B
BBB: block-based backup

C
CA: certificate authority

CBT: Changed Block Tracking

CDC: change data capture

CIFS: Common Internet File System

CLI: command-line interface

CLR: Common Language Runtime

CN: common name

CPU: central processing unit

CR: custom resource

CRD: custom resource definition

CSI: container storage interface

CSV: Cluster Shared Volume

D
DAG: database availability group

DBA: database administrator

Glossary 185
DBID: database identifier

DDMC: DD Management Center

DDOS: DD Operating System

DDVE: DD Virtual Edition

deploy
At Dell Technologies, virtual machines are deployed to virtual environments, while software components and hardware devices
are installed. Both PowerProtect Data Manager and DDVE are virtual machines that are deployed. If you are searching this
software guide for instances of install and not finding anything appropriate, search for deploy instead.

DFC: DD Boost over Fibre Channel

DNS: Domain Name System

DPC: Data Protection Central

DR: disaster recovery

DRS: Distributed Resource Scheduler

DSA: Dell security advisory

E
EBS: Elastic Block Store

EC2: Elastic Compute Cloud

eCDM: Enterprise Copy Data Management

ECS: Elastic Cloud Storage

EFI: Extensible Firmware Interface

EKS: Elastic Kubernetes Service

ENI: Elastic Network Interface

EULA: end-user license agreement

F
FC: Fibre Channel

FCD: first class disk

FCI: failover cluster instance

FETB: front-end protected capacity by terabyte

FLR: file-level restore

FQDN: fully qualified domain name

FTP: File Transfer Protocol

186 Glossary
G
GB: gigabyte
In the PowerProtect Data Manager user interface, this is 10 9 bytes.

Gb/s: gigabits per second

In the PowerProtect Data Manager user interface, this is 10 9 bits per second.

GCP: Google Cloud Platform

GCVE: Google Cloud Virtual Edition

GID: group identifier

GLR: granular-level restore

GUI: graphical user interface

GUID: globally unique identifier

H
HA: High Availability

HANA: high-performance analytic appliance

HTML: Hypertext Markup Language

HTTP: Hypertext Transfer Protocol

HTTPS: Hypertext Transfer Protocol Secure

I
IAM: identity and access management

IDE: Integrated Device Electronics

IP: Internet Protocol

IPv4: Internet Protocol version 4

IPv6: Internet Protocol version 6

K
KB: kilobyte
In the PowerProtect Data Manager user interface, this is 10 3 bytes.

L
LAC: License Authorization Code

LAN: local area network

M
MB: megabyte
In the PowerProtect Data Manager user interface, this is 10 6 bytes.

Glossary 187
MFR: managed file replication
ms: millisecond

MTU: maximum transmission unit

N
NAS: network-attached storage

NBD: network block device

NBDSSL: network block device over SSL

NDMP: Network Data Management Protocol

NFC: Network File Copy

NFS: Network File System

NIC: network interface card

NTFS: New Technology File System

NTP: Network Time Protocol

O
OS: operating system

OSS: open-source software

OVA: Open Virtualization Appliance

P
PCS: Protection Copy Set

PDF: Portable Document Format

PEM: Privacy-enhanced Electronic Mail

PIN: personal identification number

PIT: point in time

PKCS: Public Key Cryptography Standards

PSC: Platform Service Controller

PVC (cloud computing): private virtual cloud

PVC (Kubernetes): Persistent Volume Claim

R
RAC: Real Application Cluster

RAM: random-access memory

RBAC: role-based access control

188 Glossary
ReFS: Resilient File System

REST API: representational-state transfer API

RHEL: RedHat Enterprise Linux

RMAN: Recovery Manager

RPO: recovery-point objective

RSA: Rivest-Shamir-Adleman

S
S3: Simple Storage Services

SaaS: software as a service

SAP: System Analysis Program Development

From the SAP website (2022), "the name is an initialism of the company's original German name: Systemanalyse
Programmentwicklung, which translates to System Analysis Program Development. Today the company's legal corporate name
is SAP SE - SE stands for societas Europaea, a public company registered in accordance with the European Union corporate
law."

SCSI: Small Computer System Interface

SDDC: software-defined data center

SELinux: Security-Enhanced Linux

SFTP: Secure File Transfer Protocol

SLA: service-level agreement

SLES: SuSE Linux Enterprise Server

SLO: service-level objective

SPBM: Storage Policy Based Management

SQL: Structured Query Language

SRS: Secure Remote Services

SSD: solid-state drive

SSH: Secure Shell

SSL: Secure Sockets Layer

SSMS: SQL Server Management Studio

SSVs: System Stable Values

T
TB: terabyte
In the PowerProtect Data Manager user interface, this is 10 12 bytes.

