EDUCATION SERVICES

Commvault® Professional Course

May 2018

Page 1 of 559
Legal Notices
Copyright
Information in this document, including URL and other website references, represents the current view of Commvault Systems, Inc.
as of the date of publication and is subject to change without notice to you.

Descriptions or references to third party products, services or websites are provided only as a convenience to you and should not
be considered an endorsement by Commvault. Commvault makes no representations or warranties, express or implied, as to any
third-party products, services or websites.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Unless
otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and
events depicted herein are fictitious.

Complying with all applicable copyright laws is the responsibility of the user. This document is intended for distribution to and use
only by Commvault customers. Use or distribution of this document by any other persons is prohibited without the express written
permission of Commvault. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or
introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Commvault Systems, Inc.

Commvault may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject
matter in this document. Except as expressly provided in any written license agreement from Commvault, this document does not
give you any license to Commvault’s intellectual property.

COMMVAULT MAKES NO WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE INFORMATION CONTAINED IN THIS
DOCUMENT.

©2018 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C” hexagon logo, Commvault Systems,
Solving Forward, SIM, Singular Information Management, Simpana, Commvault Galaxy, Unified Data Management, QiNetix, Quick
Recovery, QR, CommNet, GridStor, Vault Tracker, InnerVault, QuickSnap, QSnap, Recovery Director, CommServe, CommCell,
APSS, Commvault GO, Commvault HyperScale, IntelliSnap, ROMS, Commvault OnePass, CommVault Edge, Edge Drive, and
CommValue, are trademarks or registered trademarks of Commvault Systems, Inc. All other third-party brands, products, service
names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective
owners. All specifications are subject to change without notice.

Confidentiality
The descriptive materials and related information in the document contain information that is confidential and proprietary to
Commvault. This information is submitted with the express understanding that it will be held in strict confidence and will not be
disclosed, duplicated or used, in whole or in part, for any purpose other than evaluation purposes. All right, title and intellectual
property rights in and to the document is owned by Commvault. No rights are granted to you other than a license to use the
document for your personal use and information. You may not make a copy or derivative work of this document. You may not sell,
resell, sublicense, rent, loan or lease the document to another party, transfer or assign your rights to use the document or
otherwise exploit or use the Manual for any purpose other than for your personal use and reference. The document is provided "AS
IS" without a warranty of any kind and the information provided herein is subject to change without notice.

©1999-2018 Commvault Systems, Inc. All rights reserved

Page 2 of 559
Education Services Commvault® Professional Course May 2018

Table of Contents
Contents
Legal Notices ......................................................................................................................................................... 2
Table of Contents .................................................................................................................................................. 3
Introduction .......................................................................................................................................................... 8
Commvault® Professional Course Preliminaries ..................................................................................................... 9
Education Advantage .................................................................................................................................... 10
Class Resources ............................................................................................................................................ 11
CVLab On Demand Lab Environment .............................................................................................................. 12
Commvault® Education Career Path ............................................................................................................... 13
Commvault® On-Demand Learning ................................................................................................................ 14
Education Services V11 Certification ............................................................................................................... 15
Additional Resources ..................................................................................................................................... 17
Course Overview ........................................................................................................................................... 18
CommCell® Deployment and Configuration ............................................................................................................ 19
Next Generation Platform .................................................................................................................................. 20
Next Generation Platform Overview................................................................................................................ 21
Physical Architecture ..................................................................................................................................... 22
Logical Architecture ....................................................................................................................................... 25
Web Console ................................................................................................................................................ 27
Admin Console .............................................................................................................................................. 29
CommCell® Console....................................................................................................................................... 39
CommCell® Component Requirements ............................................................................................................... 46
CommServe® Server Requirements ................................................................................................................ 47
MediaAgent Requirements ............................................................................................................................. 49
Agent Requirements ...................................................................................................................................... 53
CommCell® Deployment .................................................................................................................................... 54
Download the Commvault® Software ............................................................................................................. 55
CommCell® Deployment Overview .................................................................................................................. 58
CommServe® Server – Gathering Information ................................................................................................. 59
CommServe® Server – Installation.................................................................................................................. 61
CommServe® Server – Post Installation Tasks ................................................................................................. 65
CommCell® License ....................................................................................................................................... 66
CommCell® Update Process ........................................................................................................................... 67

Page 3 of 559
Education Services Commvault® Professional Course May 2018

CommServe® DR Backup ............................................................................................................................... 76

CommCell® Email Settings ............................................................................................................................. 85
MediaAgent – Installation .............................................................................................................................. 87
MediaAgents – Index Directory ...................................................................................................................... 93
Disk, Cloud, and Deduplication ............................................................................................................................. 95
Storage Overview ......................................................................................................................................... 96
Disk Library Design ....................................................................................................................................... 97
Cloud Library Design ....................................................................................................................................110
Deduplication ..................................................................................................................................................113
Deduplication Overview ................................................................................................................................114
Components and Terminology (CommCell® Console) ......................................................................................117
Storage Pools (Admin Console) .....................................................................................................................121
Partitioned Deduplication Database ...............................................................................................................125
Data Verification ..........................................................................................................................................127
Tape Library and Media Management ..................................................................................................................130
Tape Library Design .....................................................................................................................................131
Tape Media Management .............................................................................................................................142
Storage Policies ..................................................................................................................................................162
Storage Policy Overview ...............................................................................................................................163
Storage Policy Structure ...............................................................................................................................167
Storage Policy Configuration .........................................................................................................................171
Storage Policy Administration........................................................................................................................180
Global Secondary Copy .................................................................................................................................190
Data Path Design .........................................................................................................................................193
Retention ........................................................................................................................................................199
Retention Overview ......................................................................................................................................200
Sample Retention Policy ...............................................................................................................................202
Job Based Retention Rules ...........................................................................................................................203
How Retention Works ...................................................................................................................................206
How Retention Works...................................................................................................................................208
Additional Retention Settings ........................................................................................................................211
Managing Servers and Server Groups ..................................................................................................................218
Client Agent Deployment .................................................................................................................................219
Commvault® Agents .....................................................................................................................................220
Standard Agent Installation ..........................................................................................................................222
Custom Agent Installation Methods ...............................................................................................................230

Page 4 of 559
Education Services Commvault® Professional Course May 2018

Servers ...........................................................................................................................................................234
Admin Console Concepts ..............................................................................................................................235
Server Navigation Structure ..........................................................................................................................238
Administrative Tasks ....................................................................................................................................242
Server Groups .................................................................................................................................................259
Server Groups (Client Computer Groups) .......................................................................................................260
File Server Solution .............................................................................................................................................269
File Server Solution Overview .......................................................................................................................270
Add a File Server Solution.............................................................................................................................271
Data Protection Plans ...................................................................................................................................275
Subclient .....................................................................................................................................................279
Subclient Configuration ................................................................................................................................282
Filtering .......................................................................................................................................................289
Job and Data Management ..................................................................................................................................296
Data Protection Overview .............................................................................................................................297
Synthetic Full and DASH Full Jobs .................................................................................................................300
Auxiliary Copy and DASH Copy Jobs ..............................................................................................................303
Job Initiation ...............................................................................................................................................313
Using Schedules and Schedule Policies ..........................................................................................................315
Automatic Schedules ....................................................................................................................................319
Managing Active Jobs ...................................................................................................................................324
Controlling Job Activity .................................................................................................................................336
Data Recovery ................................................................................................................................................351
Data Recovery Overview ..............................................................................................................................352
Using the Find Feature .................................................................................................................................354
Using Browse ...............................................................................................................................................356
Additional Recovery Methods ........................................................................................................................366
Virtualization Solution .........................................................................................................................................371
Virtual Protection Overview ..........................................................................................................................372
Transport Modes ..........................................................................................................................................374
Configuring the Virtualization Solution ..............................................................................................................378
Adding Virtualization Solution .......................................................................................................................379
VSA Filters ...................................................................................................................................................384
VSA AppAware Backup .................................................................................................................................391
Admin Console – VSA Tasks..........................................................................................................................395
Traditional File Recovery vs. Block-Level Browse ............................................................................................407

Page 5 of 559
Education Services Commvault® Professional Course May 2018

Enable Granular Recovery Option ..................................................................................................................408

VSA Backup Options ........................................................................................................................................411
Backup Failed VMs Option ............................................................................................................................412
VSA Recovery Options .....................................................................................................................................414
VSA Basic Recovery Options (CommCell® Console) ........................................................................................415
Data Security .....................................................................................................................................................431
Ransomware Prevention ..................................................................................................................................432
Ransomware ...............................................................................................................................................433
User and Security Management ........................................................................................................................442
User and Group Security...............................................................................................................................443
Role Based Security .....................................................................................................................................445
Encryption ......................................................................................................................................................460
Encryption Overview ....................................................................................................................................461
Inline Encryption ..........................................................................................................................................463
Copy Based Encryption .................................................................................................................................468
Hardware Encryption ....................................................................................................................................470
Network Topologies .........................................................................................................................................472
Network Route Overview ..............................................................................................................................473
Restricted Firewall Configuration ...................................................................................................................475
Blocked Firewall Configuration ......................................................................................................................476
Proxy Firewall Configuration .........................................................................................................................478
Configuring Network Topology ......................................................................................................................479
Monitoring, Maintenance, and Tuning ..................................................................................................................484
Monitoring ......................................................................................................................................................485
Admin Console .............................................................................................................................................486
CommCell® Monitoring Resources .................................................................................................................488
Alerts (Admin Console) .................................................................................................................................496
Alerts (CommCell® Console) .........................................................................................................................502
Reports (Admin Console) ..............................................................................................................................510
Reports (CommCell® Console)) .....................................................................................................................512
Maintenance ...................................................................................................................................................515
CommServe .................................................................................................................................................516
CommvaultTools ..........................................................................................................................................519
Tuning ............................................................................................................................................................528
Performance Benchmarks .............................................................................................................................529
Improving Performances – Environment ........................................................................................................531

Page 6 of 559
Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings – File System & VSA ............................................................535

Improving Performances – Commvault® Settings – Database & Exchange .......................................................540
Improving Performances – Commvault® Settings - Network ...........................................................................543
Improving Performances – Commvault® Settings – Disk Storage .....................................................................546
Improving Performances – Commvault® Settings – Tape Storage ...................................................................551
Improving Performances – Commvault® Settings – Streams ...........................................................................555
Thank You ......................................................................................................................................................557

Page 7 of 559
Education Services Commvault® Professional Course May 2018

Introduction

Page 8 of 559
Education Services Commvault® Professional Course May 2018

Commvault® Professional Course Preliminaries

The value of this course comes from three distinct areas – first, the content of the material which guides your
exploration and understanding of the product. Second, the skill of the instructor to expand on those areas of interest
and to add value from their experience with the product. And lastly, you, the student whose questions and
experiences help not only yourself, but others in understanding how Commvault® software can help you with your
data management requirements.

Page 9 of 559
Education Services Commvault® Professional Course May 2018

Education Advantage
The Commvault® Education Advantage product training portal contains a set of powerful tools to enable Commvault
customers and partners to better educate themselves on the use of the Commvault software suite. The portal
includes:

• Training Self-Assessment Tools

• Curriculum Guidance based on your Role in your Commvault Enterprise
• Management of your Commvault Certifications
• Access to Practice Exams and Certification Preparation Tools
• And more!

Page 10 of 559
Education Services Commvault® Professional Course May 2018

Class Resources
Course manuals and activity guides are available for download for Instructor-Led Training (ILT) and Virtual Instructor-
Led Training (vILT) courses. It is recommended to download these documents the day prior to attending class to
ensure the latest document versions are being used.

Self-paced eLearning courses can be launched directly from the EA page. If an eLearning course is part of an ILT or
vILT course, it is a required prerequisite and should be viewed prior to attending class.

If an ILT or vILT class will be using the Commvault® Virtual Lab environment, a button will be used to launch the lab
on the first day of class.

Commvault® certification exams can be launched directly from the EA page. If you are automatically registered for an
exam as part of an ILT or vILT course, it will be available on the final day of class. There is no time limit on when the
exams need to be taken, but it is recommended to take them as soon as you feel you are ready.

Page 11 of 559
Education Services Commvault® Professional Course May 2018

CVLab On Demand Lab Environment

The Commvault Virtual Lab (CVLab environment) is now available to our global customers. The CVLab allows you
access to a vital learning tool that provides a flexible method for gaining hands-on experience with the Commvault®
software platform. You will have anywhere/anytime access to a powerful lab environment to practice installations,
test configurations, review current version capabilities or review any lab exercises. The CVLab shares a common
console with our Education Advantage (EA) portal and is accessible 24-hours a day up to the amount of connect time
purchased.

The CVLab time can be purchased as standalone on-demand CVLab time, or to extend lab time for training courses
attended. Extending CVLab time must be purchased within 48-hours after class end time to maintain your lab
progress from the training course. Whether purchasing on-demand or extending; CVLab connect time may be
purchased in four-hour blocks in any quantity. Access will be available for 90 days from point of purchase and is
priced at just one Training Unit per four-hour block.

Page 12 of 559
Education Services Commvault® Professional Course May 2018

Commvault® Education Career Path

The Commvault next generation platform leapfrogs legacy solutions in capabilities and functionality fully modernizing
the performance, security, compliance, and economic benefits of a holistic data management strategy. The key
concepts covered in this first step learning module highlight the core features of Commvault’s new platform. To realize
the full value of these features, Commvault provides multiple levels of education and certification from core training,
through specialized learning sessions, from introductory modules for those new to Commvault to master level training
for Commvault power-users.

Page 13 of 559
Education Services Commvault® Professional Course May 2018

Commvault® On-Demand Learning

Commvault On-Demand Learning offers an array of digital learning assets, selected virtual instructor-led events and
other learning development tools. With an annual subscription, you have continuous access to hundreds of hours of
on-demand learning, over a thousand pages of content and more than a hundred technical training videos. Content is
created by seasoned Commvault experts and updates are posted weekly so you can be sure you can take advantage
of the full breadth of the Commvault data platform when you need it.

Commvault On-Demand Learning is a convenient, flexible, and cost-effective training solution that gives you the tools
to keep a step ahead of your company’s digital transformation initiatives. You and your company will benefit by:

• Learning just what you need, when you need it

• Accessing exclusive expert sessions and on-demand content
• Receiving knowledge updates from Commvault experts in near real-time
• Building skill-sets that can be applied to Commvault certification
• Applying knowledge and seeing impact immediately

Page 14 of 559
Education Services Commvault® Professional Course May 2018

Education Services V11 Certification

Commvault's Certification Program validates expertise and advanced knowledge in topics, including Commvault®
Professional, and more advanced Engineer and Master technologies. Certification is a valuable investment for both a
company and the IT professional. Certified personnel can increase a company's productivity, reduce operating costs,
and increase potential for personal career advancement.

Commvault's Certification Program offers Professional-level, Engineer-level, and Master-level certifications. This
Program provides certification based on a career path, and enables advancement based on an individual’s previous
experience and desired area of focus. It also distinguishes higher-level certifications such as Engineer and Master from
lower-level certification as a verified proof of expertise.

Key Points

• Certification is integrated with and managed through Commvault's online registration in the Education
Advantage Customer Portal.
• Cost of certification registration is included in the associated training course.
• Practice assessments are given in class.
• The Commvault Certified Professional Exam Prep course is also available.
• Students may take the online certification exam(s) any time after completing the course.
• Although it is recommended to attend training prior to attempting an exam, it is not required.

Page 15 of 559
Education Services Commvault® Professional Course May 2018

Commvault Version 11 Certification Exams

• Commvault® Professional
• V11 Professional Upgrade Exam
• Advanced Infrastructure Design
• Virtualization Specialist
• Commvault Master Exam
• Master Exam Upgrade Test

Commvault Certified Professional

A Commvault Certified Professional certification validates the skills required to install, configure, and administer a
CommCell® environment. It proves a professional level skillset in all of the following areas:

• CommCell Administration – user and group security, configuring administrative tasks, conducting data
protection and recovery operations, and CommCell monitoring.
• Storage Administration – deduplication configuration, disk library settings, tape library settings, media
management handling, and snapshot administration.
• CommCell Implementation – CommServe® server design, MediaAgent design and placement, indexing
settings, client and agent deployment, and CommCell maintenance.
Certification status as a Commvault Certified Professional requires passing one exam: Commvault® Professional Exam.

Commvault Certified Engineer

A Commvault Certified Engineer validates advanced level skills in designing and implementing Commvault software.

• Advanced Infrastructure Design – this exam validates expertise in deploying medium and enterprise level
CommCell® environments with a focus on storage design, virtual environment protection, and application data
protection strategies.
Certification status as a Commvault Certified Engineer requires certification as a Commvault Certified Professional and
passing the Advanced Infrastructure Design exam.

Commvault Certified Master

A Commvault Certified Master validates expert level skills in specific areas of expertise. This is the highest achievable
level of certification.

Certification status as a Commvault Certified Master requires certification as both a Commvault Certified Professional
and Certified Engineer, and successful completion of Master certification requirements. These Master certification
requirements include attending a Master class and passing the Master Certification exam.

Additional benefits of attaining the Master Certification include:

• Opportunity to attend free invitation only training events

• Opportunity to attend free early release training courses

Page 16 of 559
Education Services Commvault® Professional Course May 2018

Additional Resources
Maintenance Advantage:
http://ma.commvault.com/

Documentation:
http://documentation.commvault.com/commvault/v11

YouTube Channel:
https://www.youtube.com/user/commvault

https://www.youtube.com/channel/UC0UfIcY_5YFAyXW5INileRA

Mastering Commvault Software book on Amazon:

https://www.amazon.com/Mastering-Commvault-Software-Frank-
Celauro/dp/1545598797/ref=sr_1_1?ie=UTF8&qid=1525356375&sr=8-1&keywords=mastering+commvault+software

Page 17 of 559
Education Services Commvault® Professional Course May 2018

Course Overview
This course is intended for personnel responsible for day-to-day administration and management of Commvault ®
software. The course covers essential concepts, details, options, and best practices for user security and management,
system settings, policy configuration and use, media and library management, job activity and status monitoring, and
job management. Students also learn how to efficiently and effectively manage data movement (backup, auxiliary
copy, and restore) within a CommCell® environment. This course also provides knowledge for designing and
implementing a CommCell® environment. Focus is placed on the most common technical features including
deduplication, virtualization, Commvault ® agent configuration, encryption, and firewall configuration.

Page 18 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Deployment and Configuration

Page 19 of 559
Education Services Commvault® Professional Course May 2018

Next Generation Platform

Page 20 of 559
Education Services Commvault® Professional Course May 2018

Next Generation Platform Overview

The Commvault Next Generation Platform fundamentally redefines data protection, archiving, and cloud data
management by creating an all-inclusive platform that incorporates ‘application aware’ functionality, significantly
reduced backup windows, and instant data recovery. Through advanced data analytics, block-level intelligence, robust
automation and orchestration capabilities, Commvault helps customers of all sizes transform from traditional legacy
and point products to a modern hyper-converged infrastructure.

Next Generation Platform High Level Overview

The CommServe® server coordinates all activity within a CommCell® environment. Data protection jobs (snapshots,
backups, archive / OnePass) are initiated from the CommServe server by communicating with the client. For backup
and archive operations, a data pipe will be established from the client to the MediaAgent. For snapshot operations,
MediaAgent processes will be used to communicate with the array and conduct and manage snapshot operations.

Deduplication processes will be used on the client to optionally compress data and then a signature will be generated
on the data block. The block can also optionally be encrypted over the network or on media. Index data for each job
will be managed in the MediaAgent’s index directory and will also be copied to protected storage when the job
completes.

Page 21 of 559
Education Services Commvault® Professional Course May 2018

Physical Architecture
Commvault® software is deployed in a cell-like structure called a CommCell® environment. One or more cells can be
deployed to manage small to enterprise global environments. The central component of a CommCell environment is
the CommServe® server which coordinates, manages and monitors all CommCell activity. Production data is protected
by installing agents which directly communicate with the operating system or application being protected. Any
production server with an agent installed is referred to as a client. Data is protected by transferring data through
MediaAgents to storage, which can be disk, cloud or tape.

Page 22 of 559
Education Services Commvault® Professional Course May 2018

Physical architecture high level diagram

CommServe® Server
The CommServe® Server is the central management system within a CommCell ® environment. All activity is
coordinated and managed by the CommServe server. The CommServe server runs on a Windows platform and
maintains a Microsoft SQL metadata database. This database contains all critical configuration information. It is
important to note that Commvault® software does not use a centralized catalog system like most other backup
products. This means the metadata database on the CommServe server will be considerably smaller than databases
that contain catalog data. Due to the small size of the database, an automated backup of the database is executed by
default every morning at 10:00 AM.

CommServe server high level diagram

Page 23 of 559
Education Services Commvault® Professional Course May 2018

MediaAgents
A MediaAgent moves data from production systems to protected storage during data protection jobs and moves data
back to production systems during recovery operations. It is a software module that can be installed on most
operating systems. All tasks are coordinated by the CommServe® server. MediaAgents are also used during auxiliary
copy jobs when data is copied from a source library to a destination library such as off-site Disaster Recovery (DR)
copies.

There is a basic rule that all data must travel through a MediaAgent to reach its destination. One exception to this rule
is when conducting Network Data Management Protocol (NDMP) dumps directly to tape media. In this case the
MediaAgent is used to execute the NDMP dump and no data will travel through the MediaAgent. This rule is important
to note as it will affect MediaAgent placement.

Indexing
Commvault® software uses a distributed indexing structure where index data is kept on MediaAgents and is also
automatically copied to storage. Using a distributed indexing structure allows Commvault software to scale significantly
more than legacy backup products and keeps indexes local to where data is being protected.

When data is protected, indexes are automatically generated and written to the MediaAgent’s Index Directory location.
At the conclusion of the job, indexes or index logs are copied to the store location where the job resides. During
restore operations, the index database within the index directory is accessed. If the index database is not available, it
will automatically be restored from the storage media.

Commvault uses two primary indexing methods: the traditional V1 indexing and the new V2
indexing method.

Libraries
Disk library

A disk library is a logical container which is used to define one or more paths to storage called mount paths. These
paths are defined explicitly to the location of the storage and can be defined as a drive letter or a UNC path. Within
each mount path, writers are allocated, which defines the total number of concurrent streams for the mount path.

Tape Library

A tape or removable media library is a library where media can be added, removed and moved between multiple
libraries. The term removable media is used to specify various types of removable media supported by Commvault®
software including tape and USB disk drives, which can be moved between MediaAgents for data protection and
recovery operations.

Cloud Library

A cloud library is cost-effective storage that reduces the need to maintain hardware resources, such as tape or disk
storage devices. It also provides the ability to easily increase your storage capacity when required. Cloud Storage
provides centralized data access, better failover capabilities and reduces the day-to-day storage administration tasks.

Page 24 of 559
Education Services Commvault® Professional Course May 2018

Logical Architecture
Commvault® software logically manages data by containerizing production data, moving the data through logical
streams, and managing protected data using policies.

Logical architecture high level overview

Page 25 of 559
Education Services Commvault® Professional Course May 2018

Clients and Agents

A client is any production system that is protected by Commvault® software. Clients use agents to protect the
production data by installing the agent directly on the client or using a proxy client to protect the data. When an agent
is deployed to a client, the client appears in the CommCell® Browser under the Clients entity.

Agents can be deployed in several ways:

• Physical clients can have agents installed directly on them.

• Virtual clients can have agents installed directly on them or protected by the Virtual Server Agent (VSA) which
would be installed on a physical or virtual proxy server.
• Network Attached Storage (NAS) devices, which cannot have software installed directly on them, are managed
and protected by installing NAS agents on proxy servers.
Backup Sets and Subclients
A backup set is a master container which manages all data the agent is responsible to protect. Subclients define data
that will be protected and how it will be protected. Each subclient container manages specific content within a backup
set. Each backup set can have one or more subclients.

Storage Policies
The Commvault® software suite offers a wide range of features and options to provide great flexibility in configuring
and managing protected data. Protection capabilities such as standard backup, snapshots, archiving and replication
can all be incorporated in a single environment for a complete end-to-end data protection solution. No matter which
methods are used within a Commvault® environment, the concepts used to manage the data remain consistent.

Page 26 of 559
Education Services Commvault® Professional Course May 2018

Web Console
The Web Console, as its name implies, is a web-based application that allows end-users to interact and achieve tasks
in the CommCell® environment. Tasks are sorted into main categories.

