SSDR5G6_prod - Documentation Index

Table of Contents

• Welcome
• What's new
  • Updates in previous versions
• Product overview
• Getting started
  • Logging in
    • Creating an IBMid
    • Identity provider management
      • SSO authentication with supported managed identity providers
      • Setting up SSO group authentication with managed identity providers
      • SCIM provisioning and integration with supported managed identity providers
    • Configuring multifactor authentication
  • IBM Storage Defender user access management
  • IBM Storage Defender user interface
    • Review notification
    • User access
      • Users
        • Managing a user
        • Inviting users
        • Removing users
        • Viewing and editing the user profile
      • Roles
        • Editing a role
      • User groups
        • User group details
        • Creating a user group
        • Managing users in a user group
        • Editing a user group
        • Deleting a user group
    • Audit log
      • Identification of audit log message and message classes
      • Downloading audit log
    • Changing the display theme
• IBM Storage Defender Data Resiliency Service
  • Data Resiliency Service terms and concepts
    • Terminology
    • Concepts
      • Storage and backup systems dashboards
      • Test recovery and performing recovery
      • Recovery group
        • Recovery group and IBM Storage FlashSystem volume groups
        • Recovery group and IBM Storage Protect
        • Recovery group and Dell PowerMax storage groups
        • Recovery group and Pure Storage FlashArray
        • Recovery group and Oracle database
        • Recovery group and SAP HANA database
        • Recovery group and Microsoft Active Directory
        • Recovery group and IBM Db2 database
        • Recovery group and IBM Fusion
      • Automatic generation of recovery groups and automatic assignment of governance profiles
        • Algorithm for automatic generation of recovery groups
      • Applications
      • Governance
      • Threat management
        • IBM Storage Defender snapshots threat detection
        • IBM Storage Defender backup threat detection
        • IBM Storage Defender sensor threat detection
          • IBM Storage Defender sensor control nodes
        • IBM Storage FlashSystem threat detection
      • Isolated scan environment
      • Clean room
      • User management
      • Resource Unit (RU) Calculator
      • Sources and Resources
  • Data Resiliency user interface
    • Data Resiliency overview
    • Data Resiliency dashboard
      • Overall dashboard
      • Storage systems dashboard
      • Backup systems dashboard
    • Actions
    • Threat management
      • Threats
        • Viewing threat details
        • Resolving threats
        • Unresolving threats
        • Removing threats
      • Defender sensors
        • Deploying sensors
        • Editing Defender sensor update settings
        • Updating Defender sensor by using Update now
        • Clearing the error status of Defender sensor
        • Removing Defender sensor
        • Managing Defender sensors on systems within a recovery group
        • Adding Defender sensor on systems within a recovery group
        • Prerequisites for Defender sensor for Windows
        • Unregistering Defender sensor
        • Installing or uninstalling Defender sensors using CLI on sensor control node
          • IBM Storage Defender sensor package signature validation
          • Installing Defender sensor using CLI on sensor control node
          • Uninstalling Defender sensor using CLI on sensor control node
    • Governance profiles
      • Creating a governance profile
      • Deleting a governance profile
      • Viewing governance profile details
      • Editing governance profile details
    • Groupings
      • Recovery groups
        • Recovery groups overview
        • Recovery groups details
        • Adding and removing favorites
        • Locking or unlocking a recovery group
        • Archiving recovery groups
        • Generating a recovery group
        • Editing a governance profile
        • Editing a clean room profile
        • Configure scanning
        • Configure or remove scan settings
        • Editing a scanner assignment
        • Editing a scanner policy assignment
        • Creating a recovery group
        • Editing a recovery group
        • Adding email notification
        • Adding or removing resources
        • Testing a recovery point
        • Clean up after a recovery
        • Validating a recovery
        • Enabling email notification
        • Performing a recovery
      • Applications
        • Application details
        • Creating an application
        • Editing application details
        • Deleting an application
        • Managing recovery groups
        • Creating and managing dependencies
        • Creating recovery plan
        • Editing a recovery plan
        • Downloading a recovery plan
        • Deleting a recovery plan
        • Editing preferred recovery point
    • Copy management