TCP: Transmission Control Protocol

TDE: Transparent Data Encryption

Glossary 189
TLS: Transport Layer Security

TPM: Trusted Platform Module

TSDM: Transparent Snapshots Data Mover

T-SQL: Transact-SQL

U
UAC: user account control

UDP: User Datagram Protocol

UI: user interface

UID: user identifier

update
At Dell Technologies, software is updated and hardware is upgraded. If you are searching this software guide for instances of
upgrade and not finding any, search for update instead.

UTC: Coordinated Universal Time

From Wikipedia (2022), "this abbreviation comes as a result of the International Telecommunication Union and the International
Astronomical Union wanting to use the same abbreviation in all languages. English speakers originally proposed CUT (for
'coordinated universal time'), while French speakers proposed TUC (for 'temps universel coordonné')."

V
VADP: VMware vSphere Storage APIs - Data Protection

VBS: virtualization-based security

VCF: VMware Cloud Foundation

vCLS: vSphere Cluster Service

vCSA: vCenter Server Appliance

VDI: Virtual Device Interface

vDisk: virtual disk

vDS: virtual distributed switch

vFRC: Virtual Flash Read Cache

VGT: Virtual Guest Tagging

VIB: vSphere Installation Bundle

VLAN: virtual LAN

VM: virtual machine

VMC: VMware Cloud

VMDK: virtual machine disk

VNet: virtual network

VPC: virtual private cloud

190 Glossary
vRSLCM: vRealize Suite Lifecycle Manager

VST: Virtual Switch Tagging

vTPM: Virtual Trusted Platform Module

VVD: VMware Validated Design

vVol: virtual volume

W
WAN: wide area network

Glossary 191

PPD M 1911 Admin Guide
No ratings yet
PPD M 1911 Admin Guide
163 pages
PowerProtect Data Manager 19.3 Deployment Guide 01
No ratings yet
PowerProtect Data Manager 19.3 Deployment Guide 01
32 pages
PowerProtect Data Manager Concepts - Participant Guide
No ratings yet
PowerProtect Data Manager Concepts - Participant Guide
67 pages
PowerProtect Data Manager Upgrade - Participant Guide
No ratings yet
PowerProtect Data Manager Upgrade - Participant Guide
26 pages
PowerProtect Data Manager Troubleshooting - Participant Guide
No ratings yet
PowerProtect Data Manager Troubleshooting - Participant Guide
45 pages
PowerProtect Data Manager
No ratings yet
PowerProtect Data Manager
250 pages
DDMC 7.5 Install Admin Guide 01
No ratings yet
DDMC 7.5 Install Admin Guide 01
125 pages
PowerProtect Data Manager - Network Attached Storage User Guide
No ratings yet
PowerProtect Data Manager - Network Attached Storage User Guide
53 pages
PP 19.3 Release Note
No ratings yet
PP 19.3 Release Note
23 pages
PowerProtect Concepts Downloadable Content NEW PDF
No ratings yet
PowerProtect Concepts Downloadable Content NEW PDF
24 pages
PowerProtect DM5500 5.15.0.0
No ratings yet
PowerProtect DM5500 5.15.0.0
65 pages
Dell PowerProtect Data Manager VM Integration-Participant Guide
No ratings yet
Dell PowerProtect Data Manager VM Integration-Participant Guide
126 pages
06dell PowerProtect Data Manager VM Integration
No ratings yet
06dell PowerProtect Data Manager VM Integration
83 pages
PowerProtect Data Manager Appliance - PowerProtect DM5500 5.18.0.0-Install The DM5500 in The Rack
No ratings yet
PowerProtect Data Manager Appliance - PowerProtect DM5500 5.18.0.0-Install The DM5500 in The Rack
71 pages
Dell EMC DPA Installation Guide 19.4
No ratings yet
Dell EMC DPA Installation Guide 19.4
191 pages
PowerFlex+4 0+Administration-Downloadable+Content
No ratings yet
PowerFlex+4 0+Administration-Downloadable+Content
132 pages
DD 7-7-1-0 Release Notes
No ratings yet
DD 7-7-1-0 Release Notes
30 pages
Powerprotect DD Basic Administration: Participant Guide
No ratings yet
Powerprotect DD Basic Administration: Participant Guide
85 pages
DataProtectionAdvisor Install Admin Guide 19.2 PDF
No ratings yet