The Web Console categories are as follows:

• My Data – Allows an end-user to conduct backups and restores. If permissions permit, the user can also
configure backup schedules, contents to protect, encryption and alerts. Available restores are file-level for
computer file systems, SharePoint document-level, virtual machines and emails.
• Download Center – Provides option to browse and download prepackaged agents, such as laptop backup
agents. These packages must be preconfigured and complied by the backup administrator.
• Event Organizer - web-based application for creating and managing corporate events such as conferences,
seminars, or exhibitions. You can also create surveys and generate reports for tracking and monitoring events
and surveys.
• Virtual Machines – This section lists all the VMs owned by the user and allows to create new virtual
machines. The view provides information about the VMs such as the state, the IP address, and operating
system. The creation of virtual machines is based on templates provided by the administrator.
• Virtual Labs – This view displays information about virtual labs owned by a user. It also provides wizards to
create new virtual labs. This allows a user to manage a group of virtual machines.
• Forms – Forms and actions can be published to users either by the Commvault ® administrator, or by a
workflow that requires user inputs to continue. A good example is a workflow that would automatically install
an agent on an end-user laptop but would first require the department manager’s approbation to install it.

Page 27 of 559
Education Services Commvault® Professional Course May 2018

• Manage Databases – This section lists all Microsoft® SQL databases protected by Commvault® software.
This view allows database administrators to run queries to generate reports. It also provides wizards to easily
clone databases.
• Storage Replication – This section allows to configure the replication between NAS filer, potentially from
different geographical locations, using the Commvault® software DASH Copy feature. This mechanism
optimizes the replication in two ways; it uses minimum bandwidth and storage resources by removing
redundant data and it optimizes the data transfer through chaining and forking mechanisms.
• Admin Console – Provides access to the Admin Console to manage the CommCell® environment.
• Analytics – Offers dashboards providing a view of all the structured and unstructured data of the
organization. It can use several mechanisms that must be implemented and configured beforehand such as,
Commvault® software data analytics, Data Cube, NAS system discovery, Enterprise Explorer. A Web Analytics
tool can also be integrated to provide information and metrics about organization web sites.

Page 28 of 559
Education Services Commvault® Professional Course May 2018

Admin Console
The Admin Console is a powerful web-based user interface that provides a simplified, service-oriented approach to
managing on-premise and cloud infrastructures. With an easy-to-use and flexible interface, you can configure and
manage a broad range of solutions including file systems, databases, and hypervisors.

By using out of the box configurations and streamlined procedures, you can automate common tasks including:

• Setting up your data protection environment using Solutions

• Easily configure cloud, disk and tape storage using Pools
• Identifying content that you want to protect using Plans
• Initiating and monitoring backups and restores
Granular access and permissions are assigned to users, backup administrators, and system administrators providing
them with the essential tools required by their respective roles. This level of security safeguards your environment so
users and administrators do not modify nor impact environment components that are not relevant to their work.

Managed Service Providers (MSPs)

The Admin Console is used by Managed Service Providers (MSPs) offering backup-as-a-service (BaaS). In a multi-
tenant environment, an MSP administrator can mirror real-world organizations by setting up logically separate
companies within a single instance of the Commvault® software. For each company, the MSP administrator can assign
separate Service Level Agreements (SLAs) so that the agreed upon level of data protection is offered to each tenant.

Page 29 of 559
Education Services Commvault® Professional Course May 2018

Admin Console Installation

Installation
The Admin Console is installed directly on the CommServe® server or on a dedicated web host in the DMZ – if access
to the console is provided over the Internet (such as in an MSP environment). Note that no matter which Admin
Console solutions you plan to use, you must first complete the Core Setup.

The Admin Console is included with the Web Console package, which is automatically installed
while installing the CommServe software.

Access the Admin Console

To log into the Admin Console, use the following steps:

1. Replace the following URL <webhost> by your Admin Console server’s fully qualified domain name (FQDN):
http://<webhost>/webconsole
2. Type your username and password, and then click Login.

Accessing the Admin Console from the Web Console

Page 30 of 559
Education Services Commvault® Professional Course May 2018

The Core Setup Wizard

Setup Process
Once the web-based console component is installed in the environment and you log into the Admin Console for the
first time, the Core Setup wizard is immediately launched. This interface guides you through the setup process, which
is required by the applications available in the Admin Console.

The Core Setup includes the following:

• Registering your product

• Configuring an email server
• Adding storage
• The information you will need to complete the Core Setup:
o An account on the Commvault Cloud website
o The name and port number of your email server
o The location of the disk library where you want to store backed up data
Admin Console Core setup

Page 31 of 559
Education Services Commvault® Professional Course May 2018

Page 32 of 559
Education Services Commvault® Professional Course May 2018

Page 33 of 559
Education Services Commvault® Professional Course May 2018

Admin Console Navigation

The Admin Console has an easy-to-use sidebar navigation menu. Many sections are common to all solutions. These
sections provide tools that allow you to configure CommCell® components, run day-to-day operations and monitor the
environment. If the sidebar does not fit the window, it is possible to use the mouse scroll the sidebar up or down.

If you are looking for a specific section of the sidebar, use the Filter navigation box to type characters and sort the
sidebar content.

Admin Console sidebar navigation:

Page 34 of 559
Education Services Commvault® Professional Course May 2018

Filtering information in the Admin Console

Jobs
The Job view provides monitoring functionality for all active jobs within the CommCell ® environment. The Jobs view
displays current running jobs by default. But it can also be used to see the job history of the last 24 hours or the last
three months. From this view, any job can be controlled using the Actions button to kill, suspend, resume and view
the job logs.

A progress bar clearly indicates the progress of the job, while its Status column indicates if the job is still running, and
if so in which phase it is, or if it failed, is suspended or was killed.

Page 35 of 559
Education Services Commvault® Professional Course May 2018

Jobs view

Page 36 of 559
Education Services Commvault® Professional Course May 2018

Events
All Commvault® software related events are reported in the Events view. By default, 500 events are displayed, but the
event log can maintain up to 10,000 events or 7 days of events. Events can be filtered by severity level and can also
provide Job ID and Event ID links that can be clicked to display detailed information about the event or the job that
triggered it.

Events view

Page 37 of 559
Education Services Commvault® Professional Course May 2018

Page 38 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Console
The CommCell® console is the graphical user interface used to configure and manage the CommCell environment,
monitor and control active jobs and view events related to all activities. The console is accessed using local CommCell
accounts or by using Active Directory integrated account authentication.

The CommCell Console is made up of the following windows:

• CommCell Toolbar – provides an easy to navigate ‘ribbon’ to manage and configure the CommCell
environment
• CommCell browser – is the main navigation window which contains a hierarchal structure of all categories
and components within the CommCell environment
• Content / Summary window – provides details based on what component is selected in the CommCell
browser
• Job Controller – provides viewing and control capabilities for all active jobs in the CommCell environment
• Event Viewer – provides information for all logged events within the CommCell environment

Page 39 of 559
Education Services Commvault® Professional Course May 2018

Default Layout of the CommCell Console

Accessing CommCell® Console

The CommCell console can be accessed by locally installing the software or accessing the console through a web
browser.

To log on to the CommCell console, launch the application locally or through a web browser. Required information to
log on is a user name, password and the CommServe host name. When using Active Directory accounts, the format
for username will be domain\user.

Login Screen, Supported Operating Systems and Web Browsers

Page 40 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Toolbar
The CommCell® Console uses a ribbon style toolbar to provide more efficient navigation and configuration.
Configuration options are organized within the toolbar to provide quick access to perform common tasks. By placing
the mouse on the toolbar, use the scroll wheel to quickly move through the different toolbars available. You can hide
the toolbar by clicking the arrow in the upper right corner.

Overview of Toolbar Navigation

Page 41 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Console Browser Window

The CommCell browser is the primary window used to navigate and configure CommCell components. The browser
provides two views: Browser (default) view and Agents view. The navigation is hierarchal in nature and most settings
are customized through the properties pages accessed within the CommCell browser.

CommCell Browser and Agents View

Page 42 of 559
Education Services Commvault® Professional Course May 2018

Content / Summary Window

The Content / Summary window provides information specific to what is selected in the CommCell® browser.
Depending on what object is selected in the browser, the Content / Summary window provides the following
information:

• Content – displays the content contained within the object selected

• Summary – displays an overview summary of the object selected
• Extended Summary – when specific objects in the browser are selected, the extended summary view
provides greater detail than the summary view
• Feature View – for specific objects, features related to the object are displayed
Content and Summary Views

Page 43 of 559
Education Services Commvault® Professional Course May 2018

Job Controller Window

The Job Controller provides monitoring functionality for all active jobs within the CommCell® environment. Jobs remain
in the Job Controller for five minutes after the job completes, fails or is killed. The default time jobs are maintained
after they finish and can be modified in User Preferences applet in the Control Panel.

Job Control View

Page 44 of 559
Education Services Commvault® Professional Course May 2018

Event Viewer Window

All Commvault® software related events are reported in the Event Viewer. By default, 200 events are displayed in the
event viewer, but the event log can maintain up to 10,000 events or 7 days of events. These options are configured in
the System Settings applet in the Control Panel.

Event Viewer View

Page 45 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Component Requirements

Page 46 of 559
Education Services Commvault® Professional Course May 2018

CommServe® Server Requirements

CommServe® Server Performance Requirements
CommServe® server performance is essential for a well performing data protection environment. Although data is
moved from client to MediaAgent or MediaAgent to MediaAgent; communication and job checkpoints are constantly
occurring between CommCell® components and the CommServe server. The CommServe server also serves other
functions such as reporting, and the user experience may be impacted during peak periods of data protection
operations.

CommServe® Server Deployment Overview

The first component to be installed in a new CommCell® environment is the CommServe® server. Once it is installed
the next step is to install MediaAgent software and detect and configure libraries. Policy configuration for storage
policies, schedule policies, subclient policies and global filters should be done prior to installing any client agents. To
make the agent deployment process smoother, when installing client agents, options to associate the default subclient
for the agent with the policies can be selected so preconfiguring policies makes the agent deployment process
smoother.

The following summarizes key points for a new CommServe server deployment:

• Commvault software must be downloaded prior to installation. To avoid any deployment delays,
arrangements for the software download should be done in advance. Additionally, determine the ability to
routinely download updates and upload log files from the CommServe host. If the CommServe will not have
internet access, alternate methods should be discussed and documented.

• Determine the location for a local and remote Software Cache. The Software Cache is a directory where
Commvault updates and software packages are stored. These can be configured during the deployment and

Page 47 of 559
Education Services Commvault® Professional Course May 2018

typically help position the software to be routinely accessible throughout the organization – or prepare for a
disaster.

• Verify the Hardware and System Requirements.

• Ensure the size of the environment has been assessed and there are adequate resources available for the
CommServe server:

o Based on the sizing assessment, determine if the CommServe server will be physical or virtual.

o Determine if the CommServe server needs to be deployed in a clustered configuration for high
availability.

o Ensure the operating system meets the Commvault specifications and patched with updates prior to
the installation.

o Determine if the method of deployment requires additional considerations for Disaster Recovery. For
example, configuring a ‘Floating Host Name’ for the CommServe server.

o Determine if additional components such as Metrics Reporting or the Workflow engine will be installed
on the CommServe server.

o Determine the methods for accessing the CommCell® console and/or Admin Console.

▪ The consoles are installed by default along with the CommServe components.

▪ IIS is required for the Web Server and Web Console and are automatically installed when IIS
is enabled on the CommServe server.

• Although not always required, reboots (powering off and on) may be required to complete an installation or
update. It is recommended to anticipate downtime and that the organization’s change request or
maintenance window process is accommodated in advance. In some cases, the organization may require the
changes be implemented after hours.

• Outline the firewall and network considerations prior to any installation. Unless performing a decoupled install,
all software components must communicate with the CommServe server during installation. Determine the
requirements for working with the organizations firewall configuration in advance.

• Identify any monitoring, security, or anti-virus software that will be installed on the same systems as
Commvault software. The installation and in many cases Commvault operations may be blocked or
performance severely degraded by such software. This can be avoided by applying the appropriate exceptions
or filters for the Commvault software in advance.

• Ensure any Service and Administrative accounts are preconfigured and known during the installation. The
account type and permissions required are determined by the components being deployed. A thorough review
of the deployment should help determine the needs.

o For the CommServe server, an account with local Administrator privileges is required for the software
installation.

o A password for the CommCell ‘admin’ account is configured during the installation. This password
should be a complex password and the primary administrator should always use this account when
managing the environment.

• A permanent license file must be applied after the CommServe software is installed. Ensure that any pending
purchase agreements are completed prior to the deployment of the Commvault software.

• Complete post installation tasks.

Page 48 of 559
Education Services Commvault® Professional Course May 2018

MediaAgent Requirements
MediaAgents are the multifunction workhorses of a Commvault ® software environment. They facilitate the transfer of
data from source to destination, hosts the deduplication database, metadata indexes, and run analytic engines.

For MediaAgent resource requirements and guidelines, refer to the Commvault Online
Documentation.

MediaAgents responsibilities include the following functions:

• Data Mover – moves data during data protection, data recovery, auxiliary copy, and content indexing jobs.
• Deduplication Database (DDB) – hosts one or more deduplication databases on high speed solid state or
PCI storage.
• Metadata indexes – hosts both V1 and V2 indexes on high speed dedicated disks.
• Analytics – runs various analytics engines including data analytics, log monitoring, web analytics, and the
Exchange index for the new Exchange Mailbox agent.

Page 49 of 559
Education Services Commvault® Professional Course May 2018

Data Mover Role

The MediaAgent is the high-performance data mover that transmits data from source to destination, such as from a
client to a library during data protection operations or vice-versa during data recovery. They are used during auxiliary
copy jobs when data is copied from a source library to a destination library. The MediaAgent software can be installed
on most operating systems in physical, virtual, and clustered environments. Note that all tasks are coordinated by the
CommServe® server.

MediaAgent and Data Movement

There is a basic rule that all data must travel through a MediaAgent to reach its destination. One exception to this rule
is when conducting Network Data Management Protocol (NDMP) dumps directly to tape media. In this case, the
MediaAgent is used to execute the NDMP dump and no data travels through the MediaAgent. This rule is important to
note as it affects MediaAgent placement.

Since all data moving to/from protected storage must move through a MediaAgent, resource provisioning for
MediaAgent hosts (e.g., CPU, memory, and bandwidth) must be adequate for both the volume and the concurrency of
data movement you expect it to handle.

MediaAgent Device Control

A MediaAgent provides device control over media changers and removable media devices - and writers to disk devices.
This control defines the path upon which data moves to/from protected storage. In addition to normal device integrity
checks, the MediaAgent can validate the integrity of data stored on the media during a recovery operation and validate
the integrity of the data on the network during a data protection operation.

In the scenario where the MediaAgent component is co-located on the same host as the client agent, the exchange of
data is contained within the host. This is called a SAN MediaAgent configuration, or sometimes referred to as LAN-
free backups, and has its advantages of keeping data off potentially slower TCP/IP networks by using local higher
performance transmission devices (e.g., Fibre Channel, SCSI, etc.). On the other hand, a MediaAgent component
located on a host by itself can provide dedicated resources and facilitate exchange of data over longer distances using
TCP/IP (e.g., LAN, WAN, etc.).

MediaAgent Hosting Functions

The MediaAgent component also achieves additional functions other than moving data. First, the MediaAgent hosts the
index directory. Every protection jobs allowing granular recovery must be indexed. The MediaAgent oversees indexing
the jobs and keeping the indexing information in the index directory. If Commvault® deduplication is enabled on a disk
or a cloud library, the MediaAgent also hosts the deduplication database containing the deduplication information.
Finally, if Data Analytics is in use, it requires the Analytics Engine to be installed on the MediaAgent.

Page 50 of 559
Education Services Commvault® Professional Course May 2018

MediaAgent data movement overview

Deduplication Database
The Deduplication Database (DDB) maintains all signature records for a deduplication engine. During data protection
operations, signatures are generated on data blocks and sent to the DDB to determine if data blocks are duplicate or
unique. During data aging operations, the DDB is used to decrement signature counters for blocks from aged jobs and
subsequently prune signatures, and block records when the signature counter reaches zero. For these reasons, it is
critical that the DDB is located on high performance, locally attached solid state or PCI storage technology.

Metadata Indexes
Commvault® software uses a distributed indexing structure that provides for enterprise level scalability and automated
index management. This works by using the CommServe® database to only retain job-based metadata such as chunk
information, which keeps the database relatively small. Detailed index information, such as details of protected objects
is kept on the MediaAgent. The index location can maintain both V1 and V2 indexes. Ensure the index location is on
high speed dedicated disks.

Page 51 of 559
Education Services Commvault® Professional Course May 2018

Analytics
One or more analytics engines can be installed on a MediaAgent. The following provides a high-level overview of the
commonly used analytics engines:

• Data analytics – provides a view into unstructured data within an environment. Some capabilities include:
o identifying old files and emails
o identifying multiple copies of large files
o removing unauthorized file types
• Log monitoring – identifies and monitors any logs on client systems. The monitoring process is used to
identify specific log entries and set filters based on criteria defined within a monitoring policy.
• Exchange index engine – maintains V2 metadata indexing information for the new Exchange Mailbox
Agent. It is recommended when using the Exchange index server that no other analytic engines are installed
on the MediaAgent hosting the index.

Physical vs. Virtual MediaAgent

Commvault recommends using physical MediaAgents to protect physical and virtual data. The advantages for using a
physical MediaAgent are: better performance, more versatility as a multi-purposed data mover (protect VMs and
physical data), and resiliency. If using a tape library, presenting it to a virtualized MediaAgent adds an additional layer
of complexity for configuration and troubleshooting (should an issue arise). A MediaAgent can be virtualized if all
performance requirements including CPU, RAM, index directory location and deduplication database location are being
met.

Tip: Remote Site MediaAgents

You need to protect a smaller remote site and want to keep a local copy of data for quick restore. However,
you are concerned about hardware costs for a MediaAgent.

Solution: Virtualize the remote site MediaAgent and keep a shorter retention for the local copy, producing a
smaller footprint. Then replicate the data using DASH Copy to the main data center physical MediaAgent
where it can be kept for a longer retention.

Page 52 of 559
Education Services Commvault® Professional Course May 2018

Agent Requirements
It is important, when deploying agents, to validate requirements. Prerequisites differ from one agent type to another.
Even for components that you frequently deploy, always confirm as it may change when a new service pack is
released.

Most frequent requirement categories:

• Operating system version

• Application version (for application agents)
• Service account with specific privileges
For more information on requirements, please refer to their respective section on Commvault’s online documentation.

Page 53 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Deployment

Page 54 of 559
Education Services Commvault® Professional Course May 2018

Download the Commvault® Software

Commvault® offers several methods for obtaining the software installation media required for installing a CommCell®
environment. The Commvault software installation media is available for download from the Maintenance Advantage
website or from the Commvault Software Cloud Services download center.

The Commvault Maintenance Advantage website provides the latest version of the Commvault installation media. By
clicking Downloads & Packages, you can access the most current software installations and service packs or select a
previous version.

There are two options to download the Commvault software:

• Resumable Download Manager – Based on the Bootstrapper download manager, this option is activated
by selecting the required files from the list and then selecting Launch Download Manager at the bottom of the
screen.
• Bootstrapper Direct Download – This option reduces deployment time by selecting only the required
Commvault software components and download of installation media.

Page 55 of 559
Education Services Commvault® Professional Course May 2018

Using the bootstrapper from Maintenance Advantage

Page 56 of 559
Education Services Commvault® Professional Course May 2018

The installer media can also be downloaded from the Download Center on the Commvault ® software Cloud Services
website.

To learn more about the Commvault's Cloud Services, go to the following link:
https://cloud.commvault.com/

Page 57 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Deployment Overview

Process to deploy a CommCell® Environment

1. Ensure all hardware requirements are met based on your environment and backup and recovery windows
required
2. Install the CommServe® server software
3. Configure CommServe DR backup settings
4. Configure software updates
5. Install MediaAgent software
6. Configure disk, cloud and tape libraries
7. Configure global deduplication policies
8. Configure Client Computer Groups
9. Configure storage policies
10. Add global filters
11. Create schedule policies
12. Install agents on clients

Page 58 of 559
Education Services Commvault® Professional Course May 2018

CommServe® Server – Gathering Information

When deploying Commvault® software, it is important to note that every environment is different relative to the
available infrastructure, technology, budget, culture and requirements of the organization. Whether performing a new
installation, an upgrade, or expanding an existing environment, a good amount of planning should take place prior to
installing Commvault software. The more emphasis put into planning, the more likely the deployment will go
smoothly.

Gathering Information
Proper documentation of the CommCell components being installed is essential for a smooth deployment. The
following chart provides a sample of the information that must be obtained for the CommServe deployment. Having
this information in advance will not only help the deployment go quicker – it can help bring any shortcomings to the
surface, such as a lacking resource. Furthermore, it can aid in verifying site readiness and serve as a template for
post deployment documentation.

Page 59 of 559
Education Services Commvault® Professional Course May 2018

Chart showing critical information for the CommServe server installation

Attribute Value (Examples)

Additional Packages File system agent, MediaAgent, Workflow engine, Web Server

SQL Install Directory Drive:\Program Files\Microsoft SQL Server\

SQL Database Directory Drive:\Commvault\Database\

Commvault Software Directory Drive:\Program Files\Commvault\ContentStore

DR Share \\DRCommserve\CSDR

Software Cache Drive:\Program Files\Commvault\ContentStore\Software

Page 60 of 559
Education Services Commvault® Professional Course May 2018

CommServe® Server – Installation

The following steps are used to install the CommServe server:

1. Install the IIS server role on the server.

2. From the download location, launch Setup.exe.
3. Select Accept on the license agreement screen.
4. Choose Install Packages on this computer.
5. In the Select Platforms window, select CommServe and CommCell console. Additional components such as
the MediaAgent component can also be selected.
6. The installation folder path is set by default to the operating system install drive, Program Files folder. The
default location can be changed to a different location by clicking the Browse button and selecting the
desired location.
7. After the destination folder is selected, the summary of install options selected is displayed for confirmation.
8. Review the install options and click Install to proceed with the installation. The CommServe® server
installation now installs the Microsoft .NET Framework 4.0 and Microsoft Visual C++ redistributable packages
for the selected platforms.

Page 61 of 559
Education Services Commvault® Professional Course May 2018

Installation screens for CommServe® server software

Configure CommServe® Database Settings

During the installation, the location for the CommServe database engine and database files must be selected. This
location should follow the recommendations provided on Commvault’s documentation site. The database must be
located on a dedicated volume. A new CommServe database is created for new installations. The software also sets
the SA password for the CommServe database. The password can be changed after the installation. Although not
needed for day to day administration, it may be needed during troubleshooting or Disaster Recovery procedures.

The installation wizard also offers the opportunity to import an existing database. This function is useful when
performing a hardware refresh, or when rebuilding a CommServe server in a disaster scenario. When selecting the
‘Use an Existing Database’ option, browse to the location of the database export, and select the correct database. If
there is an SA password mismatch, you must supply the customer defined password.

When configuring the CommServe Database, the following occurs during installation:

1. The Microsoft SQL Server administrator password is set.

2. The option for the database files folder path is shown during the SQL instance installation.
3. A new CommServe database can be created or an existing database can be used. An existing database in the
form of a CommServe database dump or export is used when:
a. Installing the CommServe® server in an existing CommCell® environment when performing a server
upgrade.
b. Rebuilding a CommServe® server in a disaster scenario.
When selecting the ‘Use an Existing Database’ option, browse to the location of the database export, and
select the correct database.

Page 62 of 559
Education Services Commvault® Professional Course May 2018

CommServe database settings

Configure Basic Console Options

Administrator Account
During the installation, an administrator account must be created. This account is used to log into the CommCell
console which is the primary user interface for configuration and administration tasks. The account cannot be deleted.
A strong password should be used and be safely stored in the organization’s secure password management system.
After the installation, at least one other administrative account should be created for daily use. This is critical in
disaster situations to rebuild and login to the environment to implement additional DR procedures. Other
administrators and users can use Active Directory (AD) for logging in.

Even if Active Directory integration is used to authenticate users, it is strongly recommended to

have at least two administrators with local administrative accounts for DR purposes.

Page 63 of 559
Education Services Commvault® Professional Course May 2018

Initial login credentials creation screen

Software Cache Options

During the installation, the software packages and updates are copied to local disk. This is called a Software Cache or
CommServe Cache and can be leveraged to “push” Client Agent software and updates to other servers in the
environment. These settings can later be changed.

