Safeguarded backup

A Safeguarded backup is a volume in a Safeguarded backup location. As part of the Safeguarded Copy function, you can add volumes to a volume group and assign a Safeguarded policy to that group. The external scheduling application that is configured with the system applies the policy to all the volumes in the group to create Safeguarded backups. Safeguarded backups are created in the same parent pool as the Safeguarded source volumes. A Safeguarded backup is the target of FlashCopy® mapping with Safeguarded source volumes as a source.

The safeguarded_expiration_time parameter in the lsvdisk command stores expiration time of Safeguarded backups. The safeguarded_expiration_time parameter notifies Storage Virtualize software to automatically delete the expired Safeguarded backups without giving the system administrator role the capability of deleting these backups directly. The retentiondays parameter in the startfcconsistgrp command store the retention period scheduled for Safeguarded backups.

To configure a Safeguarded backup volumes, the mkvdisk or mkvolume command in the system creates a new target volume in a Safeguarded backup location. The command supports only specific parameters for a volume in the Safeguarded backup location. Ensure that the target volume in the Safeguarded backup location must be created before creating the FlashCopy mapping from the Safeguarded source.

The following actions are restricted on the Safeguarded backups:

  • A security administrator role only can delete the Safeguarded backups or Storage Virtualize software can automatically delete the Safeguarded backups.
  • Safeguarded backup volume can be the target of FlashCopy mapping if the source volume is a Safeguarded source volume.
  • Safeguarded backup volume cannot map to a host.
  • Safeguarded backup volume mirror copy cannot be created.
  • Safeguarded backup volume cannot be removed or changed by using CLI commands.

Safeguarded backup volume characteristics

The following section explains the characteristics of a Safeguarded backup volume in a Safeguarded backup location.

  • The Safeguarded source volumes and Safeguarded backup volumes -iogrp, -preferrednode matches.
  • Safeguarded backup volumes and Safeguarded source volumes size is same.
  • Safeguarded backup volumes are auto expand.
  • The Safeguarded backup volume cache mode is readwrite.
  • In standard pools, the Safeguarded backup volumes are thin and not compressed.
  • In Data Reduction Pools, the Safeguarded backup volumes compressed and deduplicated.
  • A Safeguarded backup volume is of striped type.

  • The easytier attribute is enabled for Safeguarded backup volumes.
  • The name, buffer size, and grainsize parameters are user configurable.

To preserve Safeguarded backups from deleting, the -keeptarget parameter in mkfcmap command specifies that the target volume and source volume availability must be the same. If the Safeguarded backup volume becomes unavailable, then the Safeguarded source volume is also unavailable. The -keeptarget parameter supports FlashCopy mappings that contain Safeguarded source volume or the Safeguarded backup volumes as a source volume.

Testing and recovering Safeguarded backups

If the source volumes are compromised during a cyberattack, then the latest Safeguarded backups may not be useful for recovery. Depending on the external scheduling application that you configure with the system, each application has built-in tools and process that can assist an administrator in testing and recovering compromised data. For example, you can configure the system to use IBM® Storage Copy Data Management and as the external scheduling application. IBM Storage Copy Data Management provides management of application-consistent Safeguarded copies that use FlashCopy. IBM Storage Copy Data Management is available to order through IBM standard ordering databases. IBM Storage Copy Data Management license is available on iERP/Advanced Administration System (AAS) as part of the IBM Storage Software Suite. The stand-alone version of IBM Storage Copy Data Management is available on IBM Passport Advantage. You can also purchase IBM Storage Sentinel, a software bundle (PID 5900APZ) license that combines copy data function and ransomware detection software. The IBM Storage Sentinel package combines the ability to create and manage Safeguarded Copy operations with IBM Storage Copy Data Management software and the ability to automatically detect any compromised data in scheduled backups with the built-in ransomware detection. The IBM Storage Copy Data Management license is available through IBM Passport Advantage.

IBM Storage Sentinel includes the following software licenses:
IBM Storage Copy Data Management version 2.2.16 or later
IBM Storage Copy Data Management provides the following actions:
  • Creates Safeguarded policies to schedule backups of IBM Storage Virtualize volumes. Safeguarded backup policies are created and managed by IBM Storage Copy Data Management.
  • Creates immutable backups of IBM Storage Virtualize volumes.
  • Supports easy to use restore operations so compromised data can be tested and restored back to production volumes.
For the Safeguarded Copy function, Safeguarded source volumes have the following restrictions:
  • Safeguarded source volumes cannot be in a Safeguarded backup location.
  • Safeguarded source volumes cannot be mirrored volumes.
  • Safeguarded source volumes cannot be in an ownership group.
  • Safeguarded source volumes cannot be used as cloud backups with the transparent cloud tiering function.
As part of the configuration of the Safeguarded Copy function with IBM Storage Virtualize systems, administrators need access to the IBM Storage Copy Data Management interface and must complete basic installation and configuration. For information on IBM Storage Copy Data Management installation and configuration, see Deployment Checklist.
Security scan software
Supports registering dedicated security scan servers to run ransomware detection software on every Safeguarded backup that is generated as part of the IBM Storage Copy Data Management configuration of the Safeguarded Copy function. To use these features for ransomware detection requires more configuration and setup that is outside the scope of IBM Storage Virtualize documentation. For more information on IBM Storage Copy Data Management and its ransomware detection features and setup instructions, see Registering a Security Scan Server in IBM Storage Copy Data Management.
The two software work together to provide detection of ransomware on Safeguarded backups.

If you use IBM Copy Services Manager as an external scheduling application with the system, you can determine the uncompromised Safeguarded backups, IBM Copy Services Manager creates a new target volume in the same parent pool by creating another FlashCopy mapping between the Safeguarded backups as source volumes and the new target volume. After the FlashCopy mapping is created, the new target volume is mapped to a host server or a virtual machine. The user can now test the Safeguarded backups by using the external application that is installed on the server system. The new copy volumes that are created for testing and recovery are created according to the provisioning policy associated with the parent pool. IBM Copy Services Manager uses the pool provisioning policy to create recovery volumes. A user can set recovery copies, such as thin provisioned or deduplication by defining a provisioning policy to their parent pool. For more information, see Provisioning policy.

To recover and restore the data, the user would first test the Safeguarded backups. After testing and determining the uncompromised data, user can use the new FlashCopy target volumes as the source volumes. The new source volumes would be added to a volume group with associated Safeguarded backup policy and the original volume group Safeguarded policy would be removed.

The following image shows the testing and recovering a Safeguarded backups scenario:

Figure 1. Recovering Safeguarded backups
Recovering Safeguarded backups