      • Volumes
      • Data resources
      • Available copies
    • Sources
      • Sources overview
      • Storage systems
        • Storage system details
        • Including or excluding volumes
      • Backup systems
        • Backup system details
        • Including or excluding data resources
      • Workload hosts
        • Workload hosts details
    • Controlled environments
      • Clean rooms
        • Clean rooms
          • Adding a clean room
        • Profiles
          • Creating a clean room profile
          • Deleting a clean room profile
          • Viewing clean room profile details
          • Editing clean room profile details
      • Scan environments
        • Adding scanner
        • Deleting scanner
        • Scanner details
        • Creating scanner policy
        • Deleting scanner policy
        • Associating connection manager
        • Disassociating connection manager
        • Editing system details
        • Editing scanner credentials
        • Editing scanner details
        • Editing system credentials
        • Editing a snapshot scan frequency
        • Editing policy details
    • Connections
      • Source connections
        • Adding sources
          • Generating an API key on IBM Storage Defender Data Protect to connect with connection manager
        • Editing sources
        • Removing sources
        • Associating connection manager with a source
        • Disassociating connection manager from source
        • Connecting directly
        • Accessing additional functionalities
        • Source connection details
      • Connection managers
        • Connection managers details
        • Adding a connection manager
        • Updating connection manager
          • Updating connection manager by using Update now
        • Updating connection manager offline
        • Pausing or resuming a connection manager update
        • Adding a connection manager location
        • Removing a connection manager
        • Sensor control nodes
          • Installing the sensor control software
          • Adding a sensor control node
          • Removing a sensor control node
      • Credentials
        • Creating credentials
        • Editing credentials
        • Deleting credentials
      • Integrations
        • Integrating Data Resiliency to QRadar SIEM
        • Integrating Data Resiliency to Splunk® SIEM
          • Terms and conditions for Splunk® integration
        • Enabling email notification
    • Access
      • Access points
        • Access points details
        • Managing user access
      • Users
        • User details
        • Managing user groups
      • User groups
    • System
      • Jobs
        • Downloading job log summary
      • Resource Unit (RU) Calculator
        • Current usage
        • History
          • Viewing a resource unit usage details
          • Deleting a resource unit
        • Calculating resource unit usage
  • Connection manager on-premises
    • Installing and connecting connection manager
      • Creating a bootable USB drive
        • Creating a bootable USB installation drive on a Windows system
        • Creating a bootable USB installation drive on a Mac
    • Updating connection manager on-premises
    • Backing up and restoring connection manager
    • Logging in to the user interface
    • Configuring a web proxy on a connection manager
    • Connection manager on-premises user interface
      • Managing a connection manager profile
      • Access
        • Roles in IBM Storage Defender connection manager
        • Users
          • Adding a user to the connection manager
          • Editing the role of a user in the connection manager
          • Removing a user from the connection manager
          • Resetting the password of a user in the connection manager
          • Resetting multifactor authentication of a user in the connection manager
        • User rights required to connect with VMware vCenter
        • User roles required to connect IBM Storage Protect
        • User roles required to connect with IBM Storage FlashSystem
        • User rights required to connect with IBM Storage Defender Data Protect
        • User role required to connect Dell PowerMax storage
        • User roles required to connect with Pure Storage
      • Settings
        • Updating the name of the connection manager
        • Updating the API Key of the connection manager
        • Downloading support logs
    • Troubleshooting connection manager issues
      • Resolving an IBM Storage Defender sensor uninstallation failure
      • Resolving failure to connect to Data Resiliency due to clock skew
      • Resolving the unwanted heartbeat summary log from a sensor
      • Resolving disconnected or degraded state of connection manager
      • Expanding the root filesystem on connection manager
  • Licensing
  • Appendix: Inventory metadata that is collected from Data Resiliency Service
• IBM Storage Defender Data Management Service
  • About IBM Storage Defender Data Management Service
    • Prerequisites
    • What Next?