Cluster Setup Options

If the CommServe server is being installed in a cluster, log into the active node with an Administrative account and
then run Setup.exe from the installation media. The Cluster Setup Install Option page is displayed during the
installation. After completing the selections on the active node, it may be necessary to log into the remaining cluster
nodes and repeat the installation process. The installation will apply the missing components to the cluster node.

Addressing Installation Issues

To assist in troubleshooting installation errors, check the following log:

%allusersprofile%\Commvault Systems\Galaxy\LogFiles\Install.log. If the error occurs after the summary page, check
the installation logs in the Software_Installation_Directory\Log Files directory.

%TEMP% also contains installation log files.

Page 64 of 559
Education Services Commvault® Professional Course May 2018

CommServe® Server – Post Installation Tasks

After the CommServe server has been installed, several post installation tasks are necessary before moving onto the
remainder of the deployment.

• Apply production license key

• Configure Software Cache and Updates
• Apply updates to the CommServe® server
• Review and test the CommServe DR backup configuration
• Configure private and cloud metrics reporting
• Configure and test email settings
• Configure user accounts and security

Page 65 of 559
Education Services Commvault® Professional Course May 2018

CommCell® License
When deploying Commvault V11, specific information is required to acquire a full production license:

• The CommServe must be installed.

• Collect CommCell ID, Serial No and the Registration Code.
• For the license file, send email to prodreg@commvault.com to obtain key.

Page 66 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Update Process

Configure Software Cache and Updates
Commvault follows a quarterly schedule for major service pack releases. Service packs are available initially for manual
download from the Maintenance Advantage website. They are then moved to auto update via the Commvault software
update cache process approximately two weeks after initial availability. Service packs should be deployed when
available.

Additional hotfixes may follow the release of a service pack to address critical issues. The hotfixes should also be
applied as soon as they are available. Subsequently, if a new service pack or hotfix conflicts with an older installed
hotfix, the installation process removes them automatically.

By default, the system creates automatic schedules that download and install updates on Commvault ® servers, as well
as on clients. These schedules can be modified as desired.

Page 67 of 559
Education Services Commvault® Professional Course May 2018

Software and update cache locations are configured as follows:

• Primary cache location where all CommCell® resources pull software and updates, unless configured to use a
remote cache.
• Remote caches are used as secondary cache locations, which is beneficial for remote locations. Secondary
caches are set up on local clients at the location to pull software and updates locally avoiding additional WAN
traffic.
To configure the main software cache (CommCell® Console)

Page 68 of 559
Education Services Commvault® Professional Course May 2018

Configure the main software cache (Admin Console)

Page 69 of 559
Education Services Commvault® Professional Course May 2018

Page 70 of 559
Education Services Commvault® Professional Course May 2018

To configure remote software caches (CommCell® Console)

Page 71 of 559
Education Services Commvault® Professional Course May 2018

To download packages and updates (CommCell® Console)

To download packages and updates (Admin Console)

Page 72 of 559
Education Services Commvault® Professional Course May 2018

Automatic update schedules are as follows:

• System Created Download Software – Download the updates automatically in the software cache once a
week if new updates are available.
• System Created Install Software – Automatically install updates on Commvault® servers and clients once
a week if required.
For instance, many companies have change control procedures in place. Installing updates automatically on
servers might go against these procedures. In this case, the System Created Install Software schedule can be
modified or simply disabled.
Viewing or editing automatic update schedules

Page 73 of 559
Education Services Commvault® Professional Course May 2018

Page 74 of 559
Education Services Commvault® Professional Course May 2018

Apply Updates to the CommServe® Server

From the Tools menu | Add/Remove Software | Install Service Pack and Hotfixes

The next step is to ensure that the CommServe® server is up to date. This provides all the latest configuration options
available. Updates can be deployed from the software cache using the CommCell console.

Applying update options

Page 75 of 559
Education Services Commvault® Professional Course May 2018

CommServe® DR Backup
By default, every day at 10:00 AM, the CommServe DR backup process is executed. This process first dumps the
CommServe SQL database to a local folder path. An export process then copies the folder contents to a user defined
drive letter or UNC path. A backup phase subsequently backs up the DR Metadata and any user defined log files to a
location based on the storage policy associated with the backup phase of the DR process. All processes, schedules and
export/backup location are customizable in the DR Backup Settings applet in the Control Panel.

Additionally, a copy of the DR backup can be uploaded to Commvault® Cloud Services, which guarantees that an
offline copy exists and is accessible during recovery if a disaster was to occur.

Page 76 of 559
Education Services Commvault® Professional Course May 2018

CommServe® DR backup process overview

Database Dump
During the dump phase, the system stores the dump files in the following location:

• V11 upgraded environment:

<install path>\CommVault\Simpana\CommServeDR folder.
• V11 New Installation:
<install path>\CommVault\Content Store\CommServeDR folder.
If available space is low, the location of the dump can be modified using the ‘ERStagingDirectory’ in the CommServe
Additional Settings tab.

Export
The Export process copies the contents of the \CommServeDR folder to the user defined export location. A drive letter
or UNC path can be defined. The export location should NOT be on the local CommServe server. If a standby
CommServe server is available, define the export location to a share on the standby server.

By default, five metadata backups are retained in the export location. It is recommended to have enough disk space to
maintain one weeks’ worth of DR exports and adjust the number of exports to the DR backup schedule frequency.

Backup
The Backup process is used to back up the DR Metadata to protected storage. This is accomplished by associating the
backup phase with a storage policy. A default DR storage policy is automatically created when the first library is
configured in the CommCell environment. Although the backup phase can be associated with a regular storage policy,
it is recommended to use a dedicated DR storage policy to protect the DR Metadata.

DR Storage Policy
When the first library in a CommCell environment is configured, a CommServe Disaster Recovery storage policy is
automatically created. The Backup phase of the DR backup process is automatically associated with this storage

Page 77 of 559
Education Services Commvault® Professional Course May 2018

policy. If the first library configured is a disk library and a tape library is subsequently added, a storage policy
secondary copy is created and associated with the tape library.

There are several critical points regarding the DR storage policy and backup phase configurations:

• Although the Backup phase can be associated with any storage policy in the CommCell ® environment, it is
recommended to use a dedicated DR storage policy. Using a dedicated policy isolates DR Metadata on its own
set of media making it potentially easier to locate and catalog in a disaster situation.
• The most common reason the Backup phase is associated with regular data protection storage policies is to
reduce the number of tapes being sent off-site. If the backup phase is associated with a regular storage
policy, consider the following key points:
o Make sure the ‘Erase Data’ feature is disabled in the storage policy. If this is not done, the DR
Metadata will not be recoverable using the Media Explorer utility.
o When the storage policy secondary copy is created, ensure the DR Metadata is included in the
Associations tab of the policy copy.
o Make sure you are properly running and storing media reports. This is especially important when
sending large numbers of tapes off-site. If you don’t know which tape the metadata is on, you will
have to catalog every tape until you locate the correct media which is storing the DR Metadata.

DR Backups to the Cloud

Commvault® offers to all customers a free cloud service to which DR backup can be uploaded. The last seven
metadata backups will be stored and can be downloaded if needed. This ensures that a recent copy of the database is
offsite and can’t be accessed by a rogue process such as a ransomware attack. This service requires a Commvault
Cloud Services account that can be created using the following URL:

http://cloud.commvault.com

Backup Frequency
By default, the DR backup runs once a day at 10:00 AM. The time the backup runs can be modified, and the DR
backup can be scheduled to run multiple times a day or saved as a script to be executed on demand.

Consider the following key points regarding the scheduling time and frequency of DR backups:

• If tapes are being sent off-site daily prior to 10:00 AM then the default DR backup time is not adequate. Alter
the default schedule so the backup can complete, and DR tapes can be exported from the library prior to
media being sent off-site.
• The DR Metadata is essential to recover protected data. If backups are conducted at night and auxiliary copies
are run during the day, consider setting up a second schedule after auxiliary copies complete.
• For mission critical jobs, consider saving a DR backup job as a script. The script can then be executed by using
an alert to execute the script upon successful completion of the job.

Page 78 of 559
Education Services Commvault® Professional Course May 2018

DB Backup default schedule options

Page 79 of 559
Education Services Commvault® Professional Course May 2018

Locations
Multiple copies of the DR backup can be maintained in its raw (export) form using scripts. Multiple copies of the
backup phase are created within the DR storage policy by creating secondary copies, or by creating a data backup
storage policy and including the metadata in the secondary copy’s Association tab.

Follow these guidelines for locating the DR Metadata backups.

• On-site and off-site standby CommServe® servers should have an export copy of the metadata.
• Wherever protected data is located, a copy of the DR Metadata should also be included.
• Whenever protected data is sent off-site a copy of the DR Metadata should be included.
• Since DR Metadata does not consume a lot of space, longer retention is recommended.

Retention
By default, the export phase maintains five copies of the metadata. A general recommendation is to maintain a weeks’
worth of metadata exports if disk space is available. This means if the DR backup is scheduled to run two times per
day, then 14 metadata backups should be maintained.

For the metadata backup phase, the default storage policy retention is 60 days and 60 cycles. A general best practice
is that the metadata should be saved based on the longest data being retained. If data is being sent off-site on tape
for ten years, a copy of the DR database should be included with the data.

DR Backups default retention

Page 80 of 559
Education Services Commvault® Professional Course May 2018

Metadata Security
Securing the location where the DR Metadata is copied to is critical since all security and encryption keys are
maintained in the CommServe database. If the metadata is copied to removable drives or network locations, best
practices recommend using disk-based encryption.

CommServe DR Backup Configuration

From the Configuration menu | Click DR Backup

CommServe DR backup is an administrative task that protects the CommServe® server metadata database. The DR
backup protects the database in two phases. First, it creates an export of the database in a location provided in the
DR Backup applet from the Configuration menu. Then, it creates a copy of that export in a storage policy called
CommServeDR. This storage policy is automatically created by the system upon completion of the libraries
configuration.

At this point of the deployment, since no libraries are yet configured, only the export location can be defined. The
export location must be as far as possible from the CommServe®- server, preferably a remote location.

Configure and Run DR Backups

DR backups are automatically configured and scheduled upon software installation. The default settings and schedule
can be edited to fit your needs, and manual DR backups can be executed on demand if needed.

DR Backup configuration (CommCell® Console)

Page 81 of 559
Education Services Commvault® Professional Course May 2018

DR Backup configuration (Admin Console)

Manually execute a DR Backup (CommCell® Console)

Page 82 of 559
Education Services Commvault® Professional Course May 2018

Manually execute a DR Backup (Admin Console)

Page 83 of 559
Education Services Commvault® Professional Course May 2018

Page 84 of 559
Education Services Commvault® Professional Course May 2018

CommCell® Email Settings

Configure Email Settings
Commvault® software sends alert notification or reports by email. Prior to using these features, the email server must
be configured.

Tip: Configuring Email Settings Using a Secured Mail Server

If your corporate mail server is secured, it is important to understand the level of security. Commvault ®
software uses a functionality called SMTP relay. This means that the email server relays emails generated and
sent by the CommServe® server. Therefore, SMTP relay must be allowed on the mail server for the
CommServe® server IP address. Refer to your software vendor documentation for more information about
SMTP relay and the mail server.

Page 85 of 559
Education Services Commvault® Professional Course May 2018

Email server settings

Page 86 of 559
Education Services Commvault® Professional Course May 2018

MediaAgent – Installation
Installing MediaAgent Software
The next component to install are the MediaAgents to which libraries will later be attached. MediaAgents move and
retrieve protected data from disk, tape, and cloud storage. Data can move at a speed of 4 plus terabytes per hour per
MediaAgent. The MediaAgent software is pushed to a server directly from the software cache using the CommCell®
Console.

When installing the MediaAgents, refer to the Commvault Online Documentation to ensure that all hardware
requirements are met.

Steps for Installing the MediaAgent

1. Launch the installation in the console.
2. Select the platform and provide the servers hostnames.
3. Provide a domain account that has administrative privileges on the systems.
4. Select the MediaAgent code.
5. Check the Reboot (if required) box.
6. Provide the location for the Index directory and the installation directory if different than the default values.
7. Configure the firewall setting if there is a firewall between the CommServe ® server and the MediaAgents.

Page 87 of 559
Education Services Commvault® Professional Course May 2018

Installation screen for MediaAgent server software install (CommCell® Console)

Page 88 of 559
Education Services Commvault® Professional Course May 2018

Installation screen for MediaAgent server software install (Admin Console)

Page 89 of 559
Education Services Commvault® Professional Course May 2018

Page 90 of 559
Education Services Commvault® Professional Course May 2018

Post Installation Tasks

• Validate the location of the Index directory
• Apply updates to the MediaAgents
• Prepare the volume for the Deduplication Database (DDB)

Validate the Location of the Index Directory

Validate that the location of the Index directory is properly set for the MediaAgent. It should be located on a dedicated
SSD or PCIe drive.

The location of the Index directory of the MediaAgent

Page 91 of 559
Education Services Commvault® Professional Course May 2018

Apply Updates to the MediaAgents

No matter which procedure was used to install MediaAgents, it is important to validate that the MediaAgents are up to
date with the software cache. To do so, click Client Computers in the CommCell browser and press F5 to refresh the
view. Once refreshed, ensure that the ‘Update Status’ column displays ‘Up-to-Date’ for all MediaAgents.

Update status for MediaAgents

Page 92 of 559
Education Services Commvault® Professional Course May 2018

MediaAgents – Index Directory

All object level data protection jobs use indexes for all operations. These indexes are maintained in the index
directory. Improper configuration of the index directory can result in job failures and long delays in browse and
recovery operations.

Changing the Index Directory Location

Right-click the MediaAgent | Click Properties | Catalog tab

Right-click the MediaAgent | Click Properties | Catalog tab

The index directory location is modified by changing the ‘Index Directory’ in the Catalog tab of the MediaAgent
properties. When the path is changed, the system prompts the user to automatically copy the contents from the old
location to the new location.

Note that this is a copy operation, so the old index directory contents remain until deleted by the
user.

Page 93 of 559
Education Services Commvault® Professional Course May 2018

Index Directory location

Page 94 of 559
Education Services Commvault® Professional Course May 2018

Disk, Cloud, and Deduplication

Page 95 of 559
Education Services Commvault® Professional Course May 2018

Storage Overview
Commvault® software logically addresses storage systems to allow virtually any library type to be used. The three
primary library types are disk, tape, and cloud.

Disk libraries best practices:

• If using DAS or SAN, format mount paths using a 64KB block size.
• If using DAS or SAN, try to create multiple mount path. For instance, if there are 10 mount paths, and there is
a maintenance job, such as a defrag job running on one, the mount path can be set to read-only, leaving 90%
of the disk library available for backup jobs.
• Set mount path usage to Spill and Fill, even if using only one mount path. If additional mount paths are added
later, the streams will spill as expected.
• Share the disk library if required.

Page 96 of 559
Education Services Commvault® Professional Course May 2018

Disk Library Design

A disk library is a logical container which is used to define one or more paths to storage called mount paths. These
paths are defined explicitly to the location of the storage as a drive letter or a UNC path. Within each mount path,
writers are allocated which defines the number of concurrent streams for the mount path.

There are three primary types of disk libraries:

• Dedicated – disk libraries are created by first adding a disk library entity to the MediaAgent using either the
right-click All Tasks menu or the Control Panel’s Expert Storage Configuration tool. One or more mount paths
can be created/added to the library. Mount Paths are configured as Shared Disk Devices. The Shared Disk
Device in a dedicated disk library has only one Primary Sharing Folder.
• Shared – disk libraries are libraries with more than one Primary Sharing Folder configured on a Shared Disk
Device. This enables other MediaAgents access to the same shared volume resource. A shared disk library
can then be created and the ‘Shared Disk Devices’ added to the library. One path to the shared folder can be
direct while the others are Common Internet File System (CIFS) shared directory paths. CIFS protocol is used
to manage multiple MediaAgent access to the same directory. For UNIX hosted MediaAgents, Network File
Share (NFS) protocol can be used. NFS shared disks appear to the MediaAgent as local drives.
• Replicated – disk libraries are configured like a shared disk library with the exception that the Shared Disk
Device has a replicated data path defined to a volume accessible via another MediaAgent. Replicated folders
are read-only and replication can be configured for use with third party replication hardware.

Page 97 of 559
Education Services Commvault® Professional Course May 2018

There are three methods that disk library data paths can be configured:

• Network Attached Storage or NAS

• Storage Area Network or SAN
• Direct Attached Storage or DAS

The following explanations assume Commvault deduplication is being used.

Network-Attached Storage (NAS)

Network-Attached Storage provides the best connection method from a resiliency standpoint since the storage is
accessed directly through the NAS device. This means that by using a Common Interface File System (CIFS) or a
Network Internet File System (NFS), Universal Naming Convention (UNC) paths can be configured to read and write
directly to storage. In this case, the library can be configured as a shared library, where all MediaAgents can see
stored data for data protection and recovery operations.

Disk library using Network Attached Storage (NAS)

Page 98 of 559
Education Services Commvault® Professional Course May 2018

Storage Area Network (SAN)

Storage Area Networks or SANs are very common in many data centers. SAN storage can be zoned and presented to
MediaAgents using either Fibre Chanel or iSCSI. In this case, the zoned storage is presented directly to the
MediaAgent providing Read / Write access to the disks.

When using SAN storage, each building block should use a dedicated MediaAgent, DDB and disk library. Although the
backend disk storage in the SAN can reside on the same disk array, it should be configured in the Commvault®
software as two separate libraries; where Logical unit numbers (LUNs) are presented as mount paths in dedicated
libraries for specific MediaAgents.

SAN storage provides fast and efficient movement of data but, if the building block MediaAgent fails, data cannot be
restored. When using SAN storage, either the MediaAgent can be rebuilt or the disk library can be re-zoned to a
different MediaAgent. If the disk library is rezoned, it must be reconfigured in the Commvault® software to the
MediaAgent that has access to the LUN.

Disk library using Storage Area Network (SAN)

Page 99 of 559
Education Services Commvault® Professional Course May 2018

Direct Attached Storage (DAS)

Direct attached storage is when the disk library is physically attached to the MediaAgent. In this case, each building
block is completely self-contained. This provides for high performance but does not provide resiliency. If the
MediaAgent controlling the building block fails, data stored in the disk library cannot be recovered until the
MediaAgent is repaired or replaced. Keep in mind that, in this case, all the data in the disk library is still completely
indexed and recoverable, even if the index directory is lost. Once the MediaAgent is rebuilt, data from the disk library
can be restored.

Disk library using Direct Attached Storage (DAS)

Page 100 of 559

Education Services Commvault® Professional Course May 2018

Add a Disk Library (CommCell® Console)

Before adding a disk library, the operating system must have access to the storage. For SAN or DAS storage, volumes
must be created and formatted in the operating system. For NAS, try to access the storage CIFS shares using the
credentials.

Add the Disk Library

Once the operating system has access to the storage, the library can be created.

Adding a disk library

Page 101 of 559

Education Services Commvault® Professional Course May 2018

Add Mount Paths to the Library

Creating the library also defines the first mount path. Any additional mount paths then need to be defined.

Adding a mount path

Page 102 of 559

Education Services Commvault® Professional Course May 2018

Share the Disk Library

If the disk library is using NAS storage, it can be shared with other MediaAgents. Sharing a disk library is achieved by
sharing its mount paths. Apply the sharing procedure on each mount path.

Sharing a disk library

Page 103 of 559

Education Services Commvault® Professional Course May 2018

Add a Disk Storage Target (Admin Console)

Before adding a disk storage target, the operating system must have access to the storage. For SAN or DAS storage,
volumes must be created and formatted in the operating system. For NAS, try to access the storage CIFS shares using
the credentials.

Add the Disk Storage Target

Once the operating system has access to the storage, the storage target can be created.

Adding a disk storage target

Page 104 of 559

Education Services Commvault® Professional Course May 2018

Add Mount Paths to Storage Target

Creating the storage target also defines the first mount path. Any additional mount paths then need to be defined.

Adding a mount path

Page 105 of 559

Education Services Commvault® Professional Course May 2018

Page 106 of 559

Education Services Commvault® Professional Course May 2018

Share the Storage Target

If the storage target is using NAS storage, it can be shared with other MediaAgents. Sharing a storage target is
achieved by sharing its mount paths. Apply the sharing procedure on each mount path.

Sharing a storage target

Page 107 of 559

Education Services Commvault® Professional Course May 2018

Page 108 of 559

Education Services Commvault® Professional Course May 2018

Page 109 of 559

Education Services Commvault® Professional Course May 2018

Cloud Library Design

Cloud storage is an emerging technology that is quickly being integrated into data centers for its availability and, in
some cases, lower Total Cost of Ownership (TCO). As a DR solution, however, there are still significant questions on
its effectiveness. The two biggest questions regarding cloud storage for DR are bandwidth availability and data
security. Using advanced features such as Commvault deduplication can greatly reduce the bandwidth requirements of
backing up to cloud storage. However, in a disaster situation where a significant amount of data must be restored,
bandwidth can become a serious bottleneck.

Data transfers are achieved using secured channels (HTTPS) and are optionally encrypted to further secure the data
sent to the cloud.

Cloud libraries best practices:

• Properly plan and analyze if the cloud library scenario meets the needs (i.e. restoring an entire datacenter).
• If the link is shared with users, consider throttling Commvault ® bandwidth usage during business hours.
• If the MediaAgent does not have direct access to the internet, define the proxy settings in the Advanced tab of
the cloud library configuration page.
• If the cloud library is accessed through a high-speed internet link (1GB or higher), consider tuning the
connection. For more information, refer to the Commvault Online Documentation, ‘Cloud Connection
Performance Tuning’ section.

Page 110 of 559

Education Services Commvault® Professional Course May 2018

• If using deduplication, by default, jobs are not aged and pruned unless the DDB is sealed. If you want to age
and prune jobs as soon as retention is met, configure micro pruning. For more information, refer to the
Commvault Online Documentation, ‘Configuring Micro Pruning on Cloud Storage’ section.

The list of supported cloud providers for Commvault® software grew over the years — up to 20
providers as of Service Pack 7. For a complete list of supported providers, please refer to
Commvault Online Documentation.

Add a Cloud Library

If a cloud provider is used for the cloud library, access information is given by the provider. This includes the URL,
username, password or keys, and the container or bucket in which to store the data. This information is required in
Commvault® software when adding the cloud library.

A MediaAgent must be defined to act as a gateway and to send the data to the cloud. If the library is used for
secondary copies of data store in local library, it is recommended whenever possible to use the MediaAgent hosting
the primary copy to avoid unnecessary traffic. If the MediaAgent requires a proxy to reach the cloud, it can be defined
during the cloud library creation process by using the Advanced tab.

Adding a cloud library

Page 111 of 559

Education Services Commvault® Professional Course May 2018

Add a Cloud Storage Target

A cloud storage target is a cloud library hosted on a supported provider’s cloud storage.

Adding a cloud storage target

Page 112 of 559

Education Services Commvault® Professional Course May 2018

Deduplication

Page 113 of 559

Education Services Commvault® Professional Course May 2018

Deduplication Overview
In any modern data center, duplicate data exists on storage-based media, networks, and virtual servers. Some
examples include identical DLL files existing on different servers, or multiple users working on the same document—
each user modifies different blocks in the file while other blocks remain unchanged. Traditionally this redundant data is
stored on disk or tape, which requires a significant amount of space to protect. With Commvault ® deduplication
storage techniques, a single copy of redundant data (and any subsequent references to the same data) is stored only
once; reducing the amount of space needed to save data and protecting against data loss.

Page 114 of 559

Education Services Commvault® Professional Course May 2018

Deduplication high level concept

Benefits and Features

Commvault® software has a unique set of deduplication features that are not available with most third-party
deduplication solutions. By taking full advantage of Commvault deduplication, you can reduce storage and network
resource requirements, shrink backup windows, efficiently copy data to off-site locations, and copy deduplicated data
to tape, disk, or to a cloud environment.

Commvault deduplication offers the following benefits:

• Efficient use of storage media

• Efficient use of network bandwidth
• Significantly faster Synthetic Full operations
• Significantly faster auxiliary copy operations
• Efficient use of tape media
• Resilient indexing and restorability

Page 115 of 559

Education Services Commvault® Professional Course May 2018

Efficient use of Storage Media

Commvault deduplication provides two storage policies that are used to efficiently move large amounts of data:

• Deduplication Storage Policy – performs deduplication on all data blocks written to each storage policy.
• Global Deduplication Storage Policy (optional) – writes blocks from multiple storage policies through a
single deduplicated policy. Using a global policy results in multiple policy data blocks being stored once on disk
storage.