DataProtectionAdvisor Install Admin Guide 19.2 PDF
256 pages
Manual47350010 Powerprotect Data Manager 19 14 Microsoft SQL Server User Guide
No ratings yet
Manual47350010 Powerprotect Data Manager 19 14 Microsoft SQL Server User Guide
237 pages
PowerProtect DD Basic Administration v7.11
No ratings yet
PowerProtect DD Basic Administration v7.11
790 pages
PowerProtect Data Manager Oracle Integration - Participant Guide
No ratings yet
PowerProtect Data Manager Oracle Integration - Participant Guide
79 pages
Flex Software Admin Guide 45x
No ratings yet
Flex Software Admin Guide 45x
264 pages
Dell PowerProtect Data Manager Microsoft SQL Integration
No ratings yet
Dell PowerProtect Data Manager Microsoft SQL Integration
124 pages
PowerProtect DD - DDVE - 7.12 - Procedures-On Premise Installation and Administration Guide
No ratings yet
PowerProtect DD - DDVE - 7.12 - Procedures-On Premise Installation and Administration Guide
74 pages
PowerStore 운영 메뉴얼
No ratings yet
PowerStore 운영 메뉴얼
280 pages
Docu82471 - Data Protection Advisor 6.3 Installation and Administration Guide PDF
No ratings yet
Docu82471 - Data Protection Advisor 6.3 Installation and Administration Guide PDF
234 pages
Installation and Administration Guide DPA
No ratings yet
Installation and Administration Guide DPA
204 pages
PowerPath Upgarde Steps
No ratings yet
PowerPath Upgarde Steps
98 pages
Powerprotect DD Concepts and Features: Participant Guide
No ratings yet
Powerprotect DD Concepts and Features: Participant Guide
106 pages
Compilado PowerProtect DES-DD23
No ratings yet
Compilado PowerProtect DES-DD23
871 pages
Oracle
No ratings yet
Oracle
69 pages
PowerProtect DD Concepts and Features - Participant Guide
No ratings yet
PowerProtect DD Concepts and Features - Participant Guide
106 pages
PowerFlex Rack Administration - Instructor Guide
No ratings yet
PowerFlex Rack Administration - Instructor Guide
241 pages
PWRSTR SCG en Us
No ratings yet
PWRSTR SCG en Us
57 pages
DDMC 7.7 Install Admin Guide
No ratings yet
DDMC 7.7 Install Admin Guide
141 pages
PowerStore+3.0+System+Administration+ +Participant+Guide (PDF) +
No ratings yet
PowerStore+3.0+System+Administration+ +Participant+Guide (PDF) +
231 pages
ppdm1912 Oraclerman
No ratings yet
ppdm1912 Oraclerman
117 pages
PPDM Plus Dps Plus Ordering Licensing Guide For Dsa Gii
No ratings yet
PPDM Plus Dps Plus Ordering Licensing Guide For Dsa Gii
99 pages
EMC Data Protection Advisor: Quick Start Guide
No ratings yet
EMC Data Protection Advisor: Quick Start Guide
12 pages
Dell PowerProtect Data Manager
0% (1)
Dell PowerProtect Data Manager
9 pages
IDPA 2.7 Product Guide
No ratings yet
IDPA 2.7 Product Guide
63 pages
DD 7.2 Security Configuration 05
No ratings yet
DD 7.2 Security Configuration 05
47 pages
PowerProtect DD Monthly Support Highlights Oct 2021
No ratings yet
PowerProtect DD Monthly Support Highlights Oct 2021
8 pages
Powerprotect DD Zero Trust
No ratings yet
Powerprotect DD Zero Trust
8 pages
System Overview: Command Reference Guide For A Complete Description of Commands
No ratings yet
System Overview: Command Reference Guide For A Complete Description of Commands
1 page
DDMC 7.6 Install Admin Guide
No ratings yet
DDMC 7.6 Install Admin Guide
147 pages
DES-DD33 SA PowerProtectDD Specialist Exam
No ratings yet
DES-DD33 SA PowerProtectDD Specialist Exam
5 pages
PowerProtect Data Manager MS Exchange Integration - Participant Guide
No ratings yet
PowerProtect Data Manager MS Exchange Integration - Participant Guide
97 pages
PowerStore 2.0 Administration - Participant Guide - (PDF)
0% (1)
PowerStore 2.0 Administration - Participant Guide - (PDF)
287 pages
Dell Powermax Cyber Security
No ratings yet
Dell Powermax Cyber Security
22 pages
Emc D PCR Dy 01
No ratings yet
Emc D PCR Dy 01
8 pages
DPA 19.3 Data Collection Reference Guide
No ratings yet