  • Managing IBM Storage Protect connections
    • Connecting an IBM Storage Protect server to Data Management Service
      • Creating Docker containers
      • Updating the IBM Storage Defender connection agent
    • Unregistering an IBM Storage Protect server
    • Removing the IBM Storage Protect server connection agent
    • Troubleshooting connection issues
      • The host system where the IBM Storage Protect server is running is down or inaccessible
      • The IBM Storage Protect server is down or not accepting TCP/IP connections
      • The eagle agent service is not running on the host system
      • The claim to Data Management is not available
    • Command line reference
      • dcli
      • dcli claim
        • dcli claim delete
        • dcli claim query
        • dcli claim register
      • dcli eagle-agent
        • dcli eagle-agent query
        • dcli eagle-agent start
        • dcli eagle-agent stop
      • dcli server
        • dcli server delete
        • dcli server query
        • dcli server register
        • dcli server update
        • dcli server updateuser
  • Managing IBM Storage Defender Data Protect connections
    • Connecting a cluster
    • Disconnecting a cluster
    • Unregistering a cluster
    • Troubleshooting connection issues
  • Getting started
    • Consumption tile
    • Protection tile
  • Reporting
    • Viewing reports
    • Choosing a report type
    • Filtering report data
    • Customizing table columns
    • Downloading reports
    • Scheduling reports
    • Managing scheduled reports
    • Resetting reports to default view
    • Reporting APIs
    • Failures
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Protected objects
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Protected or unprotected objects
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Protection Activities
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Protection Group Summary
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Protection Runs
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Recovery
      • Filter Report Data
      • Glance Bar
      • Chart
      • Report Data
    • System Connections
      • Filter report data
      • Glance Bar
      • Report Data
    • System Protection
      • Filter Report Data
      • Glance Bar
      • Charts
      • Report Data
    • Storage Consumption by System
      • Filter Report Data
      • Glance Bar
      • Chart
      • Report Data
    • Storage Consumption by Protection Groups
      • Filter Report Data
      • Glance Bar
      • Chart
      • Report Data
    • Storage Consumption by Objects
      • Filter Report Data
      • Glance Bar
      • Chart
      • Report Data
    • Storage Consumption by Storage Domains
      • Filter Report Data
      • Glance Bar
      • Report Data
    • Storage Consumption by Views
      • Filter Report Data
      • Glance Bar
      • Report Data
    • Data Transferred to External Targets
      • Filter Report Data
      • Glance Bar
      • Chart
      • Report Data
  • Cluster management
    • Upgrading clusters
      • Upgrading clusters from Data Management
      • Updating cluster location
      • Unregistering a cluster
    • Globally search clusters and take action
      • Example: Find and protect
      • Example: Find and protect with an RPO policy
      • Example: Clone or recover a snapshot
    • Aggregated alerts
  • Smart Assist
    • Cluster Capacity Prediction
    • Field Messages
    • Simulations
      • Supported Software
      • Adding a new simulation
      • Adding a protection group
      • Adding a node
      • Editing the storage domain
      • Removing a protection group
      • Editing a simulation
      • Deleting a simulation
      • Limitations
  • Compliance and Security
    • Licensing
    • License Modes
    • License SKUs
    • Viewing license usage and entitlements
    • Viewing usage by license type
    • About license usage warning
    • Manage clusters in Data Management SaaS
      • Connecting with Data Management
      • Automatic synchronization of license usage
    • Managing licenses on clusters
      • Managing licenses
      • Smart licensing
      • Manual licensing
      • Smart licensing and Manual licensing issues
    • Configuring the license after cluster creation
      • Choosing a licensing mode after cluster creation
      • Configuring smart licensing mode
      • Configuring manual licensing mode
    • Detecting ransomware attacks
      • Prerequisites
    • Supported Workloads
    • Viewing affected objects
    • Configuring tags and notifications thresholds
      • Configuring anomaly strength threshold
      • Adding a tag name
      • Blocking restores of tagged snapshots
    • Anomalous object details
      • Snapshots
      • Tagging one or more anomalous snapshots
      • Removing tags from one or more anomalous snapshots
      • Affected files
        • Recovering deleted files
        • Downloading files
      • Recovering objects
    • Managing alert notification rules
      • Adding alert notification rules
      • Editing alert notification rules
      • Deleting alert notification rules
    • Viewing the alert
    • Frequently Asked Questions
    • Quorum approvals
      • How do quorum approvals work?