Efficient use of Network Bandwidth

Client-Side Deduplication is used to deduplicate block data before it leaves the client. From that point forward, only
changed blocks are sent over the network. This greatly reduces network bandwidth requirements after the first
successful full backup is complete.

Faster Synthetic Full

Using the Deduplication Accelerate Streaming Hash (DASH) full backup reduces the time to perform synthetic full and
traditional full backup operations. The DASH full runs as a read-optimized synthetic full operation, which does not
require traditional full backups to be performed. Once the first full backup has completed, blocks that have changed
are protected during incremental or differential backups. A DASH full runs in place of a traditional full or synthetic full,
does not require movement of data, and updates the index files and Deduplication Database (DDB) when a full backup
has completed.

Faster Auxiliary Copy Operations to Disk Storage

The DASH Copy operations are optimized auxiliary copy jobs that require only modified blocks to be sent to a second
disk target. Because secondary copies do not require high bandwidth requirements, this is an ideal solution for
sending off-site copies to secondary disaster recovery facilities.

Efficient use of Tape Media using SILO

SILO storage copies deduplicated data to tape in its deduplicated state. Data is not rehydrated with SILO, instead the
operation copies data in its deduplicated form and efficiently produces a backup of the disk volume folders in the
Commvault disk library. This kind of protection greatly reduces storage that is required to protect data for long term
compliance requirements.

Resilient Indexing and Restorability

Although the Deduplication Database (DDB) checks signature hashes for deduplication purposes, it is not required
during restore operations. Instead the standard indexing methodology is used. This includes using the index directory
and index files written at the conclusion of the job. This resiliency ensures that deduplicated data is restored even
during unforeseen events, such as disaster recovery.

Page 116 of 559

Education Services Commvault® Professional Course May 2018

Components and Terminology (CommCell® Console)

Components and Terminology (CommCell® Console)
There are several components that comprise the Commvault® deduplication architecture:

The Global Deduplication Policy – defines the rules for the Deduplication Engine. These rules include:

• Deduplication Store location and configuration settings

• The Deduplication Database (DDB) location and configuration settings
A Data Management Storage Policy – is configured as a traditional storage policy, where the former also manages
subclient associations and retention. Storage policy copies defined within the Data Management policy are associated
with Global Deduplication storage policies. This association of the Data Management Storage Policy copy to a Global
Deduplication Policy determines in which Deduplication Store the protected data resides.

Deduplication Database (DDB) – is the database that maintains records of all signatures for data blocks in the
Deduplication Store.

Deduplication Store – contains the protected storage using Commvault deduplication. The store is a disk library
which contains non-duplicate blocks, along with block indexing information, job metadata, and job indexes.

Client – is the production client where data is being protected. The client has a file system and/or an application
agent installed. The agent contains the functionality to conduct deduplication operations, such as creating data blocks
and generating signatures.

MediaAgent – coordinates signature lookups in the DDB and writes data to a protected storage. The signature
lookups operation is performed using the DDB on the MediaAgent.

Page 117 of 559

Education Services Commvault® Professional Course May 2018

Deduplication Architecture high level overview:

Global Deduplication Policy Wizard

Storage Resources | Right-click Deduplication Engines | New Global Deduplication Policy

The global deduplication policy wizard is used to create new global deduplication policies. Options during the wizard
include the name, library, MediaAgent, number of partitions and partition location, and the network interfaces used for
MediaAgent configurations. Additional settings including the use of transactional DDB and compression usage must be
set after completing the wizard.

Page 118 of 559

Education Services Commvault® Professional Course May 2018

Create a global deduplication policy

Page 119 of 559

Education Services Commvault® Professional Course May 2018

Page 120 of 559

Education Services Commvault® Professional Course May 2018

Storage Pools (Admin Console)

In addition to creating storage targets, storage pools must also be configured in order to use Commvault ® storage.
This allows selecting the pool when defining data protection plans. A tape storage pool simply refers to the tape
storage target.

A disk or cloud storage pool defines the relationship between a disk or cloud-based storage and a deduplication
database (DDB). The storage target can be created beforehand and simply selected when creating the storage pool.
This means that all datasets sent to this library will be deduplicated against each other, resulting in each unique block
being written only once in back-end or cloud storage.

Multiple storage pools can be created within a CommCell®, allowing to send protected data to different targets, and
replicating the backup data to a secondary location.

Page 121 of 559

Education Services Commvault® Professional Course May 2018

Disk/Cloud storage pools overview

Configure Disk Storage Pool

Configuring a disk storage pool is achieved from the Admin Console, under the Storage section. The storage target can
be configured prior to the configuration of the storage pool, or it can be created directly in the storage pool creation
wizard. On top of the storage target, it is also important to collect information on the location of the deduplication
database (DDB). It should be a dedicated set of disks, preferably SSD, located on the same MediaAgent to which the
disk library is configured.

Page 122 of 559

Education Services Commvault® Professional Course May 2018

Configuring a disk storage pool

Page 123 of 559

Education Services Commvault® Professional Course May 2018

Page 124 of 559

Education Services Commvault® Professional Course May 2018

Partitioned Deduplication Database

Partitioned deduplication provides higher scalability and deduplication efficiency by allowing more than one
Deduplication Database (DDB) partition to exist within a single deduplication engine. It works by logically dividing
signatures between multiple databases. If two deduplication partitions are used, it effectively doubles the size of the
deduplication store. Currently Commvault® software supports up to four database partitions.

How Partitioned Databases Work

During data protection jobs, partitioned DDBs and the data protection operation work using the following logic:

1. Signature is generated at the source - For primary data protection jobs using client-side deduplication, the
source location is the client. For auxiliary DASH copy jobs, the source MediaAgent generates signatures.
2. Based on the generated signature it is sent to its respective database. The database compares the signature
to determine if the block is duplicate or unique.
3. The defined storage policy data path is used to protect data – regardless of which database the signature is
compared in, the data path remains consistent throughout the job. If GridStor ® Round-Robin has been
enabled for the storage policy primary copy, jobs will load balance across MediaAgents.

Page 125 of 559

Education Services Commvault® Professional Course May 2018

Partition Deduplication showing data path and signature lookup paths

Partitioned Databases and Network-Attached Storage (NAS)

If partitioned deduplication is going to be implemented using two MediaAgents, it is recommended to use a shared
disk library with a Network-attached Storage (NAS) device. The NAS storage allows either MediaAgent to recover data
even if the other MediaAgent is not available.

Partitioned Database for Scalability

The primary purpose for partitioned DDBs is to provide higher scalability. By balancing signatures between database
partitions, you can scale up the size of a single deduplication store. If you have two partitions, the size of the store
doubles -- and having four partitions quadruples its size.

Partitioned Database for Resiliency

Using partitioned databases ensures resiliency. For instance, if one MediaAgent hosting a Deduplication Database
(DDB) goes offline, the other MediaAgent continues data protection jobs as the available DDB continues signature
lookups. However, with the loss of one database, all signatures previously managed by the off-line database would
now be looked up in the remaining online database. This causes existing signatures managed in the off-line database
to be compared in the online database, which results in the signatures being treated as unique, and additional data
being written to the library.

Page 126 of 559

Education Services Commvault® Professional Course May 2018

Data Verification
With all the benefits of Commvault® deduplication, it is critical to consider the integrity of deduplicated data. A corrupt
block in the deduplication store can result in data from multiple jobs not being recoverable. Commvault® V11 provides
live data verification operations that are conducted while data protection jobs are running. To use data verification,
the MediaAgent options ‘Validation on Media’ and ‘Validation on Network’ must be enabled, which they are by default.

There are four verification options:

• Verification of existing jobs on disk and deduplication database

• Verification of deduplication database
• Quick verification of deduplication database
• Incremental verification

Verification of Existing Jobs on Disk and Deduplication Database

This verification method uses checksum data to verify block integrity by reading data chunks (Sfiles), uncompressing,
and decrypting, and using Cyclic Redundancy Check (CRC) information to validate block integrity. This option also
verifies chunk metadata using CRC checks. Any blocks failing the check will be marked in the DDB. New blocks
generating the same signature as a block marked bad are re-written to disk and a new signature entry is written to
the DDB. This verification method also verifies chunk integrity between the DDB and disk library.

Verification of Deduplication Database

This verification method performs all the same tasks as the ‘Verification of Existing Jobs on Disk and the Deduplication
Database’ except metadata chunk validation.

Page 127 of 559

Education Services Commvault® Professional Course May 2018

Quick Verification of Deduplication Database

The verification method quickly verifies chunk integrity between DDB and disk library.

Incremental Verification
This method verifies data integrity for new jobs added since the last verification job. This option is available when
running ‘Verification of Deduplication Database’ or ‘Verification of Existing Jobs on Disk and the Deduplication
Database’ options. Commvault® introduced a DDB verification schedule that executes an incremental verification every
day, at 11 a.m. Since this method only verifies new jobs, full verification jobs should periodically be executed, such as
once a month or once a quarter.

The best way to protect against potential data corruption, whether using deduplication or not, is to
always have multiple copies of data.

Incremental data verification schedule option

Page 128 of 559

Education Services Commvault® Professional Course May 2018

Run data verification job manually

Page 129 of 559

Education Services Commvault® Professional Course May 2018

Tape Library and Media Management

Page 130 of 559

Education Services Commvault® Professional Course May 2018

Tape Library Design

A tape library is a library where media can be added, removed, and moved between multiple libraries. The term
removable media is used to specify various types of removable media supported by Commvault ® software, including
tape and USB disk drives, which can be moved between MediaAgents for data protection and recovery operations.

Tape libraries best practices:

• Configure the tape library cleaning method to use. Software cleaning (Commvault) or hardware cleaning
(library) can be used, but not both. A choice must be made.
• Share the tape library if required.
• Create a barcode pattern for cleaning tapes and assign it to the Cleaning Media group.
• If using multiple scratch media groups, create scratch groups and barcode patterns to use.
• Validate drive speed (from the CommCell Console) and document for future reference.
Tape libraries are divided into the following components:

• Library – is the logical representation of a library within a CommCell® environment. A library can be dedicated
to a MediaAgent or shared between multiple MediaAgents. Sharing of removable media libraries can be static or
dynamic depending on the library type and the network connection method between the MediaAgents and the
library.
• Master drive pool – is a physical representation of drives of the same technology within a library. An example
of master drive pools would be a tape library with different drive types like LTO4 and LTO5 drives within the
same library.

Page 131 of 559

Education Services Commvault® Professional Course May 2018

• Drive pool – is used to logically divide drives within a library. The drives can then be assigned to protect
different jobs.
• Scratch pool – is defined to manage scratch media, also referred to as spare media, which can then be
assigned to different data protection jobs.
o Custom scratch pools – can be defined and media can be assigned to each pool.
o Custom barcode patterns – can be defined to automatically assign specific media to different scratch
pools or media can manually be moved between scratch pools in the library.

Library Types
Commvault software supports the drives for tape libraries:

• Standalone
• Blind
• Dedicated
• Static Shared
• Dynamic Shared
• Virtual Tape Library (VTL)
• USB Devices

Standalone
A standalone tape drive has no robotic media changer and no internal storage slots. Multiple standalone drives
controlled by the same MediaAgent can be pooled together to support multi-stream jobs or cascade of a single stream
job without having to respond to media handling requests. Media used by a Standalone library can be pre-stamped or
new, and will be prompted for, by backup or restore jobs as necessary.

Blind
A ‘blind’ library has no barcode reader and is supported by the Commvault® software maintaining the map/inventory
externally in the CommServe® server metadata.

Dedicated
A static configuration where the drives and media changer are connected to only one MediaAgent.

Static Shared
A static configuration where the drives and media changer are connected to only one of several MediaAgent hosts.

Example: In a library with four tape drives, one MediaAgent may have control of the media changer and two drives
within the library while another MediaAgent may have control over the other two tape drives. A drive connected to one
MediaAgent host is not accessible from the other MediaAgent hosts. Should the MediaAgent component having media
changer control fail, no further loading/unloading of media can occur until that MediaAgent is active again. Shared
libraries in today’s world of Storage Area Networks (SAN) are not common.

Page 132 of 559

Education Services Commvault® Professional Course May 2018

Dynamic Shared
In a Dynamic Shared Library, the library drives and media changer are on a SAN and can be accessed by multiple
MediaAgent hosts. Drives not being used by one MediaAgent can be assigned to and used by another MediaAgent. If
the MediaAgent with control of the media changer fails, the control can be automatically passed to another
MediaAgent. The primary advantage of a Dynamic Drive library is the use of multiple MediaAgents for processing
reads/writes. Dynamic Drive capability is referred to as GridStor ® Technology. GridStor technology is an option that
enables load balancing and failover of data protection jobs.

Virtual Tape Library (VTL)

A Virtual Tape Library (VTL) is a disk-based library that emulates the traditional tape devices and formats, and can be
installed onto any disk space. Refer to the manufacturer's documentation to see if a disk-based storage subsystem
supports VTL emulation mode. Follow the manufacturer's instructions to create the virtual tape library and make sure
that the MediaAgent can detect the virtual arm changer and the drives created.

USB Devices - PnP (Plug and Play) Disk Libraries

For some environments with remote office locations connected to a main data center with limited bandwidth such as
‘fractional T1’ or ‘satellite,’ USB backup devices may provide the best protection solution. PnP (Plug and Play) Disk
Libraries (USB devices) are configured and recognized by Commvault® software as standalone tape devices. This
allows data to be protected to USB devices using MediaAgents at remote locations, removed and sent to another
location and connected to a different MediaAgent where the data can be accessed and restored. Since the USB device
is detected as a tape device it is considered portable and any Windows MediaAgent within the CommCell®
environment can recognize the device and access/restore the data. This method can also be used for seeding stores
when using Commvault deduplication for remote office protection.

A tape library is added directly from the CommCell ® browser by right-clicking libraries or using the expert storage
configuration applet in the storage ribbon menu. The expert storage configuration applet provides advanced
configuration options that are not available when using the CommCell browser add method.

Page 133 of 559

Education Services Commvault® Professional Course May 2018

Add a Tape Library

Before you configure a tape library in Commvault® software, it first must be attached or zoned to be seen by the
MediaAgent operating system. The device manager should detect one medium changer and one or many drives. It is
recommended to install the vendor drivers specific to the library.

Once completed, if the library is dedicated to a single MediaAgent, it is configured directly in the CommCell® browser.
If it is shared, it must be configured using the Expert Storage Configuration wizard.

Adding a tape library from the CommCell® browser

Page 134 of 559

Education Services Commvault® Professional Course May 2018

Add a shared tape library using expert storage configuration

Page 135 of 559

Education Services Commvault® Professional Course May 2018

Add a tape library using the Admin Console

Page 136 of 559

Education Services Commvault® Professional Course May 2018

Page 137 of 559

Education Services Commvault® Professional Course May 2018

Tape Library Configuration Options

General Tape Library Configuration Options

Common configuration options are available for tape libraries.

Active and Failover Library Controllers

When a tape library is shared amongst multiple MediaAgents, only one of the MediaAgent acts as the active library
controller. The active controller is responsible for sending SCSI commands to the device such as
mounting/unmounting a tape, cleaning a drive, resetting a drive, exporting/importing media, etc.

Even if another MediaAgent requires writing data, the library operation is always conducted by the active controller.
Failover candidates can be defined to replace the active controller, should the active controller become unavailable.

Configuring active and failover library controllers

Virtual Mail Slots

When exporting media, the library uses I/E ports, also called Mail slots. If several tapes require to be exported and the
number of I/E ports is limited, the tape operator must open the library multiple times, which triggers a library scan
each time, wasting a lot of time. To avoid this situation, virtual mail slots are configured. Basically, the system uses
defined regular slots to act as I/E ports. So instead of opening the library I/E ports, the entire magazine or library door
can be opened to access the media.

When defining virtual mail slots, a starting port number must be defined, as well as the order for additional media.
The order can go up or down. For instance, an administrator could define to start with port number one and to go up
for additional media. Every day, the exported media will be ordered starting with port number one, and will go up for
as many slots are required.

Page 138 of 559

Education Services Commvault® Professional Course May 2018

When using virtual mail slots, ensure to leave at least one empty slot in the library, as it is required
by the system when re-ordering tapes.

Virtual mail slots configuration

Auto-Cleaning
Over time when using tape drives, dirt can accumulate on the drive read/write heads. When it happens it’s important
to clean the drives using a cleaning media. This process is usually automated but can be executed manually.

There are two different methodology when cleaning drives:

• Hardware Controlled Cleaning – The cleaning of the drives is handled by the library itself. In this scenario,
auto-cleaning must be disabled in Commvault® software and must be enabled on the library by using either
the administration web portal or its control panel. The library configures dedicated cleaning slots where
cleaning media are stored. The dedicated cleaning slots and cleaning media are not visible in Commvault
software and cannot be used. Manual cleaning operations must be initiated from the library web page.
• Software Controlled Cleaning – The cleaning of drives is handled by Commvault software. In this scenario,
auto-cleaning must be disabled on the library and must be enabled in Commvault software. The library does
not reserve any dedicated cleaning slots and Commvault software is aware of the cleaning media. Cleaning
must be initiated from Commvault® software.

Both cleaning methods are equally effective since both use hardware sense code and/or cleaning thresholds. The
preferred method can be determined based on the manufacturer’s recommendations.

Page 139 of 559

Education Services Commvault® Professional Course May 2018

Even if both cleaning methods are as effective, it cannot be used concurrently. A choice must be
made, and a single method used.

If the software receives a sense code and cleans the tape drive heads, but the drive still encounters errors, it is not a
dirt issue and probably is a hardware malfunction that should be investigated. In this situation, to avoid having the
system trying to clean the drive again, a minimal number of days since the last cleaning can be set before a new
cleaning attempt is conducted. The default value is 3 days, which ensures that even on a long week-end, the
administrator will notice that there is a cleaning issue before additional unnecessary cleanings are attempted.
Otherwise, it could result in using all cleaning media in a single night.

When a drive status is set to dirty and the system cannot clean the drive, such as when there are no cleaning media
available in the library, Commvault® software stops using that drive completely for both backups and restores. This
prevents damaging the media or corruption when writing data to the media a using dirty tape drive. If resources are
limited and a restore requires a tape drive, the ‘Continue using drive even if it needs cleaning, during the restore’
option is used. It would allow using the drive, but as mentioned by the option, only during restores.

Tape drive auto-cleaning configuration

If you use cleaning thresholds, some adjustments to the threshold values might be preferable. By default, the
threshold to retire a bad media is five read/write errors. But the threshold to clean a dirty drive is ten read/write
errors, which means that up to two tapes could be retired before the drive gets cleaned. And these media are
probably good media. To avoid this situation, you can slightly increase the tape threshold or decrease the drive
threshold or both, to ensure that the drive is cleaned before the media is retired, (i.e., you could increase the tape
threshold to seven and lower the drive threshold to six).

Page 140 of 559

Education Services Commvault® Professional Course May 2018

Setting media retirement thresholds

Setting drive cleaning thresholds

Page 141 of 559

Education Services Commvault® Professional Course May 2018

Tape Media Management

Commvault® software manages all media from a physical and logical perspective. Understanding the methods used to
manage media from initial discovery—to its eventual destruction is important for effective media administration. This
section details concepts and administrative tasks for proper media management.

Common physical actions:

Physical media management refers to any action performed that will physically cause actions within the library, such
as:

• Export tapes from the library

• Import and discover tapes added to the library
• Physically erase tapes
• Load and unload tapes into drives

Common logical actions:

Logical management of media focuses on the media group and the state of tape, which is represented by a media
icon. Logical actions include:

• Load and unload tapes into drives

• Move a tape to another media group
• Delete tape or delete contents of a tape
• View contents of a tape

Page 142 of 559

Education Services Commvault® Professional Course May 2018

• Retire a tape

Media Icons
All tapes within a library are associated with a media status icon. These icons are used to quickly identify key
attributes of a tape.

Note that colors representing the different icons may not be accurately shown in print.

Tape library media icons

Icons: Tape
Libraries

Media Status Spare Cleaning Assigned Media Assigned Bad Media Retired Prevent
Media Media (active) Media (full) Media Export

Icons: Tape Libraries

Media Status Undiscovered Media with Media from a Appendable Aged Media Aged
Media duplicate different library Media Retired
barcodes Media

To find a complete list of all status icons in Commvault Online Documentation:

1. Go to – documentation.commvault.com | Search: Media Icons

2. The first result is – Identifying Media Icons

Media Lifecycle
The lifecycle of a tape is tracked from the time of initial discovery to the time of its logical destruction. The logical
lifecycle of a tape is different than the physical life. Logical management of tapes are managed with tapes in or
outside the library.

The Logical management of tape media is organized in the following media groups:

• Scratch Group – manages new or recycled media

• Cleaning – is reserved for library cleaning tapes
• Retired – manages tapes that exceed usage thresholds or are manually marked bad
• Overwrite Protect – manages tapes that are manually prevented from aging
• Foreign – manages tapes from a different CommCell® environment or a different backup vendor
• Catalog – manages tapes that are marked to be cataloged
• Assigned – manages tapes with active jobs currently retained and managed by storage policy copies

Page 143 of 559

Education Services Commvault® Professional Course May 2018

Tape media lifecycle managed by media groups

The following steps represent how the process works:

1. New tapes are placed in the library as undiscovered.

2. The library scans the slots, discovers the tape and marks it as spare media in the Scratch group.

3. The tape is selected for a job where it becomes assigned media in the Active media group.

4. The tape is then appendable; where additional jobs can be written to the media until the tape is marked full.

5. Once all jobs are aged from the tape, the tape is marked as aged and placed back into the Scratch group.

6. Tapes can also be marked as locked down where they will be placed in the Overwrite Protect group.

7. Once a tape exceeds its usage thresholds, it is marked bad and placed in the Retired Media group.

8. Cleaning media is designated as such and placed in the Cleaning Media group.

Page 144 of 559

Education Services Commvault® Professional Course May 2018

Lifecycle steps for tape media from discovery to assigned to aged

Page 145 of 559

Education Services Commvault® Professional Course May 2018

Tape Groups
Commvault® software logically organizes all tapes into media groups. Each media group identifies all tapes associated
with the group. Since all tapes are logically managed in the Commvault® environment it is important to understand
each media group and group management.

Tape Library with Media Groups

Using Scratch Groups

Expand the library | Media By Groups | Default Scratch

Scratch groups hold all new or recycled media. Multiple scratch groups can be used to define which tapes a job uses
when it executes. When a job requires a spare tape, the tape is pulled from a defined scratch group. The storage
policy copy’s data path is used to determine which scratch group the tape is selected from.

Key points and features for Scratch group:

• The terms: Scratch Pool, Scratch Group, Spare Media Group or Spare Media Pool are used interchangeably
throughout Commvault documentation and the CommCell console
• All new and recycled tapes are placed in scratch groups
• Once a job is written to a tape it is moved out of the scratch group and into the assigned media group
• Multiple scratch groups can be created and assigned to storage policy copies. When a job for the policy copy
runs, it automatically picks a tape from the assigned scratch group

Page 146 of 559

Education Services Commvault® Professional Course May 2018

Default Scratch Group and Media Icons Associated with Scratch Tapes

Page 147 of 559

Education Services Commvault® Professional Course May 2018

Managing Scratch Groups

By default, a default scratch group is created when the library is initially detected. From this point additional scratch
groups can be created, and tapes can manually or automatically be assigned to the group. When jobs run, tapes are
pulled from scratch groups and used for the job. Once data is written to the tape, it is moved out of the scratch group
and into the assigned media pool.

When using multiple scratch groups, different storage policy copies define which scratch group tapes are pulled from.
Also, tapes can be manually moved to other scratch groups or automatically assigned to different groups. Assigning
tapes is based on barcode patterns or high watermark thresholds and scratch group priority. This allows different job
types to be placed on specific media, which simplifies tape management outside the library.

Storage Policy using Different Scratch Groups

Storage Policy Copy Relationship to Scratch Groups

A storage policy copy’s data path includes the selection of a scratch group. By configuring multiple scratch groups and
assigning them to storage policy copies, you can determine which tapes will be used to write certain jobs. Once data
managed by the storage policy copy is written to the tape, the policy copy will own the tape until all jobs have aged.
This means no other storage policy copies can write data to the tape.

