You can enable write once ready many (WORM) storage and retention for Amazon S3 and Microsoft Azure Storage. Worm storage prevents the accidental deletion of data that is not qualified for aging.
Caution: If you enable WORM storage lock and compliance lock, they will be enabled on all associated backup destinations. This action is irreversible and you cannot lower the retention.
Enabling WORM storage automatically enables compliance lock, which prevents retention settings from being changed. If you enable WORM storage and compliance lock, you cannot disable WORM storage, and the data will remain immutable in the storage for the duration of the retention period.
After you enable WORM storage, the size of the storage footprint will be slightly more than double the size of the protected front end data for Amazon S3 or Azure Storage, due to overhead associated with object lock storage and handling of deduplicated data. For this reason, WORM storage is more appropriate for secondary or tertiary copies of data than for primary copies.
If you add a custom backup plan that uses WORM storage, the plan inherits its retention settings from the storage pool.
WORM storage lock. You can use the WORM storage lock option for both deduplicated and non-deduplicated data for Amazon S3 and Azure Storage. WORM storage lock provides data security at the cloud storage level.
Note: Metallic Cloud Storage Service is not supported for WORM storage lock.
Compliance lock. Compliance lock is a security control that provides protection from destructive tasks such as deleting backups, storage, apps, servers, and backup destination copies, and reducing retention for cloud storage vendors. Compliance lock provides data security at the software level. You can enable compliance lock at the storage level, and all associated backup destination copies will be locked and protected.
Note: Cloud app workloads that use bundled Metallic are not supported for compliance lock.
Before You Begin
Complete the following tasks on the platform that you use:
Platform | Tasks |
|---|---|
Amazon S3 |
|
Azure Storage |
|
Procedure
From the navigation pane, go to Storage > Cloud.
The Cloud page appears.
Click the cloud storage.
The cloud storage page appears.
To enable WORM storage lock, do the following:
Move the WORM storage lock toggle key to the right.
The Retention rules page appears.
In the Retention period option, specify the amount of time to retain the backups, and then click OK.
The Do you want to enable WORM storage lock? dialog box appears.
Select the options to confirm your agreement, type Confirm in the confirmation box, and then click CONFIRM.
Note:
Both WORM storage lock and WORM compliance lock will be enabled on all associated backup destinations. This action is irreversible and you cannot lower the retention.
If you enabled WORM storage lock unintentionally, we recommend you to create a new storage pool with a new storage pointing to a new container or bucket.
To enable only compliance lock, do the following:
Move the Compliance lock toggle key to the right.
The Do you want to enable Compliance lock? dialog box appears.
Select the option to confirm your agreement, and then click YES.
Note: Compliance lock will be enabled on all associated backup destinations. This action is irreversible and you cannot lower the retention.