      • Considerations
      • Best practices
    • Quorum dashboard
      • Pending requests
      • My requests
      • All requests
      • Groups
    • Creating a quorum group
      • Supported operations
      • Supported cluster operations
    • Managing quorum groups
      • Adding new operation targets
      • Removing operation targets
      • Adding new operations
      • Removing operations
      • Adding new quorum approvers
      • Removing quorum approvers
      • Modifying the approval quorum
      • Modifying the approval workflow
      • Deleting a quorum group
      • Disabling a quorum group
    • Approve or decline a quorum request
    • Security advisor
    • Scores
      • Performing a scan
      • Scores table
    • Security rules
      • Editing the default rule
      • Security rules dashboard
      • Viewing definition and cluster strength
    • Viewing scan results
    • Global map view
    • Audit logs
      • Configuring the audit log settings
      • Setting log retention period for audit logs
      • Specifying user roles for read logs
    • Viewing audit logs
      • Filters
  • Data platform for cloud
    • Deploying cloud edition AWS by using Data Management
      • Prerequisites
      • Verifying limits for node instances
      • Creating a policy
      • Creating an IAM user
      • Configuring VPC, VPN access, and security
      • Deploying the cloud edition cluster
        • Opening firewall ports for existing security group
      • Changing the default admin password
      • Connecting the cloud edition cluster
      • Deleting a cloud edition AWS cluster
    • Deploying next-generation cloud edition AWS by using Data Management Service
      • Prerequisites
      • System requirements
      • Skills required to implement AWS NGCE
      • AWS services utilized
      • Authenticate using IAM user
      • Creating an AWS Policy
      • Creating an IAM User
      • Configure VPC and security for AWS NGCE cluster
      • Creating an S3 bucket
      • Creating an AWS NGCE cluster
    • Deploying cloud edition Azure by using IBM Storage Defender Data Management Service
      • Creating a service principal
      • Creating a custom role for the application
      • Deploying cloud edition Azure
      • Changing the default admin password
      • Connecting the cloud edition cluster
      • Deleting a cloud edition Azure cluster
    • Deploying next-generation cloud edition Azure by using Data Management Service
      • System requirements
      • Create an Azure storage account and storage container
      • Create Entra application and service principal
      • Create an Application Secret Key
      • Creating a custom role for the application
      • Assign custom role to application for subscription
      • Verify quotas
      • Set up VPN gateway
      • Create the Azure NGCE cluster
    • Deploying cloud edition GCP by using Data Management
      • Prerequisites
      • Verifying resource quotas
      • Configuring a VPC network
      • Configuring firewall rules in the VPC network
        • Ingress firewall ports
        • Egress firewall rules
      • Creating a serverless VPC connector
      • Creating and copying a GCP service account key
      • Assigning the custom role to the service account
      • Granting access to the Google cloud functions service agent
      • Deploying cloud edition
    • Deploying next-generation cloud edition GCP by using Data Management Service
      • Prerequisites
      • System requirements
      • Configuring a VPC network
      • Configuring firewall rules in the VPC network
        • Egress firewall rules
        • Ingress firewall ports
      • Creating a server-less VPC connector
      • Creating and copying a GCP service account key
      • Creating a custom role for the service account
      • Assigning the custom role to the service account
      • Granting access to the Google cloud functions service agent
      • Creating Google standard storage
      • Creating a GCP NGCE cluster
    • Adding nodes to the existing CE and NGCE clusters
      • Viewing log details