Page 148 of 559

Education Services Commvault® Professional Course May 2018

Scratch Group Properties

Expand Media By Groups | Right-click the scratch group | Properties

High and low watermarks are assigned to each scratch group in a tape library. Low watermarks are used to alert
administrators when the library is running out of spare tapes. The high watermark is used to limit the number of tapes
placed in a scratch group.

Key points for configuring high and low watermarks:

• Low watermarks – Reports events in the Event Viewer when scratch tapes fall below the defined number.
Alerts can also be configured to alert administrators when low watermarks are reached.
• High watermarks – Limits the number of tapes that will be assigned to a scratch group. This is useful when
multiple scratch groups and custom barcode pattern definitions are not being used. Scratch groups can be
assigned high, medium and low priorities. When tapes are discovered or recycled, they are placed in the high
priority scratch group until it reaches the upper watermark. The medium group is filled next followed by the
low priority group. If there are still additional tapes available, they are placed in the Default Scratch group
designated in the General tab of the library properties.
High and Low Tape Watermarks

Page 149 of 559

Education Services Commvault® Professional Course May 2018

Tip: Using multiple scratch groups to ensure available media for backup operations

You are managing a CommCell® environment and running backup jobs directly to tape each night. During the
day, you run auxiliary copy jobs to tape to be sent off site. You are concerned that auxiliary copy jobs may
use too many tapes and there will not be enough media for backup operations.

Solution: Create an additional scratch group and name it Auxiliary Copies. Set the priority to Medium.
Configure a High Watermark in the Default Scratch group to be a greater number than the number of tapes
required to perform nightly backups. Set the Default Scratch group priority to high.

In the secondary copy of each storage policy, use the Scratch Pool drop-down box to assign the Auxiliary
Copies scratch pool to the copy.

Cleaning Media Group

Expand the library | Media By Groups | Cleaning Media

The Cleaning Media group manages all cleaning tapes for a library. Tape drives are cleaned based on drive counter
usage tracked by Commvault® software and/or sense codes reported from the library. Drive cleaning settings are
configured in the library properties under the Drive tab.

Best practice guidelines are to configure drive cleaning based on the library manufacturer’s
recommendations.

Key points for the Cleaning Media Group:

• Commvault software should automatically detect and move cleaning tapes to the cleaning media group when
the tapes are discovered.
• If cleaning tapes are incorrectly identified and moved to a scratch pool, you can manually move the tapes or
use custom barcode definitions to associate cleaning tapes with the cleaning media pool.
• Low watermarks can be defined to trigger events and optional alerts when the number of spare cleaning
media reaches the low threshold.

Page 150 of 559

Education Services Commvault® Professional Course May 2018

Retired Media Group

Expand the library | Media By Groups | Retired Media

The Retired Media group is a holding area for all tapes that have exceeded tape error thresholds or are manually
marked bad. Tapes in the Retired Media group will remain in the group until they are manually marked good or
deleted. Any tapes in the Retired Media group will NOT be written to. If a tape is in the Assigned Media group and is
marked bad, it will NOT be moved to the Retired Media group until all jobs have aged from the tape.

Key points for the Retired Media group:

• Only tapes that are not currently retaining job data are placed in the retired media group. If a tape is marked
bad, but is currently retaining data, it will still appear in the Assigned Media group. Once all jobs have aged
from the tape it is moved to the Retired Media group.
• Tape counters are tracked for the life of a tape from initial discovery to deletion.
• By default, manufacturer recommended thresholds are used for all tapes. These settings can be modified in
the Control Panel | Hardware Maintenance applet | Media Retirement tab. It is NOT recommended to increase
the threshold values.
• For as long as a tape is in the Retired Media group it will NOT be written to.
• Tapes can be moved out of the Retired Media group using the following methods:
• Delete – Deletes the existence of the tape from the CommServe® server database. The tape can then
be rediscovered and reused. The tape is treated as a brand-new tape and all counters are reset. If
there are any existing aged jobs on the tape they will not be recoverable.

• Mark Media Good – Is recommended if the tape has existing jobs that have aged but may still need
to be retained. If this is the case after marking the tape good, move it to the Overwrite Protect Media
group.
Tapes should be left in the Retired Media group until they are physically disposed of. This prevents a bad tape from
accidentally being discovered and reused. If a bad tape is disposed of and is replaced with a new tape with the same
barcode, delete the tape from the Retired Media group before putting the new tape in the library.

Tip: Tapes incorrectly marked bad

Sometimes tapes can be incorrectly marked bad due to drive problems that result in tape errors. If there is a
sudden increase in bad tapes this may be an indication of drive problems. However, do NOT discount the
possibility that the tapes are bad. There have been situations where bulk orders of brand new tapes are
legitimately bad. If you do not know what manufacturing, delivery, or storage methods are being used; then it
is critical to act on the side of caution.

Page 151 of 559

Education Services Commvault® Professional Course May 2018

Foreign Media Group

Expand the library | Media By Groups | Foreign Media

The Foreign Media group manages all media from different CommCell® environments or tapes from a different backup
vendor.

Key points for the Foreign Media Group:

• Tapes from one CommCell® environment cannot be directly restored into another. When a tape is loaded and
the OML (On Media Label) header is read, if the CommCell ID is different than the CommCell ® environment
reading the tape, the tape is moved to the Foreign Media group.
• Commvault software will not write to tapes when the OML header is not recognized as a Commvault header
and the tape is moved to the Foreign Media group.

Overwrite Protect Media Group

Expand the library | Media By Groups | Overwrite Protect Media

The Overwrite Protect Media group logically locks down a tape, so it will NOT be written to or recycled. Tapes must be
manually moved to the Overwrite Protect Media group and remain there indefinitely until they are moved out of the
group.

Key points for Overwrite Protect Media group:

• By default, an Overwrite Protect Media group is automatically created. Additional overwrite protect media
groups can be added.
• Tapes are moved to the Overwrite Protect Media group using the following methods:
• For active tapes in the Assigned Media group – Right-click on the tape and select Prevent Reuse. The
tape appears in the Assigned Media and the Overwrite Protect Media groups.
• For tapes in scratch groups – Right-click on the tape and select Move. For Media Group Type select
Overwrite Protect Media group and then select the overwrite group.

Tip: Other methods to prevent tapes from being overwritten

Moving a tape to the Overwrite Protect Media group is just one way Commvault® software can prevent data
from being overwritten. Data can also be locked down at the job level.

Consider a job that spanned multiple tapes. Manually moving tapes to the Overwrite Protect Media group
requires you to know every tape the job was written to. The job and all tapes can also be locked down
through the storage policy copy. In the job history of the policy copy, right-click on the job and select Retain
Job. You are then prompted to select a date to hold the job, or infinitely retain the job.

Page 152 of 559

Education Services Commvault® Professional Course May 2018

Catalog Media Group

Expand the library | Media By Groups | Catalog Media

The Catalog Media group is used to hold all tapes that are actively being cataloged or are marked for catalog. A
catalog operation is used to catalog job metadata from a tape and enter the metadata back into the CommServe®
server database. You can perform this operation if the CommServe server database had to be restored to a point-in-
time prior to the jobs on a tape finishing. This situation can arise in cases of disaster, database corruption, or if the
CommServe server metadata backups are not properly managed.

A tape can be individually picked for catalog or multiple tapes can be picked and marked for catalog. When tapes are
picked for catalog they are moved to the Catalog Media group.

Assigned Media Group

Expand the library | Media By Groups | Assigned Media

All tapes that are actively retaining data are located in the Assigned Media group. Within a library, there is only one
assigned media group. Tapes remain in the group until ALL jobs on the tape have exceeded retention and are marked
as aged. During the data aging operation, the tape is then recycled back into a scratch pool.

Key points regarding tapes in the Assigned Media group:

• Tapes in the Assigned Media group cannot be deleted. Delete is considered a non-destructive operation.
• Delete Contents can be performed on a tape which is considered a destructive operation. To delete contents
of multiple tapes, use the Shift or Ctrl keys to select multiple media. Note that this recycles the tape and the
jobs are marked aged.
Assigned Media Icons

Page 153 of 559

Education Services Commvault® Professional Course May 2018

Assigned Media Relationship to Storage Policy Copies

When a spare tape is picked for a backup job, the tape becomes associated with the storage policy copy that is
managing the job. This is important to understand because once the tape is associated with the policy copy, no jobs
from other policy copies can be written to the tape. This is done intentionally to avoid mixed retention on media. Since
each storage policy copy can have different retention configured, it is important to separate jobs based on policy copy
ownership.

Since tapes are associated with storage policy copies it is important to properly configure and manage storage policies.

Tip: Consequences of having too many storage policies using tape media

Your environment has 25 storage policies. This results in at least 25 storage policy primary copies. If all
primary copies are defining tape library data paths, then at least 25 tapes must be in the library to
accommodate all potential jobs. If the storage policies also have secondary copies using a tape data path,
then additional tapes must also be present to meet the media needs of the secondary copies.

In some cases, backup configurations such as Start New Media and Mark Media Full can complicate things
more. It is important to understand your environment’s needs and how Commvault software manages media.

Tape Media Relationship to a Storage Policy Copy

Use global secondary copies to consolidate data from multiple storage policy secondary copies to
the same tape sets.

Page 154 of 559

Education Services Commvault® Professional Course May 2018

Tape Media Administration

Depending on the Media group, certain administrative tasks can be performed for the group and tapes within the
group. Managing tapes in different media groups provides the Commvault® administrator with greater flexibility and
simplifies the management of media. It is important to understand the capabilities and limitations of media
management within the various logical media groups that are available.

Actions can be performed on tapes in any media group

Action Description

Export Physically export a tape out of the library.

Move Logically move tapes between media groups.

Verify Media Physically verify the OML header information to CommCell® tape metadata and the
barcode label. (Except cleaning media pool)

View Contents Logically view active and aged jobs on a tape.

Delete Tape Logically delete the existence of a tape from the CommServe® server database. (Except
assigned media group)

Delete Contents Logically delete contents by marking all jobs as aged and recycling the tape back into a
scratch pool. (Only in assigned media group)

Erase Media Physically erase data by writing a new OML header to the tape.

Mark Media Bad Logically mark a tape bad to prevent it from being reused.

Media Refresh Refresh active jobs on existing tapes by writing the jobs to new tapes.

Page 155 of 559

Education Services Commvault® Professional Course May 2018

Exporting Media
Exporting tapes is a physical operation that sends commands to the library to eject tapes to the import/export mail
slots.

Key points regarding tape export operations:

There are several methods to export tapes from a library:

• Library export – for bulk export of multiple tapes

• Tape export – to export individual tapes
• VaultTracker export – to allow the automatic export of tapes based on criteria
To view the progress of export operations, use the Exports in Progress view in the library tree.

To view tapes in the import/export slots, use the I/E Ports view in the library tree.

Individual Export
Select the tape | Right-click | All Tasks | Export

Tapes can be individually exported from any location within the library tree.

Define Tape Export and Location

Page 156 of 559

Education Services Commvault® Professional Course May 2018

Bulk Export
Select the library | Export | Select media to export

Multiple tapes can be selected together to perform a bulk export. This is considered a library level operation, so the
bulk export is conducted by right-clicking on the library and selecting Export Media. Optionally, use the Shift or Ctrl
keys to select multiple tapes. A bulk export exports tapes until the import/export slots are full. Once tapes are
removed from the slots, the export operation continues until all tapes have been exported.

To perform a bulk export of media from a library:

1. Right-click the tape library | Export Media.

2. Select No for VaultTracker options and Select Next.

3. You can Shift + Click or CTRL + Click to select multiple media.

4. Optionally, an Export location can be selected for where the tapes will be located.

5. Click Finish and the export process will export all selected media.

Export Multiple Tape Media

Page 157 of 559

Education Services Commvault® Professional Course May 2018

Defining Export Locations

Storage Resources | Right-Click Locations | New Location

When tapes are exported out of the library they are logically associated with an export location. There are two types
of locations that can be defined: Stationary and Transit.

Define Stationary and Transit Location

Viewing Contents
Click the Assigned Media Pool | Right-click the tape| View | View Contents

Job contents and details can be viewed for individual tapes. To view the contents of a job, right-click on the tape and
select View Contents. The view contents option only appears if jobs are on the tape.

To view the contents of a tape:

1. Expand the Library tree | Media by Groups.

2. Select the desired group.
3. Right-click a tape | View | View Contents.

Page 158 of 559

Education Services Commvault® Professional Course May 2018

View Contents of a Tape

Key points regarding viewing contents of tapes:

• Jobs on the tape that are actively being retained will appear in black print

• Jobs on the tape that have exceeded retention will appear in gray print

• The view contents option will appear for any tape that has active or aged jobs

Tip: Methods to determine why tapes are not recycling

One of the most common issues that may arise regarding media management is when tapes are not properly
recycling. Using the View Contents of a tape lets the administrator view which jobs are causing the tape not to
recycle. This information can then be used to track down problems that are causing the jobs to remain active
within the environment.

Another method to assist in predicting when tapes will recycle, is using the Data Retention Forecast and
Compliance report. This report lists all tapes, their expected aging date, and specific reasons why the tapes
have not aged. Each of the reasons are hyperlinks to the Commvault documentation site which will provide
more details on the explanations.

Page 159 of 559

Education Services Commvault® Professional Course May 2018

Tape Barcode Patterns

From the Storage menu | Media Management applet | Barcode Patterns

Barcode patterns are defined in the Media Management applet from the Storage menu. Once barcode patterns are
defined, the patterns can be associated with different scratch or cleaning pools. When media is discovered or recycled,
they are automatically placed in the appropriate scratch or cleaning pool that corresponds to the barcode pattern.

Barcode patterns can be defined by the following criteria:

• Barcode begins with the following characters

• Barcode ends with the following characters

• Barcode contains the following characters

• Barcode excludes the following characters

• Barcode include and exclude ranges

Create Custom Barcode Ranges

Page 160 of 559

Education Services Commvault® Professional Course May 2018

Assigning Barcode Patterns to Scratch or Cleaning Groups

Right-click the Scratch group or Cleaning Media group | Properties | Barcode Patterns tab

Once a barcode pattern has been defined, it can be associated with a scratch or cleaning pool. Once the association is
made, whenever tapes are discovered or recycled (all jobs age from the tape), the tape is moved to the proper scratch
or cleaning pool based on the barcode pattern matching.

Assign Custom Barcode Ranges to a Scratch Group

Page 161 of 559

Education Services Commvault® Professional Course May 2018

Storage Policies

Page 162 of 559

Education Services Commvault® Professional Course May 2018

Storage Policy Overview

A storage policy defines the lifecycle management rules for all protected data. In its most basic form, a storage policy
acts as a container with one or more sets of rules that define how data will be managed. These rules are called
storage policy copies. Within the storage policy, multiple copies can be created, each with their own set of rules.

There are three primary rules that every storage policy copy must have defined:

• What data? – is determined through subclients association.

• Where will data be stored? – is determined by the data path.
• How long will data be kept? – is determined by the retention.

Page 163 of 559

Education Services Commvault® Professional Course May 2018

Storage policy high level overview

Subclient (What Data)

One of the more difficult concepts for backup administrators transitioning from legacy backup products to Commvault®
software is that a server is not directed to a storage policy—subclient data which is located on the server is. This is
achieved by defining what data a subclient manages. For most file systems and applications, a default subclient is
automatically generated. For these agents, the default subclient protects all data the agent is responsible for.
Additional subclients can be created to meet performance, management and special protection requirements.

Data Path (Where will data be stored?)

The storage policy the subclient data is associated with determines the data path. The path is used to move data from
the source location to protected storage. All active subclients must be associated with a storage policy.

A data path is made up of four components:

• MediaAgent
• Library
• Drive pool (tape library)
• Scratch pool (tape library)

Page 164 of 559

Education Services Commvault® Professional Course May 2018

MediaAgent

MediaAgents are the workhorses that move data from production servers to the backup environment. They supply the
processing power to receive data, arrange it in chunk format, and send it to the library. MediaAgents can also be
responsible for encryption, compression, or deduplication processing.

Library

Libraries are logically defined and are categorized as stationary or removable media libraries. Stationary libraries
define a path to a disk location such as a drive letter or UNC path. They are considered stationary since these paths do
not change once defined. Removable media libraries are generally thought of as tape libraries, but they can also be
magnetic optical or USB storage devices.

Drive Pool (Tape Libraries Only)

Drive pools are a MediaAgent’s view of allocated drives within a tape library. Use of drive pools gives the MediaAgent
the flexibility of drive choice and usage within a library. Without drive pools, assigning and sending a data protection
job to a specific drive would fail if the drive was broken or offline. Having a pool of drives to choose from gives the
job the best chance of success. It also isolates resources of different technologies (i.e., LTO6 and LTO7 drives), which
allows an administrator to easily direct specific jobs to the desired set of drives, and with scratch pool definition, a
different set of tapes.

Scratch Pool (Tape Libraries Only)

Scratch pools allow new and re-usable media within the library to be logically grouped based on media type and
intended usage. At least one default scratch pool exists for every tape library. Master drive pools can be assigned their
own default scratch pools. Additional user-defined scratch pools can be created, media assigned manually or
automatically and assigned to a storage policy copy’s data path.

Tape library data path

Page 165 of 559

Education Services Commvault® Professional Course May 2018

Retention (How long will data be kept?)

Retention is defined in the Retention tab of the storage policy copy. Each copy has its own retention configurations.
This allows subclient data to be managed in multiple locations, each with their own retention settings.

Page 166 of 559

Education Services Commvault® Professional Course May 2018

Storage Policy Structure

The concept of storage policy copies is that the data from the production environment only is moved to protected
storage once. When data is in protected storage, the storage policy logically manages and maintains independent
copies of that data. This allows for greater flexibility when managing data based on the three key aspects of data
protection: disaster recovery, data recovery, and data archiving.

There are five types of storage policy copies

• Primary snap copy (used only with IntelliSnap® feature, block-level and VSA Application Aware backups)
• Primary backup copy, also known as primary classic
• Secondary synchronous copy
• Secondary selective copy
• Secondary snap copy

Page 167 of 559

Education Services Commvault® Professional Course May 2018

Storage policy and policy copies

Primary Copy
A storage policy primary copy sets the primary rules for protected data. Each storage policy can have two primary
copies:

• Primary snap copy – manages protected data using the Commvault IntelliSnap® feature, any agents
configured to run block-level backups or the Virtual Server Agent (VSA) using Application Aware backups.
• Primary classic copy – manages traditional agent-based data protection jobs. Most rules defined during the
policy creation process are modified after it has been created.

Secondary Copies
There are three types of secondary copies:

• Secondary Synchronous
• Secondary Selective
• Secondary snap copy

Synchronous Copy
A synchronous copy defines a secondary copy to synchronize protected data with a source copy. All valid data (jobs
that completed successfully) written to the source copy are copied to the synchronous copy via an update process
called an auxiliary copy operation. This means that all full, incremental, differential, transaction log, or archive jobs

Page 168 of 559

Education Services Commvault® Professional Course May 2018

from a source copy are also managed by the synchronous copy. Synchronous copies are useful when you want a
consistent point-in-time copy at any point within the cycle of all protected data available for restore.

Synchronous copies are used to meet the following requirements:

• Provides consistent point-in-time copies of data required to restore data to a specific point-in-time within a
cycle.
• Provides copies that are required to be sent off-site daily.
• Provides the ability to restore multiple versions of an object from a secondary copy within a cycle.
Synchronous secondary copy concept

Selective Copy
A selective copy allows automatic selection of specific full backups or manual selection of any backup for additional
protection. Selective copy options allow the time-based automatic selection of ‘all,’ ‘weekly,’ ‘monthly,’ ‘quarterly,’ ‘half-
year,’ and/or ‘yearly full.’

Advanced options allow you to generate selective copies based on a frequency of ‘number of cycles,’ ‘days,’ ‘weeks,’ or
‘months.’ You can also choose the ‘Do Not Automatically Select Jobs’ option which allows you to use auxiliary copy
schedules to determine when copies of full backups are made.

Selective copies are used to meet the following requirements:

• Data being sent off-site weekly, monthly, quarterly, or yearly.

• Archiving point-in-time copies of data for compliance and government regulations.

Page 169 of 559

Education Services Commvault® Professional Course May 2018

Selective secondary copy concept

Secondary Snap Copy

For certain array vendors, Commvault® software supports secondary snap copies for managing clone, mirror, and
vault copies. For NetApp arrays, multiple mirror and vault copies are created within a storage policy. For other vendors
including EMC and HDS, an additional secondary snap copy is created to manage clone copies.

Page 170 of 559

Education Services Commvault® Professional Course May 2018

Storage Policy Configuration

The Storage Policy Wizard is used to create storage policies for a CommCell ® environment. Once the policy is
configured, most options are customized in the Properties settings.

Storage Policy Type

Storage policies are used for CommServe® Disaster Recovery Backups or standard data protection. CommServe
disaster recovery storage policies are only used for protecting the CommServe® server metadata database, the
CommServe registry, configuration files, and specified log files. No standard data can be protected by a CommServe
DR policy. Standard data protection policies are used for protecting all production data within an environment.

Storage Policy Name

The name of the storage policy is defined at the time of creation and later modified in the Storage Policy Properties.
The name should be descriptive and reflect what is being protected.

Page 171 of 559

Education Services Commvault® Professional Course May 2018

Creating a Storage Policy with Primary Copy using a Global Deduplication Policy

Page 172 of 559

Education Services Commvault® Professional Course May 2018

Creating a Storage Policy with non-deduplicated Primary Copy such as tapes

Page 173 of 559

Education Services Commvault® Professional Course May 2018

Creating Secondary Copies

Configuring a Secondary Copy to use a tape library

Page 174 of 559

Education Services Commvault® Professional Course May 2018

Page 175 of 559

Education Services Commvault® Professional Course May 2018

Configuring a Secondary Copy to use a Global Deduplication Policy

Page 176 of 559

Education Services Commvault® Professional Course May 2018

Multiplexing

Primary Copy
When writing multiple streams to a tape library, multiplexing is used to improve write performance by multiplexing
multiple Job Streams into a Device Stream. Multiplexing improves backup performance but can have a negative effect
on restore performance.

Consult with the Commvault Online Documentation for more information on the proper settings for
multiplexing.

When writing the primary copy to a disk library, there are no advantages in enabling multiplexing. The disk library
already receives multiple streams concurrently from subclients, and if available, leverages multiple mount paths.
Unless using a tape library, multiplexing should not be used.

Multiplexing a primary tape copy

Secondary Copy
If the source location is a disk library with multiple mount paths, this option can be used to improve read performance
from the disks when using the ‘Combine to Streams’ option.

Page 177 of 559

Education Services Commvault® Professional Course May 2018

Combine to Streams
A storage policy is configured to allow the use of multiple streams for primary copy backup. Multi-streaming of backup
data is done to improve backup performance. Normally, each stream used for the primary copy requires a
corresponding stream on each secondary copy. In the case of tape media for a secondary copy, multi-stream storage
policies consume multiple media. The ‘Combine to streams’ option is used to consolidate multiple streams from source
data on to fewer media when secondary copies are run. This allows for better media management and the grouping of
like data onto media for storage.

TIP: Using combine to stream for tape media

You back up home folders subclient to a disk library using three streams to maximize performance. The total
size of protected data is 600GB. You want to consolidate those three streams onto a single 800GB capacity
tape for off-site storage.

Solution: By creating a secondary copy and setting the ‘Combine to streams’ setting to 1 you will serially place
each stream onto the media.

In some cases, using the ‘Combine to streams’ option may not be the best method to manage data. Multi-streaming
backup data is done to improve performance. When those streams are consolidated to the same media set, they can
only be recovered in a single stream operation. Though combining to streams has a media consolidation benefit, it will
have a negative effect on the restore performance.

Another reason not to use the ‘Combine to streams’ option is for multi-streamed backups of SQL, DB2, and Sybase
subclients. When these agents use a single subclient with multi-streaming enabled, the streams must be restored in
the same sequence they were backed up in. If the streams are combined to the same tape, they must be pre-staged
to disk before they can be recovered. In this case, not enabling ‘Combine to streams’ and placing each stream on
separate media bypasses the pre-staging of the data and allows multiple streams to be restored concurrently, making
the restore process considerably faster. Note that this only applies to subclients that have been multi-streamed. If
multiple subclients have been single streamed and combined to media, they will NOT have to be pre-staged prior to
recovery.

Page 178 of 559

Education Services Commvault® Professional Course May 2018

Combine to streams and multiplexing configuration for a secondary tape copy

Page 179 of 559

Education Services Commvault® Professional Course May 2018

Storage Policy Administration

Job Management
Jobs can be managed by viewing the job history for a storage policy copy.