DPA 19.3 Data Collection Reference Guide
460 pages
Powerprotect DD and Data Domain Hardware Installation: Participant Guide
100% (1)
Powerprotect DD and Data Domain Hardware Installation: Participant Guide
58 pages
Irs P 19 17 Userguide en Us
No ratings yet
Irs P 19 17 Userguide en Us
136 pages
Data Protection Advisor 6.2 Installation and Administration Guide
No ratings yet
Data Protection Advisor 6.2 Installation and Administration Guide
182 pages
Dell PowerProtect Data Domain Hardware Installation - Participant Guide
No ratings yet
Dell PowerProtect Data Domain Hardware Installation - Participant Guide
110 pages
Data Protection Mastery Course
No ratings yet
Data Protection Mastery Course
4 pages
Docker Swarm - How To Inspect Ingress-Endpoint Container - Stack Overflow
No ratings yet
Docker Swarm - How To Inspect Ingress-Endpoint Container - Stack Overflow
3 pages
Docker Cheat Sheet - 1515532697
No ratings yet
Docker Cheat Sheet - 1515532697
39 pages
SFTP Selinux Setup Guide
No ratings yet
SFTP Selinux Setup Guide
6 pages
Selinux Audit2allow Guide
No ratings yet
Selinux Audit2allow Guide
5 pages
AWS Solution Architect Class Notes
100% (2)
AWS Solution Architect Class Notes
22 pages
حلول اسئلة الفاينل كورس المكثف 2023 2022 الدور الاول
No ratings yet
حلول اسئلة الفاينل كورس المكثف 2023 2022 الدور الاول
6 pages
Advances in Security and Payment Methods For Mobile Commerce
No ratings yet
Advances in Security and Payment Methods For Mobile Commerce
364 pages
Error Control Techniques in Wireless Communication
No ratings yet
Error Control Techniques in Wireless Communication
4 pages
C Programming Exam Paper BCA-141/20
No ratings yet
C Programming Exam Paper BCA-141/20
2 pages
MobaXterm SMF 20201015 193005
No ratings yet
MobaXterm SMF 20201015 193005
38 pages
Computer CH# 1 FA I.T
No ratings yet
Computer CH# 1 FA I.T
1 page
CEPT Online Intro - English Proficiency Test
No ratings yet
CEPT Online Intro - English Proficiency Test
6 pages
PIC16F8X: 18-Pin Flash/EEPROM 8-Bit Microcontrollers
No ratings yet
PIC16F8X: 18-Pin Flash/EEPROM 8-Bit Microcontrollers
2 pages
Well Cap
No ratings yet
Well Cap
1 page
Java Crash Cource Book
No ratings yet
Java Crash Cource Book
17 pages
SE Lecture - 1
No ratings yet
SE Lecture - 1
56 pages
RG-EG209GS Datasheet - 1111
No ratings yet
RG-EG209GS Datasheet - 1111
15 pages
UI/UX Design for Savero Hotel App
No ratings yet
UI/UX Design for Savero Hotel App
14 pages
Web Server User Manual Rel13 - en
No ratings yet
Web Server User Manual Rel13 - en
170 pages
MCQ Artificial Intelligence Class 10 Computer Vision
100% (3)
MCQ Artificial Intelligence Class 10 Computer Vision
41 pages
Dde Client Manual
No ratings yet
Dde Client Manual
21 pages
B.Tech CSE Programming Course
No ratings yet
B.Tech CSE Programming Course
23 pages
Qualifying Exam 1
No ratings yet
Qualifying Exam 1
2 pages
Manual HP DragonFly c06488201
No ratings yet
Manual HP DragonFly c06488201
90 pages
Document Management System Overview
No ratings yet
Document Management System Overview
17 pages
2nd Grade Coding Worksheets
No ratings yet
2nd Grade Coding Worksheets
18 pages
Verilog Reversible Logic Gates Implementation
No ratings yet
Verilog Reversible Logic Gates Implementation
7 pages
CSC 411 LECTURE NOTES 1 - Introduction and Basics
No ratings yet
CSC 411 LECTURE NOTES 1 - Introduction and Basics
18 pages
Data Warehousing Essentials
No ratings yet
Data Warehousing Essentials
25 pages
GE RX3i PLC Firmware Guide
No ratings yet
GE RX3i PLC Firmware Guide
3 pages
AI Industry
No ratings yet
AI Industry
22 pages
Microsoft Word Notes
No ratings yet
Microsoft Word Notes
9 pages
Top 5 Reasons To Choose Zwcad: Create Amazing Things
No ratings yet
Top 5 Reasons To Choose Zwcad: Create Amazing Things
1 page
Hydra Cheat Sheet - by Codelivly
No ratings yet
Hydra Cheat Sheet - by Codelivly
6 pages