      • Canceling node addition or creation process
      • Deleting a cluster
  • Alerts
    • Viewing the alert on Data Management Service
    • Analyzing the Alert
    • Alert Notification
    • Configuring alert notification settings
      • Creating an alert notification rule for email notifications
      • Create alert notification rule for webhooks notification
        • Alert request
        • Silencing alert notifications
    • Resolving alerts
      • Creating a new resolution
      • Attaching an existing resolution
      • Resolving an alert in the Details for any Alert Name page
    • Alert references
  • Access management
    • Managing user roles
  • Organizations
    • Enabling organizations
    • Managing an organization
      • Adding an organization
      • Renaming an organization
      • Deactivating an organization
      • Deleting an organization
    • Assigning systems
    • Access management
      • Adding service provider user
      • Adding an organization user
    • Assigning sources and objects
    • Create policies
    • Viewing cluster-level details
    • Adding existing multi-tenant clusters
    • Viewing the list of organizations
    • Switching organizations
    • Alert notification settings for organization users
      • Create an alert notification rule for email notifications
      • Create alert notification rule for webhooks notification
      • Silencing alert notifications
• IBM Storage Defender Data Protect
  • Archiving IBM Storage Defender Data Protect data to IBM Storage Protect tape
    • Configuration for copying or archiving data
      • Step 1: Creating a tape storage pool and a cold-data-cache storage pool for copying data to tape
      • Step 2: Configuring an object policy domain
      • Step 3: Setting up standard object storage
      • Step 4: Adding an object agent for copying data
      • Step 5: Adding and configuring an object client for copying data
  • Backing up IBM Storage FlashSystem volumes
• IBM Storage Ready Node for IBM Storage Defender Data Protect
  • Planning to install an IBM Storage Ready Node cluster
    • Verifying software version for cluster node
    • Verifying network requirements
    • Worksheets for planning the details for cluster node installation
      • Worksheet for verifying network requirements
      • Planning worksheets
      • Configuring a DNS server
        • Configuring DNS on Windows Server
        • Configuring DNS on a Linux Bind Server
      • Worksheet for additional nodes
  • Setting up the cluster
    • Racking the cluster
    • Cabling the cluster
    • IBM Storage Ready Node firmware
    • Verifying prerequisites for cluster setup
    • Configuring the BIOS on the IBM Storage Ready Nodes
    • Creating a bootable USB drive
      • Creating a bootable USB installation drive on a Windows system
      • Creating a bootable USB installation drive on a Mac
    • Installing the ISO on the IBM Storage Ready Nodes
    • Setting up nodes
    • Creating the initial cluster
    • Configuring the primary or secondary network in a cluster with multicast disabled
    • Recording chassis information
  • Configuring the cluster
    • Changing the default administrator password
      • Enabling support user for local shell access
        • Setting the support user password for the first time
    • Configuring the cluster (Required)
    • Verifying cluster capacity
    • Upgrading the cluster
    • Checking the resolution of the cluster FQDN
  • Troubleshooting
    • Recovering from ISO installation failure due to missing system SSD or data SSD
    • Recovering from ISO installation failure due to mismatched HDD and SSD
    • Recovering from ISO installation failure due to incorrect BIOS boot mode
    • Recovering from ISO installation failure due to unsupported system board model
    • Recovering from cluster creation failure due to incorrect HDD protection type
    • Resolving issues due to occasional loss of TCP connectivity
    • Resolving node detection and cluster creation issues
• IBM Storage Defender Recovery Assurance
• Contacting IBM support
• PDF files
• Notices