Key points for job management in storage policy copies:

• Retention can be changed for a job

• A job can be deleted
• A job can be picked or re-picked to be included in an auxiliary copy job
• Use the Browse or Find options to recover data
• Pick a job for data verification

View Jobs in a Storage Policy Copy

It is possible to display jobs that are stored in a storage policy copy. All jobs can be displayed, or if required, displayed
for a specific time range and/or filtered out by specific subclients. Any job can be right-clicked to provide additional
tasks, such as changing the retention, deleting it, browsing it for recovery and more.

Page 180 of 559

Education Services Commvault® Professional Course May 2018

Viewing Jobs in a storage policy copy

Change Retention of a Job in a storage policy copy

Retention can be changed for a job previously run. It accomplished from the storage policy copy jobs view. Right-click
the job and select ‘retain job.’ Few options are presented to retain the job either indefinitely, to a specific date, or by
adding a specific number of days to the storage policy defined retention.

Page 181 of 559

Education Services Commvault® Professional Course May 2018

Changing retention for a job in a storage policy copy

Page 182 of 559

Education Services Commvault® Professional Course May 2018

Delete a Job from the Storage Policy Copy

From a storage policy, you can delete a specific job. When a job is deleted, if there are dependent jobs, such as
incremental jobs following a full backup, the system asks if the dependent jobs should be deleted as well. This is to
avoid keeping unusable orphaned jobs in storage.

Deleting a job from a storage policy copy

Disabling Storage Policies for Backups

Storage Policies can be disabled for backup by selecting the ‘Disable Storage Policy for Backups’ checkbox in the
Storage Policy Properties. Disabling a storage policy hides it from view within the CommCell® console. Once hidden, it
will not appear in the Storage Policies list and more importantly, subclients cannot be associated with a hidden storage
policy. To disable a storage policy, no subclients can be associated with the policy and must be re-associated with
anther policy before disabling it.

If a storage policy is no longer needed, it is recommended to disable it instead of deleting it.

Deleting a policy is a destructive operation that will purge the policy’s data which could be required
for restore.

Page 183 of 559

Education Services Commvault® Professional Course May 2018

Disabling a Storage Policy for Backups

Page 184 of 559

Education Services Commvault® Professional Course May 2018

Show Hidden Storage Policies

To make disabled storage policies visible, use the ‘Show Storage Policies disabled for Backups’ configuration parameter
in the Media Management applet in Control Panel. Setting the parameter value to 1 shows disabled policies but
subclients cannot be associated with the policy.

Showing disabled storage policies

Page 185 of 559

Education Services Commvault® Professional Course May 2018

Deleting Storage Policies

If a storage policy is deleted, all protected data associated with the storage policy and all policy copies will be pruned
during the next data aging operation. It is strongly recommended to hide the storage policy instead of deleting it.

To delete a Storage Policy, perform the following:

1. In the storage policy properties view the Associations tab to ensure no subclients are associated with the
policy. A storage policy cannot be deleted if subclients are associated with the policy.
2. On the storage policy, right-click | select View | Jobs. De-select the option to Specify Time Range then click
OK. This step displays all jobs managed by all copies of the storage policy. Ensure that there are no jobs being
managed by the policy that require to be kept and then exit from the job history.
3. Right-click on the storage policy | Select All Tasks | Delete. Read the warning dialog box then click OK. Type
‘erase and reuse media’ then click OK.

Deleting a storage policy

Page 186 of 559

Education Services Commvault® Professional Course May 2018

Subclient Association

Subclient Properties
To protect a subclient it must be associated with a storage policy. During an agent install, a storage policy is selected
for the default subclient. The policy defined to manage the subclient is configured in the Storage Device tab – Data
Storage Policy sub tab. Use the storage policy drop-down box to associate the subclient with a policy.

Subclient level association

Page 187 of 559

Education Services Commvault® Professional Course May 2018

Storage Policy Level

All subclients for a specific storage policy is associated with another policy in the Associated Subclients tab of the
Storage Policy Properties. You can select ‘Re-Associate All’ to change all policies, or select specific subclients and
choose ‘Re-Associate’ to associate them to a new policy.

Storage policy level association

Page 188 of 559

Education Services Commvault® Professional Course May 2018

Policies Level Subclient Association

If subclient associations are made for more than one storage policy, you can use the Subclient Associations option by
expanding Policies, right-clicking on Storage Policies and selecting Subclient Associations. The window displays all
subclients for the CommCell® environment.

Policies level subclient association

Page 189 of 559

Education Services Commvault® Professional Course May 2018

Global Secondary Copy

Global Secondary copy policies allow multiple storage policy secondary copies using a tape data path to be associated
with a single global secondary copy. This is based on the same concept as global deduplication policies, but global
secondary copies only apply to tape copies. If multiple secondary copies require the same retention and encryption
settings, using a global secondary copy reduces the number of tapes required during auxiliary copy operations and
improves performance.

To configure and use a Global Secondary Copy, the Global Secondary Copy Policy first needs to be created. Then, in
every storage policy for which you want to use it, a secondary copy associated to the Global Secondary Copy Policy
must be created.

Page 190 of 559

Education Services Commvault® Professional Course May 2018

Global Secondary Copy Policy configuration

Page 191 of 559

Education Services Commvault® Professional Course May 2018

Associating a secondary storage policy copy to a global secondary copy policy

Page 192 of 559

Education Services Commvault® Professional Course May 2018

Data Path Design

Storage policies are used to define one or more paths data takes from source to destination. When a MediaAgent and
a client agent are installed on the same server, a ‘LAN Free’ or ‘preferred path’ can be used to backup data directly to
storage. Network based clients can backup through a MediaAgent using a ‘default path’, a ‘failover’ path, or ‘round-
robin’ load balancing paths.

Configure the following data paths for the MediaAgent:

• Preferred Data Path

• Default Data Path
• Alternate Data Path

Page 193 of 559

Education Services Commvault® Professional Course May 2018

Preferred Data Path

If the client and MediaAgent code are co-hosted on the same system, and the system has direct access to the target
library through Direct Attach Storage (DAS) or Storage Area Network (SAN), the MediaAgent always uses that direct
connectivity to write data. This is called a ‘preferred data path,’ which overrides any data path configurations on the
storage policy copy.

Preferred path concept

Page 194 of 559

Education Services Commvault® Professional Course May 2018

Default Data Path

Right-click the desired storage policy copy | Click Properties | Data Path tab

When configuring storage policy copy data paths, by default, the first data path defined becomes the ‘Default Data
Path.’ If multiple data paths are defined, the ‘Default Data Path’ is the first one to be used. This path can be modified
at a later time.

Default data path configuration

Page 195 of 559

Education Services Commvault® Professional Course May 2018

Alternate Data Path Configuration

Right-click the desired storage policy copy | Click Properties | Data Path tab

When the library is shared amongst multiple MediaAgents, additional data paths can be configured. These additional
paths are referred to as ‘Alternate Data Paths.’ There are two available configurations to use with this type of path:

• Failover
• Round-Robin
This Commvault® software feature is called GridStorTM technology. For more information, about GridStorTM features,
refer to the Commvault® Online Documentation.

Failover Alternate Data Path

When used in failover mode, an alternate data path is used only when the default data path becomes unavailable or
overloaded. The data path automatically fails over immediately or after a configurable number of minutes.

Failover alternate data path concept

Page 196 of 559

Education Services Commvault® Professional Course May 2018

Round-Robin Alternate Data Path

When configured as round-robin, client streams are sent alternatively to the default data path and all available
alternate data paths. This provides a load-balancing mechanism that takes full advantage of all available resources.

Round-robin alternate data path concept

Page 197 of 559

Education Services Commvault® Professional Course May 2018

Alternate Data Path Configuration

Right-click the desired storage policy copy | Click Properties | Data Path Configuration tab

The ‘Alternate Data Path’ configuration is achieved from the Storage Policy Copy Properties pages. From here you can
configure the path as failover or round-robin.

Alternate data path configuration

Page 198 of 559

Education Services Commvault® Professional Course May 2018

Retention

Page 199 of 559

Education Services Commvault® Professional Course May 2018

Retention Overview
A data retention strategy is important for managing storage in your CommCell® environment. With Commvault®
software, you can define retention for multiple copies of data with each copy having different retention requirements.
Additionally, retention may be required at the object-level and not just the data protection operation. Commvault
software makes this strategy straight forward to implement by using storage policy copies, subclient object-level
retention, and Exchange configuration retention policies.

In Version 11, Commvault software has three primary retention methods:

• Job based retention – Configured at the storage policy copy level, job schedule level, or manually by
selecting jobs or media to retain, and applying different retention.
• Subclient object based retention – Configured at the subclient level, it applies retention-based on the
deletion point of an object. Object-based retention is based on the retention setting in the subclient properties
plus the storage policy copy retention settings.
• Configuration policies – Currently used for Exchange mailbox protection. These policies include archive,
retention, cleanup, and journaling. Configuration policies provide the ability to define complete retention and
destruction policies, including the capability of deleting messages from the production Exchange environment.

Page 200 of 559

Education Services Commvault® Professional Course May 2018

Retention Basics
Commvault® software provides extensive retention control for protected data. For basic retention requirements, follow
the general guidelines and best practices for retention configuration.

Retention general guidelines:

• Disk storage:
• Leave the Cycles retention set at the default of two
• Use the Days retention to govern retention policies for each copy
• Never use extended retention rules when using Commvault deduplication
• Tape storage:
• Set the Cycles retention based on the number of complete sets of tape copies you want to retain. For
example, if you want 30 days of data stored off-site, which includes at least four full backups and all
dependent jobs (incremental or differential), for complete recovery from any tape set, set the Cycles
retention to four.
• Set the Days retention based on standard retention requirements.

Page 201 of 559

Education Services Commvault® Professional Course May 2018

Sample Retention Policy

Page 202 of 559

Education Services Commvault® Professional Course May 2018

Job Based Retention Rules

Job-based retention places a standard retention for an entire job. Jobs are retained based on storage policy copy
retention rules. Additionally, job-based retention is applied through the job schedule or modified after the job
completes.

Storage Policy Copy Retention Rules

Right-click the desired storage policy copy | Click Properties | Retention tab

Policy-based retention settings are configured in the storage policy copy Retention tab. The settings for backup data
are Days and Cycles. For archive data, the retention is configured in Days. Retention is also set through schedules or
applied retroactively to a job in a storage policy copy.

Days
A day is a 24-hour time period defined by the start time of the job. Each 24-hour time period is complete whether a
backup runs or not. This way, a day is considered a constant.

Cycles
A cycle is defined as all backup jobs required to restore a system to a specific point-in-time. Traditionally, cycles are
defined as a complete full backup, all dependent incremental backups, differential backups, or log backups; up to, but
not including the subsequent full backup. A cycle is referenced as Active or Complete, which means that as soon as a
full backup completes successfully it starts a new cycle which is the active cycle. The previous active cycle is marked
as a complete cycle.

An active cycle is marked complete only if a new full backup finishes successfully. If a scheduled full backup does not
complete successfully, the active cycle remains active until such time that a full backup does complete. On the other

Page 203 of 559

Education Services Commvault® Professional Course May 2018

hand, a new active cycle begins and the previous active cycle is marked complete when a full backup completes
successfully regardless of scheduling. In this way, a cycle can be thought of as a variable value based on the
successful completion or failure of a full backup. This also helps to break away from the traditional thought of a cycle
being a week long, or even a specified period of time.

Storage policy copy days and cycles retention settings

Days and Cycles Relation

Cycles and days should directly or indirectly equal each other:

• 2 cycles and 14 days with weekly full backups

• 4 cycles and 30 days being approximately 1 month
• 12 cycles and 365 days for month end full backups being retained for a year
But what about 52 cycles and 365 days? In situations like this it is rather irrelevant how many cycles are set. The truth
is, 2 cycles and 365 days is good enough. You will meet your retention requirements since you are keeping data for
one year. If backups don’t run for over a year, you are still guaranteed to have at least 2 cycles of data in storage
based on the aging entire cycles rule.

When setting retention in the policy copy, base it on the primary reason data is being protected. If it is for disaster
recovery, ensure the proper number of cycles are set to guarantee a minimum number of backup sets for full backup
restore. If you are retaining data for data recovery, then set the days to the required length of time determined by
retention policies. If the data recovery policy is for three months, 12 cycles and 90 days or 1 cycle and 90 days will still
meet the retention requirements.

Page 204 of 559

Education Services Commvault® Professional Course May 2018

With the release of Commvault Version 11 software, the default retention for a storage policy
primary copy is 15 days and 2 cycles. A secondary copy’s default retention is 30 days and 4 cycles.

Retention Rules for Storage Policy Copy Retention

There are several retention rules that are applied to jobs:

• Both Days and Cycles criteria must be met for aging to occur
• Data is aged in complete cycles
• Days criteria is not dependent on jobs running on a given day

Page 205 of 559

Education Services Commvault® Professional Course May 2018

How Retention Works

Rule 1: Both CYCLES and DAYS criteria must be met
Commvault® software uses AND logic to ensure that both retention parameters are satisfied. Another way of looking
at this is the longer of the two values of cycles and days within a policy copy always determines the time data is
retained for.

Example: Retention for a storage policy copy is set to 3 days and 2 cycles. This is not a typical example, but it’s used
to logically prove the statement that both days and cycles criteria must be met for data to age. By Monday 3 full
backups have been performed. If Friday’s full backup is aged, there would be 2 full backups left meeting our criteria of
2 cycles. However, the days criteria calls for 3 days, and if the Friday full backup was aged, only 2 days would be
counted. The Friday full backup would therefore age on Tuesday.

Monday at 12 PM the data aging operation runs and determines no data can be marked aged

Page 206 of 559

Education Services Commvault® Professional Course May 2018

Tuesday at 12 PM the data aging operation runs and determines the Friday full backup can be marked aged

Page 207 of 559

Education Services Commvault® Professional Course May 2018

How Retention Works

Rule 2: Data is retained based on complete cycles
Backup data is managed within a storage policy copy as a cycle or a set of backups. This includes the full backup
which designates the beginning of a cycle and all incrementals or differentials backups. When data aging is performed
and retention criteria allows for data to be aged, the entire cycle is marked as aged. This process ensures that jobs
will not become orphaned resulting in dependent jobs (incremental or differential) existing without the associated full
backup.

Example: This is another retention example used to prove the rule. Retention is configured for 7 days and 2 cycles.
Full backups are being performed on Fridays and Mondays, and incremental backups on all other days. On Saturday
the cycles criteria of 2 has been met since there are 3 full backups. If a cycle is removed there would be 2 left, a
complete cycle (Monday – Thursday) and the full backup on Friday night. However, since we prune entire cycles we
would have to age the Friday full backup and the incremental backups from Saturday and Sunday. This results in only
5 days, which does not meet our day’s retention requirements of 7. So on Monday when the data aging operation runs
(default 12PM daily) there will now be 7 days and 2 cycles which will allow the first cycle to be aged.

Page 208 of 559

Education Services Commvault® Professional Course May 2018

Retention has been defined for 7 Days and 2 Cycles. When the data aging operation runs on Saturday, the cycles
CRITERIA HAS BEEN MET BUT NOT THE DAYS CRITERIA

Retention has been defined for 7 Days and 2 Cycles. When the data aging operation runs on Monday both Cycles and
Days criteria have been met and the first cycle will be marked as aged

Page 209 of 559

Education Services Commvault® Professional Course May 2018

Rule 3: Day is based on a 24 hour time period

A day is measured as a 24 hour time period from the start time of a data protection job. Days are considered
constants, since regardless of a backup being performed or completed successfully, the time period will always be
counted. If a backup fails, backups are not scheduled, or if power goes out, a day will still count towards retention.
This is why it is so critical to measure retention in cycles and days. If retention was just managed by days and no
backups were run for a few weeks, all backup data may age off leaving no backups.

Example: Defining retention in both days and cycles is very important. For example, during a Friday night backup
power is lost in the building. Power is restored on Sunday resulting in two days elapsing and counting towards
retention. Note that since the Friday full backup failed, the cycle continues into the next scheduled full (following
Friday).

A FAILURE OF A FULL BACKUP ON FRIDAY DUE TO A POWER OUTAGE RESULTS IN A CYCLE CONTINUING UNTIL A VALID FULL IS COMPLETED

Page 210 of 559

Education Services Commvault® Professional Course May 2018

Additional Retention Settings

Spool Copy
Right-click the primary storage policy copy | Click Properties | Retention tab

The Spool Copy option is used for fast disk read/write access and its multi-streaming capabilities – when there is
limited capacity available on the disks. A spool copy is not a retention copy. Data is spooled to disk and then copied to
a secondary copy. Once the data is successfully copied to the secondary copy, the data on disk is pruned, immediately
freeing up space for new backups.

The Spool Copy option is not available when using deduplication.

Page 211 of 559

Education Services Commvault® Professional Course May 2018

Spool Copy configuration

Extended Retention
Right-click the desired storage policy copy | Click Properties | Retention tab

Standard retention allows you to define the length of time based on cycles and days that you want to retain data.
Extended retention allows you to define specific retention in days that you want to keep full backups for. It allows you
to extend the basic retention by assigning specific retention to full backups based on criteria configured in the
extended retention settings. Basically, it allows you to set a grandfather, father, son tape rotation scheme.

Extended retention rules are not designed to be used with disk storage and will have significant
negative effects on aging and pruning of deduplicated data.

Example: You want to retain backups for 4 cycles and 28 days. You also want to retain a monthly full backup for
three months, a quarterly full backup for a year, and a yearly full backup infinitely.

To accomplish this, you configure retention as follows:

• Standard retention is set for (4,28)

• Extended retention is configured for:
• 90 days keep monthly full backups
• 365 days keep quarterly full backups
• An infinite keep yearly full backup

Page 212 of 559

Education Services Commvault® Professional Course May 2018

Extended retention rules are like selective copies in that they only apply to full backups. However, a selective copy
creates an additional copy of a full backup and assigns it a specific retention. Extended retention applies retention to
an existing full backup and does not create an additional copy. Determine which solution is more appropriate when
planning retention strategies.

Extended retention rules applied to a storage policy copy

Managed Disk Space

Right-click the desired storage policy disk copy | Click Properties | Retention tab

Managed Disk Space is a feature used with disk libraries that do not use Commvault® deduplication. This feature
allows data to reside on the disk beyond its retention settings and increases the chance of recovering data faster from
primary storage on disk without changing retention settings. Managed data on disk is treated the same as retained
data for data recovery.

Managed data is held on the disk beyond the standard retention settings until an upper threshold is reached. A
monitoring process detects data exceeding the upper threshold and then deletes aged jobs from the media until a
lower threshold is reached.

It is important to note that only aged jobs will be pruned. If all aged jobs are pruned and the lower threshold is not
met, then pruning will not occur. As a rule of thumb, the upper threshold should be set to allow one hour of backups
to run after the threshold is reached. The lower threshold should be set so that the Managed Disk Space pruning
operation will not run more than once in a backup time-period, as the pruning operation will have a negative effect on
the performance of backups.

Managed disk thresholds are configured in the disk library properties and can be enabled in each storage policy copy.
For more information on configuring library settings for managed disk space, refer to the Commvault Online
Documentation.

Page 213 of 559

Education Services Commvault® Professional Course May 2018

Managed Disk Space Threshold settings of a disk library

Managed Disk Space Threshold settings of the storage policy copy

Page 214 of 559

Education Services Commvault® Professional Course May 2018

Modifying Storage Policy Copy Retention

Retention settings are stored in the CommServe database and are logically applied to jobs on media. This means if
retention settings are modified in a storage policy copy, the changes are applied to all jobs managed by the copy
when the next data aging operation is run. If you change retention from 14 days and 2 cycles to 30 days and 2 cycles,
all existing jobs managed by the policy copy are retained for 30 days and 2 cycles. If you change retention from 30
days and 2 cycles to 14 days and 2 cycles, all jobs managed by the policy copy will now be retained for 14 days and
the result will be two weeks of jobs in storage aging during the next data aging operation.

Zero Cycle Retention

It is possible to configure a storage policy copy for a zero-cycle retention. However, this can cause undesired results
where data is pruned, but not stored. This is a common mistake when administrators don’t fully understand how
Commvault cycles and days retention works.

It is NOT recommended to set zero cycles for a policy copy unless another copy has been
configured with at least one cycle defined.

Page 215 of 559

Education Services Commvault® Professional Course May 2018

Applying Retention at the Job Level

Typically, retention is based on company policy and therefore managed through storage policy retention settings that
affect all data being managed by the policy. There may be situations where jobs retention need to be individually set.
There are two methods to apply retention to specific jobs: through schedules or through storage policy copy job
history.

Retention Set Through Schedules

Edit the backup job or schedule| Click Advanced | Media tab

Retention can be extended beyond the defined storage policy primary copy retention through a schedule or schedule
policy. This is done by setting the Extend Job Retention options in the Media tab of Advanced Options. You can set
schedule-based retention for a specified number of days or infinitely retain the data. Retention settings at the
schedule level cannot be shorter than the retention defined in the storage policy primary copy.

Retention applied to a job schedule

Retention Applied to Job in Policy Copy

Right-click the storage policy copy | Click View | Jobs | Right-click the desired job | Click Retain Job

Retention for a job in a primary or secondary storage policy copy can be retroactively changed in the job history of the
copy. The job can be retained infinitely or until a specific date. The job icon changes to reflect that the job has been
‘pegged down’.

Page 216 of 559

Education Services Commvault® Professional Course May 2018

Retention modification for a completed job

Page 217 of 559

Education Services Commvault® Professional Course May 2018

Managing Servers and Server Groups

Page 218 of 559

Education Services Commvault® Professional Course May 2018

Client Agent Deployment

Page 219 of 559

Education Services Commvault® Professional Course May 2018

Commvault® Agents
Commvault® software provides agents for all major file system and applications. Agent support includes traditional
streaming backups, built-in content-aware deduplication, Commvault OnePass® archiving, block-level protection, and
hardware snapshot capabilities. It is important to note that these capabilities are inherent in the code and can be
enabled within the agent.

Commvault agents are categorized using the following general principles:

• Granular agents including file and mailbox agents

• Database agents
• Hypervisor agents

It is beyond the scope of this document to provide detailed information on all agent support.

Page 220 of 559

Education Services Commvault® Professional Course May 2018

File System agents

File system agents provide the fundamental data protection strategy in all data centers. File agents are supported for
all major operating systems and include inherent file system capabilities based on the operating system being
protected. An example is the ability to use Volume Shadow Services (VSS) to quiesce Windows operating systems.

Application agents
Application agents use application consistent point-in-time protection for application databases. Granular application
protection for Exchange, SharePoint, and Lotus Notes provides flexible data protection strategies and simplified
recovery methods.

Hypervisor agents
The Virtual Server Agent (VSA) provides complete virtual machine (VM) protection and granular recovery of virtual
machine data without the need to install traditional agents within a VM. Based on APIs provided by the hypervisor,
different protection and recovery capabilities are possible.

Commvault OnePass® Archiving

Archiving removes infrequently accessed data from production storage. This reduces backup and recovery windows
and provides a greater return on investment by reducing production storage footprints. File system data, Network
Attached Storage (NAS) data, Exchange mailbox, virtual machines and some database applications support Commvault
OnePass® archiving.

IntelliSnap® Snapshot Management

IntelliSnap® technology integrates regular protection methods with hardware-based snapshot technologies to
coordinate and manage disk snapshots. This integration allows for application-aware snapshots to be conducted for
file systems, applications, and virtual environments.

Page 221 of 559

Education Services Commvault® Professional Course May 2018

Standard Agent Installation

Deploying agents can be achieved in several ways:

Available agent deployment methods:

• Push install
• Interactive install
• Custom package
Agent deployment best practices:

• If DNS names are used, ensure the DNS is properly resolving the name forward and reverse.
• If deploying an agent on a remote site, consider using a remote software cache or transfer a custom package.
• If the client is behind a firewall blocking ports, set network configurations to tunnel communication in a port.

Page 222 of 559

Education Services Commvault® Professional Course May 2018

Push Install (CommCell® Console)

From the Tools menu | Click Add/Remove Software | Install Software

The CommCell® console is used to push the Commvault® software to clients. The following specific ports are used to
achieve the install:

• Commvault base services – Ports 8400 and 8401 are used

• Linux – port 22 is required
• Windows — ports 135, 139, 445 are required
Push installation

Page 223 of 559

Education Services Commvault® Professional Course May 2018

Page 224 of 559

Education Services Commvault® Professional Course May 2018

Page 225 of 559

Education Services Commvault® Professional Course May 2018

Push Install (Admin Console)

From the Servers view | Add Server

The Admin console is used to push the Commvault® software to servers. The following specific ports are used to
achieve the install:

• Commvault base services – Ports 8400 and 8401 are used

• Linux – port 22 is required
• Windows — ports 135, 139, 445 are required
Push install using the Admin Console

Page 226 of 559

Education Services Commvault® Professional Course May 2018

Page 227 of 559

Education Services Commvault® Professional Course May 2018

Interactive install
It is possible to download the desired packages on a client machine by using the download bootstrapper. Once
downloaded, start the installation by executing Setup.exe.

Interactive installation

Page 228 of 559

Education Services Commvault® Professional Course May 2018

Page 229 of 559

Education Services Commvault® Professional Course May 2018

Custom Agent Installation Methods

Custom Package
A custom package is a lightweight agent package created by the Commvault administrator. A typical agent installation
requires many questions to be answered. The custom package has all these questions pre-answered. It also is useful
to run silent installations. If an enterprise level deployment solution is in place, such as Microsoft ® SCCM, it can be
leveraged to silently push the package to multiple machines.

Page 230 of 559

Education Services Commvault® Professional Course May 2018

Creation a custom package

Page 231 of 559

Education Services Commvault® Professional Course May 2018

Page 232 of 559

Education Services Commvault® Professional Course May 2018

Page 233 of 559

Education Services Commvault® Professional Course May 2018

Servers

Page 234 of 559

Education Services Commvault® Professional Course May 2018

Admin Console Concepts

The Admin Console introduces simplified configuration and concepts. Configuration wizards allows to easily configure
storage, deduplication, data protection and agent deployment. For users that are familiar to the CommCell ® Console, it
is important to understand the differences of the Admin Console concepts.

The Admin Console uses a smaller set of components to configure the CommCell ® environment, such as solutions,
plans, pools, and storage targets. These components are translated in all CommCell® Console required configurations
which are libraries, global deduplication policies, storage policies copies, backup schedule policies and auxiliary copies.
Therefore, using the Admin Console greatly simplifies the configuration and management of the CommCell®
environment.

Page 235 of 559

Education Services Commvault® Professional Course May 2018

Admin Console feature overview

Solutions
The Admin Console is built on a self-service, solution-based architecture that adapts to your environment without
complicated administration. Once the initial deployment and configuration of the console are completed, solutions are
added with ease. For instance, if you are managing virtual environments, you can simply add the Virtual Server
Protection (VSP) package—the solution for virtual machine backup and recovery.

As of Service Pack 11, the supported solutions are:

• Endpoints – End-users laptops and desktop protection.

• Databases – Database protection for Oracle, MSSQL, PostgreSQL, and SAP HANA databases.
• Virtualization – Virtual environment protection for Amazon, Microsoft Azure, Microsoft Hyper-V, Nutanix
Acropolis, OpenStack, Oracle Cloud, Oracle VM, and VMWare hypervisors.
• File servers – UNIX, Linux, MAC and Window Servers protection.
• Cloud Apps – Cloud applications such as Google Mailboxes, Google Drives, Microsoft OneDrive, and
Salesforce protection.
• Oracle E-Business Suite – Complete migration tool used to migrate on-premise Oracle EBS to Oracle Cloud.
• Clinical Image Archiving – Medical Imaging solution allowing to archive, search and restore medical
imaging directly from the medical imaging software.
• Archiving Solution – Allows to analyze file servers and archive stale data to secondary storage, on-premise
or to the cloud.

Page 236 of 559

Education Services Commvault® Professional Course May 2018

Protection Plan
You create protection plans to protect your data by defining what to back up, where to back up your data, and how
often to run the backup job. In the Admin Console, there are predefined plan types that include the data protection
parameters that apply to the type of data you want to protect. Plans are created during configuration; however
additional backup plans can later be defined.

The protection plan is the overall set of configurations required for protecting a server or an application. It is
composed of the following entities:

• RPO – The frequency at which the backups will be conducted. The system automatically translates SLA into
schedule policies and backup job types in the CommCell® Console.
• Storage target – Can be configured before or during the Store Pool configuration. Is translated as a library
in the CommCell® Console.
• Storage Pool – Configures deduplication for a disk storage target. Is translated into a global deduplication
policy in the CommCell®.

During the configuration of a plan, a primary storage pool must be selected. An option to add a
secondary storage pool is offered. This translates into storage policy copies and automatic auxiliary
copy jobs in the CommCell® Console

• Retention – Defines how long the backup data must be retained. This translates in retention configuration on
each storage policy copies in the CommCell® Console.

Page 237 of 559

Education Services Commvault® Professional Course May 2018

Server Navigation Structure

When using the Admin console, Commvault® software uses agents to communicate with file systems and applications
that require protection. Any server with an agent installed on it is referred to as a ‘server.’ Each agent contains code
that is used to communicate directly with the system requiring protection. The agent communicates using Application
program interfaces (APIs) or scripts that are native to the file system or application.

For example, a Windows 2008 file system uses Volume Shadow Service (VSS) to protect file data, so the Windows
agent has the option to enable VSS during backup operations. The agent then has a backup set defined. The backup
set is a complete representation of all data the agent is responsible to protect. Within the backup set, subclients are
used to define the actual data requiring protection. By default, a default subclient is used to define ALL data requiring
protection within the backup set.

Additional subclients can be created to define specific content requiring protection. When content is defined within the
user defined subclient, it automatically is excluded from the default subclient. An example for a custom subclient could
be defining a specific drive containing user data where VSS is initiated for the drive during backup jobs to ensure all
open files are protected.

Server Navigation Structure

From the CommCell® browser | Click Client Computers | Expand a client

The Server navigation structure defines a hierarchy for arranging various components of a server. This hierarchy
remains consistent throughout servers with different agents installed, which results in simplified administration of a
CommCell® environment.

Each component in the server navigation structure provides specific functionality to properly configure, manage and
protect production data. Each of these components has specific features and properties that are configured to provide
a comprehensive protection strategy.

Page 238 of 559

Education Services Commvault® Professional Course May 2018

The Server navigation structure consists of the following components:

• Server — identifies the client system by CommCell® server name and Host name or IP address.
• Agent — is installed on the server, or a proxy server, to protect specific data such as files, databases, emails or
virtual machines.
• Instance — is used with specific agent types such as database application or hypervisors to define specific
configuration for an instance.
• Backup Set — is a complete representation of all content the agent is responsible to protect.
• Subclient — defines the actual data within the backup set that requires protection.

Accessing Server Properties (Admin Console)

Few options and parameters are available for servers. These options are applied to the server, therefore applied
globally to any agent types installed on the server. Options are grouped in three categories.

• Security
• Agents
• Activity control
Accessing the client properties from the Admin Console

Page 239 of 559

Education Services Commvault® Professional Course May 2018

Accessing Client Properties (CommCell® Console)

Right-click the client | Click Properties

Many options and parameters are available for clients. These options are applied to the client, therefore applied
globally to any agent types installed on the client. Options are grouped in three categories.

• Basic options
• Advanced options
• Network options

Page 240 of 559

Education Services Commvault® Professional Course May 2018

Accessing the client properties

Page 241 of 559

Education Services Commvault® Professional Course May 2018

Administrative Tasks
To help the Commvault® administrator manage servers, several tasks are available to perform on a server:

• Check Server Connectivity

• Release a License
• Delete a Client
• Client Activity Control
• Client Update Status

Check Server Connectivity (Admin Console)

Connectivity to a server and all storage policy data paths for configured subclients, are checked and reported on at the
server level. The Check Readiness command ensures that the CommServe® server can communicate with the server.
It also checks data path connectivity to all MediaAgents and library paths for storage policies that are associated with
subclients.

Page 242 of 559

Education Services Commvault® Professional Course May 2018

Checking the server readiness

Page 243 of 559

Education Services Commvault® Professional Course May 2018

Check Client Connectivity (CommCell® Console)

Right-click the client | Click All Tasks | Check Readiness

Connectivity to a client and all storage policy data paths for configured subclients, are checked and reported on at the
client level. The Check Readiness command ensures that the CommServe® server can communicate with the client
machine. It also checks data path connectivity to all MediaAgents and library paths for storage policies that are
associated with subclients.

Checking the client readiness

Client Schedules (CommCell® Console)

Right-click the Client, Agent, Data Set or Subclient | Click View | Schedules

Client schedules are viewed and edited from the client, agent, backup set and subclient levels. When a specific level in
the client tree structure is selected, all schedules at the selected level and all child object schedules are displayed.

Client schedule key points:

• Schedules can be viewed at the client, agent, backup set and subclient levels.
• If a schedule is associated with a schedule policy, the policy name is listed in the first column.
• Schedules can be edited, deleted, disabled or executed by right-clicking on the job schedule.
• For clients with a large amount of scheduled jobs, consider using the Job Schedule report for a more
consolidated view.
• Though client schedules can be viewed at the CommCell® level using the Schedule icon, viewing schedules in
the client tree provides a simplified view easing administration, especially in large environments.

Page 244 of 559

Education Services Commvault® Professional Course May 2018

Viewing the client schedules

Page 245 of 559

Education Services Commvault® Professional Course May 2018

Client Job History (CommCell® Console)

Right-click the Client, Agent, Data Set or Subclient | Click View | Backup or Restore History

Job history for data protection and restore operations are viewed from the client, agent, backup set and subclient
level.

Job history is used to perform the following:

• View status of backup and restore jobs

• View media used for the job
• View items that successfully backed up or failed to back up
• Browse a completed job
Viewing the client job history

Page 246 of 559

Education Services Commvault® Professional Course May 2018

Release a License (Admin Console)

Releasing a license is a logical operation that is applied to servers or agents. Releasing a license ‘de-configures’ the
server or agent so data can still be recovered.

Release License key points:

• The server or agent appears as deconfigured in the Admin console. This means that data is still retained and
can be restored (out-of-place) in protected storage, but the server cannot be backed up unless the license is
re-applied
• If the CommCell® licensing structure is agent based, the license becomes available to install on another
system
• If the CommCell licensing structure is capacity based, the size of data for the deconfigured server or agent no
longer counts against the capacity usage of the CommCell® environment
• Released licenses can be re-applied to the server by using the Reconfigure option
• To facilitate subclient retention and proper pruning of data, synthetic full jobs can be run on clients or agents
where the license has been released

Release license for agents installed on server

Page 247 of 559

Education Services Commvault® Professional Course May 2018

Page 248 of 559

Education Services Commvault® Professional Course May 2018

Release a License (CommCell® Console)

Right-click the client | Click All Tasks | Release License for Client

Releasing a license is a logical operation that is applied to clients or agents. Releasing a license ‘grays out’ the client or
agent so data can still be recovered.

Release License key points:

• The client or agent appears grayed out in the CommCell® console. This means that data is still retained and
can be restored (out-of-place) in protected storage, but the client cannot be backed up unless the license is
re-applied
• If the CommCell licensing structure is agent based, the license becomes available to install on another system
• If the CommCell licensing structure is capacity based, the size of data for the deconfigured client or agent no
longer counts against the capacity usage of the CommCell® environment
• Released licenses can be re-applied to the client by using the Reconfigure option
• To facilitate subclient retention and proper pruning of data, synthetic full jobs can be run on clients or agents
where the license has been released
Release license for agents installed on client

Page 249 of 559

Education Services Commvault® Professional Course May 2018

Delete a Server (Admin Console)

Deleting a server is a task that removes the server completely from the CommCell ® environment. It is considered a
destructive operation, since the data associated to that server is marked to be destroyed. During the next data aging
operation, which is scheduled every day at noon by default, the server’s data is physically purged from the disk
libraries. Data on tapes is also marked as aged, and tapes can be recalled as scratch media if empty.

Deleting a server key points:

• All licenses for the server must be first released to allow the deletion
• Deleting a server is a destructive operation that purges the server’s data on the next data aging
• Consider releasing licenses instead of deleting a server if data needs to be preserved

Deleting a server

Page 250 of 559

Education Services Commvault® Professional Course May 2018

Delete a Client (CommCell® Console)

Right-click the client | Click All Tasks | Delete

Deleting a client is a task that removes the client completely from the CommCell ® environment. It is considered a
destructive operation, since the data associated to that client is marked to be destroyed. During the next data aging
operation, which is scheduled every day at noon by default, the client’s data is physically purged from the disk
libraries. Data on tapes is also marked as aged, and tapes can be recalled as scratch media if empty.

Deleting a client key points:

• All licenses for the client must be first released to allow the deletion
• Deleting a client is a destructive operation that purges the client’s data on the next data aging
• Consider releasing licenses instead of deleting a client if data needs to be preserved

Page 251 of 559

Education Services Commvault® Professional Course May 2018

Deleting a client

Page 252 of 559

Education Services Commvault® Professional Course May 2018

Server Activity Control (Admin Console)

Data protection and data recovery jobs are enabled or disabled in the server properties view. If activity is disabled, an
Enable after a Delay button is displayed. This is used to automatically enable the activity on a specific date and time.
Client activity control is useful when a client is offline, since any scheduled operations are, by default, ignored if
activity is disabled.

Configuring client activity control settings

Page 253 of 559

Education Services Commvault® Professional Course May 2018

Client Activity Control (CommCell® Console)

Right-click the client | Click Properties | Activity Control tab

Data protection and data recovery jobs are enabled or disabled in the Activity Control tab in the Client Properties. If
activity is disabled, an Enable after a Delay button is displayed. This is used to automatically enable the activity on a
specific date and time. Client activity control is useful when a client is offline, since any scheduled operations are, by
default, ignored if activity is disabled.

Data aging can be disabled for a client as well. This prevents any jobs that belong to the client to be aged and purged
from storage. This is useful in a situation where a server is decommissioned, and data is required to be kept until
further notice.

Page 254 of 559

Education Services Commvault® Professional Course May 2018

Configuring client activity control settings

Server Update Status (Admin Console)

The current Commvault® software version, service pack level, update status, and operating system platform are
displayed for all clients providing summary information on their status.

Update status key points:

• Installed packages contains:

• The status of Up-to-Date
• Needs Updating
• Ahead of cache
• The Ahead of cache may appear in situations where updates have been applied to the system prior to their
general release
• Commvault recommends keeping all software up-to-date

Page 255 of 559

Education Services Commvault® Professional Course May 2018

View client update status for all clients

Client Update Status (CommCell® Console)

In the CommCell® browser | Click Client Computers

Update status for clients are viewed by selecting the Client Computers entity in the CommCell browser or through the
Client Properties page, in the Version tab.

Summary Update Status View for all Clients

In the CommCell® browser | Click Client Computers

The current Commvault® software version, service pack level, update status, and operating system platform are
viewed for all clients by selecting the Client Computers icon in the CommCell browser. All clients in the CommCell®
environment are displayed, providing summary information on their status.

Checking Detailed Update Status for a Client

Right-click the client | Click Properties | Version tab

The Version tab displays the current version of software, service pack level and status of each package installed on a
client.

Update status key points:

• Installed packages contains:

• The status of Up-to-Date

Page 256 of 559

Education Services Commvault® Professional Course May 2018

• Needs Update
• Ahead of cache
• The Ahead of cache may appear in situations where updates have been applied to the system prior to their
general release
• Commvault recommends keeping all software up-to-date
View client update status for all clients

Page 257 of 559

Education Services Commvault® Professional Course May 2018

View detailed client update status for an individual client

Page 258 of 559

Education Services Commvault® Professional Course May 2018

Server Groups

Page 259 of 559

Education Services Commvault® Professional Course May 2018

Server Groups (Client Computer Groups)

Server Groups are used to group like servers to simplify CommCell® administration. Servers can be added to one or
more server groups.

From the CommCell®, there are several methods for adding clients to groups:

• During installation, the client group can be selected.

• In the Server groups view, select the servers and include them in the group.

Server Groups provide the following benefits:

• Simplified navigation when locating servers within the Admin console.

• Configuring user group security to manage entire server groups.
• Simplified activity control, such as enabling or disabling data protection or recovery for an entire group.
• Applying updates, bandwidth throttling, network configurations, for instance, to entire groups at the same
time.
• Assigning server groups when configuring reports and alerts automatically adds/removes clients when changes
are made to the group.

Page 260 of 559

Education Services Commvault® Professional Course May 2018

Server Association Methods (Admin Console)

When using the Admin Console, there are two association methods for server groups. First, computers can be
associated manually to a group. This method requires manual intervention to associate servers to the group. This is
accomplished during the agent installation or by editing the server group.

In addition to the manual association method, automatic association rules can also be used. This efficient method
automatically associates servers to a group based on a set of predefined rules. Many criteria can be used to define the
rules.

Creating a server group

Page 261 of 559

Education Services Commvault® Professional Course May 2018

Creating a server group with automatic association rules

Page 262 of 559

Education Services Commvault® Professional Course May 2018

Client Association Methods (CommCell® Console)

Right-click the client computer group | Properties | General tab

Page 263 of 559

Education Services Commvault® Professional Course May 2018

When using the CommCell® Console, there are two association methods for client computer groups. First, computers
can be associated manually to a group. This method requires manual intervention to associate computers to the
group. This is accomplished during the agent installation, by editing the computer group or by editing the client’s
properties.

In addition to the manual association method, automatic association rules can also be used. This efficient method
automatically associates computers to a group based on a set of predefined rules. Many criteria can be used to define
the rules. Once the rules are defined, a Preview button is available to view the resulting list of computers. This ensures
that the rules are properly defined, and results are as expected.

Creating a client computer group

Page 264 of 559

Education Services Commvault® Professional Course May 2018

Creating a client computer group with automatic association rules

Page 265 of 559

Education Services Commvault® Professional Course May 2018

Server Group Activity Control (Admin Console)

Data protection and data recovery jobs are enabled or disabled in the server properties view. If activity is disabled, an
Enable after a Delay button is displayed. This is used to automatically enable the activity on a specific date and time.
Client activity control is useful when a client is offline, since any scheduled operations are, by default, ignored if
activity is disabled.

Configuring client activity control settings

Page 266 of 559

Education Services Commvault® Professional Course May 2018

Page 267 of 559

Education Services Commvault® Professional Course May 2018

Client Computer Group Activity Control (CommCell® Console)

As with a client, activity can be controlled for an entire computer group. This is useful when maintenance requires
activity to be disabled and later re-enabled on several computers at once.

Controlling computer group activity

Page 268 of 559

Education Services Commvault® Professional Course May 2018

File Server Solution

Page 269 of 559

Education Services Commvault® Professional Course May 2018

File Server Solution Overview

The file servers solution provides tools to manage UNIX and Windows servers protection. Once the Admin Console
core setup is complete, the file servers solution can be configured. Clients and subclients are configured prior to the
Admin Console configuration, or configured directly from the Admin Console.

Commvault® software provides the following features so that you can efficiently manage your data protection:

• Job monitoring
• Alerts
• Events
• Resource reports

Once configured, the file servers solution allows to create server plan to define protection settings such as the storage
targets to receive data as well as the retention of the data.

Page 270 of 559

Education Services Commvault® Professional Course May 2018

Add a File Server Solution

File servers solution setup and configuration

Page 271 of 559

Education Services Commvault® Professional Course May 2018

Page 272 of 559

Education Services Commvault® Professional Course May 2018

Page 273 of 559

Education Services Commvault® Professional Course May 2018

Page 274 of 559

Education Services Commvault® Professional Course May 2018

Data Protection Plans

The configuration of data protection is greatly simplified in the Admin Console. It is achieved by creating a protection
plan, which consists of several configuration options easily set in a single wizard. Options included are storage pool,
retention, recovery point objectives, content to protect, and offsite copy configuration.

Different plans can be created based on the data type requiring protection. Available types are:

• Data Classification
• Server
• Virtualization
• Snap

Page 275 of 559

Education Services Commvault® Professional Course May 2018

Protection plan high-level overview

Configure Server Plan

A server plan is used for any operating system or application agents that is not using the IntelliSnap® feature, nor is a
virtual server agent (VSA).

The plan is configured from the Plans view of the Admin Console.

Page 276 of 559

Education Services Commvault® Professional Course May 2018

Configuring a file system plan

Page 277 of 559

Education Services Commvault® Professional Course May 2018

Page 278 of 559

Education Services Commvault® Professional Course May 2018

Subclient
Subclients are used to define data that is protected in a containerized format. Each subclient container manages
specific content within a backup set. Each backup set has one or more subclients.

Key points for subclients:

• Subclient contents are defined as drives, folders, files or UNC paths.

• A storage policy is defined to manage the subclient.
• Scripts are inserted prior/after the scan and prior/after backups.
• Filter settings are configured for global and local filters.
• IntelliSnap® technology is enabled and storage array managing subclient data is defined.
• Data transfer options including compression, deduplication, and encryption are configured.

Page 279 of 559

Education Services Commvault® Professional Course May 2018

Example of subclient design

Default Subclient
By default, most agents have a default subclient. During the initial installation of the agent software, an option to
associate agent data with a storage policy is provided. This determines the storage policy that manages the default
subclient data. All subclients must be associated with a storage policy to protect the data.

The default subclient acts as a catch-all for all data managed within a backup set. This means the default subclient
automatically detects and protects all data the agent is responsible to protect. When custom subclients are defined,
any data managed by the custom subclients is automatically excluded from the default subclient. This is the concept of
mutual exclusiveness of contents within a backup set. Data is mutually exclusive to the subclient in which it is defined,
and data cannot be defined in multiple subclients within the backup set. The concept of Commvault® software is to
‘Copy Once and Reuse Extensively (CORE).’ In other words, protect the data to the storage policy and use secondary
copies to create additional copies of data. There are situations where protecting data from the source location multiple
times may be required. To accomplish this, you can create additional backup sets.

Tip: Mutual Exclusiveness of Subclients

Early in version 11, the mechanism of mutual exclusiveness of content was taken out of the product, allowing
duplicate content in different subclients within the same backup set to be defined. However, this mechanism
has been re-introduced in V11 SP5. If your subclient design strategy relies on defining exclusive content
between subclients, update the CommCell® environment to the latest service pack.

Defining Subclient Contents

The Contents tab is used to define the content for the subclient. Make sure to review the following important points
prior to configuring the subclient content:

• Do NOT modify the contents of the default subclient. If only certain drives are to be protected, use the Filter
tab to exclude those drives.

Page 280 of 559

Education Services Commvault® Professional Course May 2018

• Add content by using the Browse button or manually entering it using the Add Paths button.
• Define content drives, folders, or file types such as Office documents or Media files.
• Use the Add Paths button to enter UNC paths to protect data on systems that do not have Commvault agents
installed. You will be prompted to enter a user account with proper permissions to read the data from the
shared location. This feature is only recommended when protecting small amounts of data.

Content Rules for the Default and Custom Subclients

The following rules apply when defining content in subclients:

• Any data defined in a custom subclient is automatically filtered from the default subclient.

• An explicit path such as f:\ cannot be defined in two separate subclients within the same backup set.

Content Rules Prior to V11 SP5:

• If one subclient has the f:\ drive defined as content and a second subclient has the f:\users folder defined, the
f:\users folder will be backed up by both subclients.

• If one subclient has the f:\users folder defined and a second subclient has f:\users\finance defined, the
f:\users\finance folder will be backed up by both subclients.

• If one subclient has the f:\ drive defined and a second subclient has content defined as *.DOCX, both
subclients will protect all DOCX files redundantly.

• If it is necessary to configure subclients using the above examples and you want to avoid protecting
redundant data, ensure paths are filtered from other subclients.

Example:

o Two subclients f:\ and f:\users.

o f:\ drive subclient contains an f:\users local filter.

Content Rules as of V11 SP5 and Higher:

• If one subclient has the f:\ drive defined as content and a second subclient has the f:\users folder defined, the
f:\users folder will be protected only by the f:\users subclient and will automatically be excluded from f:\drive.

• If one subclient has the f:\users folder defined and a second subclient has f:\users\finance defined, the
f:\users\finance folder will be protected only by the f:\users\finance subclient and will automatically be
excluded from f:\users.

• If one subclient has the f:\ drive defined and a second subclient has content defined as *.DOCX, both
subclients will protect all DOCX files redundantly.
• To prevent file types from being protected in multiple subclients, filter the file type from other subclients. Filter
options include the ‘content library’ option.

Page 281 of 559

Education Services Commvault® Professional Course May 2018

Subclient Configuration
Add Subclients (Admin Console)
Administration | Servers | Agent | BackupSet | Add subclient

Key points for adding subclients:

• When new subclients are added, the content defined in the new subclient is automatically removed from the
default subclient.
• Content within a backup set cannot be defined in more than one subclient, except for VSA subclients.

Page 282 of 559

Education Services Commvault® Professional Course May 2018

Add a new subclient

Page 283 of 559

Education Services Commvault® Professional Course May 2018

Page 284 of 559

Education Services Commvault® Professional Course May 2018

Page 285 of 559

Education Services Commvault® Professional Course May 2018

Page 286 of 559

Education Services Commvault® Professional Course May 2018

Add Subclients (CommCell® Console)

Right-click the backup set | Click All tasks | New subclient

Key points for adding subclients:

• When new subclients are added, the content defined in the new subclient is automatically removed from the
default subclient.
• Content within a backup set cannot be defined in more than one subclient, except for VSA subclients.

Page 287 of 559

Education Services Commvault® Professional Course May 2018

Adding a new subclient

Page 288 of 559

Education Services Commvault® Professional Course May 2018

Filtering
Setting Subclient Filters (Admin Console)
Administration | Servers | Agent | BackupSet | Subclient | Content section | Edit

Filters are defined at subclient level to remove specific folders and objects that do not require protection.

Key points for subclient filters:

• Can be defined for Windows and UNIX subclients.

• Subclient filters include exclusion and exception filter entries:
▪ Exclusion filters – determines which folders and/or objects will be excluded from the subclient.
▪ Exception – is an override for exclusion. This means any folders and/or objects defined in the
exception entry is protected by the subclient. An example would be filtering a temporary directory
by defining it in the exclusions section, but adding an important folder to the exceptions section
for backup.

Similar to defining content, wildcards and patterns are used to define exclusion filters and
exceptions.

Page 289 of 559

Education Services Commvault® Professional Course May 2018

Enabling subclient filters

Page 290 of 559

Education Services Commvault® Professional Course May 2018

Page 291 of 559

Education Services Commvault® Professional Course May 2018

Page 292 of 559

Education Services Commvault® Professional Course May 2018

Setting Subclient Filters (CommCell® Console)

Right-click on Subclient | Click Properties | Filters tab

Filters are defined at the global and subclient level to remove specific folders and objects that do not require
protection. Global filters defined in the Global Filters applet in Control Panel are automatically or manually associated
with subclients. If global filters are associated with a subclient, the choice to override the global filters is available.

Key points for global and subclient filters:

• Global filters can be defined for Windows, UNIX, Exchange (Classic), Hadoop, IBM i, Macintosh, NAS, NFS,
OES, OpenVMS, and Virtual Servers.
• To enforce global filters to subclients, enable the ‘Use Global Filters on all Subclients’ checkbox.
• Subclient settings to inherit global filters are configured as:
o On – always use global filters.
o Off – never use global filters.
o Cell-Level Policy – only use global filters if ‘Use Global Filters on all Subclients’ checkbox has been
enabled.
• Subclient filters include exclusion and exception filter entries:
o Exclusion filters – determines which folders and/or objects will be excluded from the subclient.
o Exception – is an override for exclusion and global filters. This means any folders and/or objects
defined in the exception entry is protected by the subclient.

Page 293 of 559

Education Services Commvault® Professional Course May 2018

Similar to defining content, wildcards and patterns are used to define exclusion filters and
exceptions.

Enabling global filters

Page 294 of 559

Education Services Commvault® Professional Course May 2018

Enabling subclient filters

Page 295 of 559

Education Services Commvault® Professional Course May 2018

Job and Data Management

Page 296 of 559

Education Services Commvault® Professional Course May 2018

Data Protection Overview

Protecting data is paramount for safeguarding important information from corruption and/or loss. Considering a broad
range of disaster scenarios is essential when designing a data protection strategy. These situations can range from a
deleted file or corrupted virtual machine, to a crashed server or a complete data center disaster. The more situations
you plan for, the better prepared you are if one occurs.

Commvault® software has several methods to help you successfully achieve data protection. Each method impacts the
Recovery Point Objective (RPO) and Recovery Time Objective (RTO) parameters, which determine the best data
backup plan. Understanding Commvault’s data protection methods, their strengths and benefits will result in an
optimal architectural design that achieves your data protection needs.

Backup Types
Commvault® software provides the following backup types for protecting data:

• Full
• Incremental
• Differential
• Synthetic Full
• DASH Full

Page 297 of 559

Education Services Commvault® Professional Course May 2018

Full
A full backup protects all data within a subclient each time it is run. This provides the most complete level of
protection by backing up all data every time the job runs. It also provides the fastest recovery time since all data is
contained within a single job.

Full backups require the most storage space and take the longest time to complete.

Full backup process

Incremental
Incremental backups protect all data that has been added or modified since the last successful backup operation.
Based on the average incremental rate of change and growth, the incremental backups should remain consistent in
size. An incremental backup is considered a dependent operation, as it is dependent on previous incremental backups
and the full backup which started the cycle.

For a full restore of data, the full and all incremental backups are required.

Page 298 of 559

Education Services Commvault® Professional Course May 2018

Incremental backup process

Differential
A differential job backs up all data that has been modified or added since the last full backup job. The first differential
job following a full backup just contains incremental changes since the full backup completed. As subsequent
differential backups are run, the backup size increases since all changed and added data is backed up in each
differential. As the cycle progresses and more differential backups are executed, they continually increase in size
requiring more storage until the next full backup runs. Restores are slower than a full, but faster than using
incremental jobs since only the full and most recent differential is required for a complete restore.

Another advantage of differential jobs is that modified data is being redundantly stored throughout the cycle as each
differential completes. This could potentially limit data loss if a differential job is lost or damaged.

Differential backup process

Page 299 of 559

Education Services Commvault® Professional Course May 2018

Synthetic Full and DASH Full Jobs

A synthetic full backup synthesizes full backup operations by copying previously backed up data into a new full backup
job. It works by using the Image file from the most recent backup. The image file contains a list of all objects that
existed at the time the backup operation was run. The synthetic full uses the image to determine which objects
require protection and copies the objects from previous backup jobs into a new synthetic full backup. No data is
backed up from the production client, which can reduce the time required to generate the synthetic full backup as
opposed to a traditional full backup.

For synthetic full backups to work properly, an initial full must be run which provides the foundation in which the
synthetic full backups will be based on. Incremental backups must be run after the initial full and subsequent synthetic
full to ensure all required objects are in protected storage. When the synthetic full runs, it copies all required objects
into a new synthesized full backup, which will then become the foundation for the next synthetic full backup.

Synthetic Full key points:

• Synthetic full backups are useful for large volumes or Exchange mailbox backups where many objects require
protection or when the production client has very short operation windows.

• Synthetic full backups work best on non-deduplicated disk storage. When using Commvault deduplication, use
DASH Full backups instead of traditional synthetic full backups.

• Using Synthetic full backups on appliance-based deduplication devices can have a negative impact on
performance. In some cases, the performance can be slower than running regular full backups.

if using 3rd party deduplication solutions, test this option before implementing.

Page 300 of 559

Education Services Commvault® Professional Course May 2018

Synthetic full backup process

Page 301 of 559

Education Services Commvault® Professional Course May 2018

DASH Full
A read optimized synthetic DASH Full uses the Commvault® deduplication feature to logically perform synthesized full
backups without moving any data. This can be accomplished because Commvault deduplication tracks the location of
all blocks on disk storage. After the initial base full is run and subsequent incremental jobs are run, all block data
required for the synthetic full is already present in the deduplicated disk storage location. Since deduplication only
stores a unique block once in storage, the DASH Full operation only makes references to the blocks in storage and not
actually copies them. The DASH Full operation generates a new index file signifying that a full backup was run and
updates the Deduplication Database (DDB) with block record data that is used for data aging purposes. DASH Full
backups are the preferred method of running full backup jobs and can dramatically reduce backup windows.

When enabling Commvault deduplication for a primary copy, the ‘Enable DASH Full’ option is
selected by default.

DASH full backup operation

Page 302 of 559

Education Services Commvault® Professional Course May 2018

Auxiliary Copy and DASH Copy Jobs

Auxiliary Copy
An auxiliary copy job is an auxiliary operation used for the following:

• Copy jobs to secondary copy locations

• Generate content indexes
• Full reconstruct for the Deduplication Database (DDB)

Auxiliary Copy Options

Right-click the storage policy | All Tasks | Run Auxiliary Copy | General tab

Auxiliary copy operation allows you to schedule, run on-demand, save a job as a script, or set an automatic copy.

There are several options to choose from when configuring Auxiliary copy operations:

• Allocate number of readers or streams to use during auxiliary copy job

• Decide which secondary copies you want to include in the auxiliary copy job
• Start new media and mark media full, which can be used to isolate jobs on media
• Use VaultTracker™ options to export and track media using VaultTracker policies and reports
• Use Job priorities to assign different job priorities for auxiliary copies

Page 303 of 559

Education Services Commvault® Professional Course May 2018

Auxiliary copy options

DASH Copy
A DASH Copy is an optimized auxiliary copy operation which only transmits unique blocks from the source library to
the destination library. It can be thought of as an intelligent replication which is ideal for consolidating data from
remote sites to a central data center and backups to DR sites.

DASH Copy has several advantages over traditional replication methods:

• DASH Copies are auxiliary copy operations, so they can be scheduled to run at optimal time periods when
network bandwidth is readily available. Traditional replication would replicate data blocks as it arrives at the
source.
• Not all data on the source disk needs to be copied to the target disk. Using the subclient associations of the
secondary copy, only the data required to be copied would be selected. Traditional replication would require
all data on the source to be replicated to the destination.
• Different retention values can be set to each copy. Traditional replication would use the same retention
settings for both the source and target.
• DASH Copy is more resilient in that if the source disk data becomes corrupt the target is still aware of all data
blocks existing on the disk. This means after the source disk is repopulated with data blocks, duplicate blocks
will not be sent to the target, only changed blocks. Traditional replication would require the entire replication
process to start over if the source data became corrupt.

Page 304 of 559

Education Services Commvault® Professional Course May 2018

Disk and Network Optimized DASH Copy

Right-click the secondary deduplicated copy | Click Properties | Deduplication tab | Advanced subtab

Disk Optimized DASH Copy

Disk optimized, which is the default setting, should always be used when the source library is using Commvault
deduplication.

Disk optimized DASH Copy extracts signatures from chunk metadata during the auxiliary copy process, which reduces
the load on the source disks and the MediaAgent since blocks do not need to be read back to the MediaAgent and
signatures generated on the blocks.

Network Optimized DASH Copy

Network optimized should only be used if the source library is not using Commvault deduplication. Network optimized
DASH Copy reads all blocks required for the auxiliary copy job back to the MediaAgent, which generates signatures on
each block.

DASH Copy operation using network and disk optimized

Enabling DASH Copy

Right-click the secondary deduplicated copy | Click Properties | Deduplication tab | Advanced subtab

To schedule an auxiliary copy job as a DASH Copy, first go to the Secondary Copy Properties Deduplication tab and,
from the Advanced sub tab, select the ‘Enable DASH Copy’ checkbox and ensure that 'Disk Optimized' is also checked.

Running a DASH Copy:

1. Right-click the Storage Policy.

2. Select All Tasks and then Run Auxiliary Copy.
The auxiliary copy can be run immediately, scheduled, or set to run at automatic time intervals.

Page 305 of 559

Education Services Commvault® Professional Course May 2018

Setting Disk or Network Optimized DASH copy

Storage Policy Copy Options for Auxiliary Copy

Right-click the storage policy secondary copy | Click Properties | General tab

There are several storage policy copy options that impact auxiliary copy jobs:

• Inline Copy
• Parallel Copy
• Deferred Copy
• Selective Copy

Inline Copy
Right-click the storage policy secondary copy | Click Properties | General tab

The Inline Copy option lets you create additional copies of data at the same time you are performing primary backups.
This feature is useful when two copies of data must be done quickly. Data is passed from the client to the MediaAgent
as job streams. The MediaAgent then creates two sets of device streams; each going to the appropriate library.
Although this is a quick method for creating multiple copies, there are a few caveats to consider:

• Inline Copy is not supported if Client Side Deduplication has been enabled.
• If the primary copy fails, the secondary copy also fails.
• Since both copies are made at the same time, twice as many library resources are required, which may
prevent other jobs from running.

Page 306 of 559

Education Services Commvault® Professional Course May 2018

• Since backup data is streamed, data is sent to both libraries simultaneously, which may cause overall
performance to degrade. Basically, your job runs as fast as the slowest resource.
The last point is important to understand. Consider a scenario where the primary library receiving the client streams is
a disk library, and two secondary libraries are cloud and tapes. If Inline Copy is enabled on both secondary copies, the
three copies are performing at the speed of the slowest target, in this case, let’s assume it is the WAN link to reach
the cloud library. It might result in tape drive buffers not filling up quickly enough. The tapes therefore must
constantly be paused and repositioned, also known as “shoe shinning.” This reduces the lifespan of tapes and drives
significantly.

Inline Copy process

Page 307 of 559

Education Services Commvault® Professional Course May 2018

Inline Copy configuration for a storage policy copy

Parallel Copy
Right-click the storage policy secondary copy | Click Properties | General tab

A parallel copy generates two secondary copy jobs concurrently when an auxiliary copy job runs. Both secondary
copies must have the ‘Enable Parallel copy’ option selected and the destination libraries must be accessible from the
same MediaAgent. Like the Inline copy option, the performance is based on the speed of the slowest target.

There is an advantage of using Parallel Copy over Inline Copy to create multiple secondary copies. A Parallel Copy is
executed by an auxiliary copy schedule and is independent of the backup job — thus not slowing up the backup
performance as an Inline copy will do.

Page 308 of 559

Education Services Commvault® Professional Course May 2018

The Parallel Copy process

Parallel Copy configuration for a storage policy copy

Page 309 of 559

Education Services Commvault® Professional Course May 2018

Deferred Copy
Right-click the storage policy secondary copy | Click Properties | General tab

Deferring an auxiliary copy prevents a copy from running for a specified number of days. Setting this option results in
data not aging from the source location, regardless of the retention on the source, until the auxiliary copy is
completed. This option is traditionally used in Hierarchal Storage Management (HSM) strategies where data will remain
in a storage policy copy for a certain period. After that time, the data is copied to another storage policy copy and
deleted from the source during the next data aging job.

With Commvault® software it is recommended to copy data to multiple HSM copies to provide for
disaster recovery, as well as HSM archiving.

TIP: When to use Hierarchal Storage Management Strategy

Consider a scenario where a MediaAgent has a costly performant disk library that has reached full capacity.
The storage unit is already fully expanded. A larger cheaper, but less performant unit is acquired. Instead of
just adding mount paths to the actual library (which may not use the performant disks for the most recent
data) an HSM strategy leveraging the deferred copy option can be used. The storage policy must have the
primary copy stored in the performant library, and a secondary copy in the larger library.

Deferred Copy HSM concept

Page 310 of 559

Education Services Commvault® Professional Course May 2018

Deferred Copy HSM configuration for a storage policy copy

Selective Copy Tab

A Selective Copy allows automatic selection of specific full backups or manual selection of any backup for additional
protection. Selective copy options allow the time based automatic selection of ‘all,’ ‘weekly,’ ‘monthly,’ ‘quarterly,’ ‘half-
year,’ and/or ‘yearly full’ backups. Advanced options allow you to generate selective copies based on a frequency of
number of ‘cycles,’ ‘days,’ ‘weeks,’ or ‘months.’ You can also choose the ‘Do Not Automatically Select Jobs’ option
which allows you to use auxiliary copy schedules to determine when copies of full backups will be made.

Page 311 of 559

Education Services Commvault® Professional Course May 2018

Selective Copy configuration for a storage policy copy

Page 312 of 559

Education Services Commvault® Professional Course May 2018

Job Initiation
A job can be initiated using any of the following methods:

• Manually – by launching the job from the console and selecting to execute it immediately
• Scheduled – either an independent schedule or a schedule policy
• Save as a script – to be later executed by a user or by an external automated scheduler

Page 313 of 559

Education Services Commvault® Professional Course May 2018

Initiating a job

Page 314 of 559

Education Services Commvault® Professional Course May 2018

Using Schedules and Schedule Policies

Scheduling
Most data protection jobs use traditional backups or snapshots are scheduled. The frequency of scheduled jobs should
be based on the RPO times. For a 24 hour RPO, jobs are scheduled to run daily. If a four hour RPO is required, then
jobs should be scheduled to run every four hours.

Different types of jobs can be scheduled to run on different days. The traditional weekly full and daily incremental is
the most common schedule, but not always the best. Consider scheduling jobs based on RTO, RPO and how
frequently data should be sent off-site.

For example, if data is being backed up to disk and DASH copied to disk at a DR location, jobs can be scheduled to run
more frequently throughout the day to shrink RPOs and send data off-site faster. If the disk data needs to be
consolidated to tape on a monthly basis, a schedule of monthly full and daily incremental with the monthly full being
Aux copied to tape may be an adequate solution. Another example is when performing a backup directly to tape. A
schedule of nightly full backups or weekly full and nightly differential can be implemented. Both methods may shrink
RTO times.

Auxiliary copies are as important to properly schedule as data protection jobs. If the corporate requirement is a four
hour RPO for critical databases, and the database backup running every four hours is DASH copied only once a day, it
can lead to an SLA not being met in case of a disaster, where the primary disk library is lost.

Commvault® software uses a standard scheduler for scheduling all operations within the CommCell® environment. The
following is a list of operations that can be scheduled:

• Data protection operations

• Data recovery operations

Page 315 of 559

Education Services Commvault® Professional Course May 2018

• CommServe DR backup
• Reports
• Data Aging

Schedule Frequency
Jobs can be configured to run once or repeat based on setting the following frequencies:

• Daily – jobs are set to start and end at a certain time each day. A repeat interval can be configured to have
the job run multiple times per day with an hour and minute recurrence interval.
• Weekly – jobs are configured to run on specific days of the week or set to repeat every fixed number of
weeks. Exceptions can also be added, for example if a job is to be scheduled to run every Friday except for
the last Friday of the month, set the weekly schedule to run on Friday, repeat every week, and set an
exception for the last Friday of the month.
• Monthly – jobs are configured to run based on the following criteria:
• On the first, second, third, fourth or last day of a month.
• The day of the month specified can be a day of the week, specific day, weekday or weekend day.
• Yearly – jobs are configured to run based on the following:
• Specific day of a specific month.
• On the first, second, third, fourth or last day of a specific month.
• The day of the month specified can be a day of the week, day, weekday or weekend day.
• Automatic – schedules are used for protecting end user workstations or automatically scheduling specific
database application log backups, such as SQL or Oracle.
• Continuous – is a schedule in which an interval between job is defined.
o The first job is executed
o Starting from that point on, as soon as it completes, it waits for the time interval to elapse and
launches the job again.

Independent Schedules
Right-click the subclient | Click Backup | Job Initiation section

Jobs can be scheduled to run independently. An independent schedule is created at the client level, and is used only
by that client. It is initiated from the Job Initiation section of a job. All backup or auxiliary copy options can be defined
for the job.

There are several schedule patterns that are used, but one frequently used for independent jobs is the One-Time
pattern. It executes an on-demand job later, without having to manually launch it.

Page 316 of 559

Education Services Commvault® Professional Course May 2018

Creating an independent schedule for a backup job

Creating an independent schedule for an auxiliary copy job

Page 317 of 559

Education Services Commvault® Professional Course May 2018

Schedule Policies
Expand Policies | Right-click Schedule Policies | Click New Schedule Policy

Jobs can be scheduled to run by using schedule policies. A schedule policy is a set of rules containing one or many
schedules. This set of schedules is deployed to multiple systems or storage policies requiring a similar schedule pattern
for backups or auxiliary copies. This helps in managing and controlling the schedules in bulk.

At any time, subclients or storage policies can be added or removed from a schedule policy. It is also possible to
manually execute a schedule from the schedule policy, which simultaneously launches backups on all systems
associated with it.

To effectively manage your jobs, use schedule policies whenever possible.

Creating a schedule policy

Page 318 of 559

Education Services Commvault® Professional Course May 2018

Automatic Schedules
Commvault® software provides the ability to control the execution of jobs using an automatic schedule. The automatic
schedule uses criteria which, when met, triggers the execution of the task automatically. Automatic schedules are used
for three specific examples:

• Laptop backups
• Database backups
• Auxiliary Copy

Tip: How to Ensure the Data is Sent Off-site

Most jobs run once during the day while normal schedules can be used for auxiliary copies. The automatic
copy allows you to set a check interval for source data to be copied. This is an advantage when jobs are run
multiple times per day, or if you are unsure when the source data will become available for copy.

Example: A critical database is running transaction log backups every four hours. You want to run an
auxiliary copy of the source transaction logs to a secondary location, in this case a disk library off-site.

Solution: Schedule the transaction logs to back up every four hours. Then set the automatic auxiliary copy
option to check for source data in much shorter intervals. If source data is present, the auxiliary copy runs
creating an additional copy of the data.

Page 319 of 559

Education Services Commvault® Professional Course May 2018

Automatic Laptop Backup

Right-click a schedule policy | Click the General tab | Add | Schedule Pattern tab | Automatic | Laptop subtab

The protection of mobile users’ laptops is controlled through an automatic schedule that uses criteria, such as
available bandwidth, AC power, or if the laptop is idle. This ensures that backups are executed when the computer is
under ideal condition.

When setting up the criteria for laptop backups, two values must be set for intervals between jobs, which are as
follows:

• Minimum interval between job – This is the minimal time between two consecutive backup jobs. The
default value is 15 minutes. If the laptop has been protected more than 15 minutes ago, and if it meets all
requirements, such as available bandwidth, AC power, etc., it is then protected.
• Maximum interval between job – This is the maximum acceptable time between backup jobs. The default
value is 72 hours. This means that if a laptop has been protected more than 72 hours ago, even if it does not
meet the requirements, such as available bandwidth, AC power, etc., the system attempts to back it up. This
prevents a laptop to function for a long period without being protected. An example is when the laptop’s
battery is used frequently or the bandwidth is limited.

Automatic laptop backup schedule

Page 320 of 559

Education Services Commvault® Professional Course May 2018

Automatic database log backups

Right-click a schedule policy | Click the General tab | Add | Schedule Pattern tab | Automatic | Databases subtab

The automatic backup schedule for databases allows to set a space usage threshold for the volume where the
database log files reside. If the space usage is reached, a backup is triggered, which implies truncating the logs at the
end of the backup. It will therefore free up space on the volume. This is a useful tool to prevent database log volumes
to fill up if backups are not scheduled to run frequently enough.

When setting up the criteria for database backups, two values must be set for interval between backup jobs, which
are as follows:

• Minimum interval between job – This is the minimal time between two consecutive backup jobs. The
default value is 15 minutes. If the database has been protected more than 15 minutes ago, and its log volume
space usage reaches the defined usage threshold, it gets protected.
• Maximum interval between job – This is the maximum acceptable time between backup jobs. The default
value is 72 hours. This means that if a database has been protected more than 72 hours ago, even if log
volume space usage has not reached the defined threshold, the system protects it.
Commvault software supports the following applications for database backups:

• Microsoft® SQL server

• Oracle
• Oracle RAC
• SAP for Oracle
• Notes database traditional log backups

For the most current list of applications, refer to the Commvault ® Online Documentation.

Page 321 of 559

Education Services Commvault® Professional Course May 2018

Configuring automatic transaction log backups

Automatic Auxiliary Copy Schedule

Expand Policies | Schedule Policies | Right-click System Created Autocopy schedule | Click Edit

An automatic schedule is used to run an auxiliary copy. You can create the automatic schedule if you want to perform
the auxiliary copy at a specific frequency to ensure that an additional copy of data is automatically created. If you
define a frequency of 30 minutes, this means that every 30 minutes the system checks if there are completed jobs in a
storage policy primary copy that have not yet been copied to a secondary copy. If this is the case, the auxiliary copy
job starts copying these jobs.

An automatic schedule has a significant advantage over a traditional auxiliary copy schedule that runs after the
backups. Since it executes every 30 minutes, if jobs have completed, they are copied even if other backup jobs are
still running. This provides the shortest auxiliary copy window possible.

When Commvault® software is installed, a schedule policy named System Created Autocopy schedule is implemented
by default. When a storage policy secondary copy is created, it automatically becomes associated with that schedule
policy that executes auxiliary copies every 30 minutes.

Page 322 of 559

Education Services Commvault® Professional Course May 2018

Edit Automatic auxiliary copy schedule

Page 323 of 559

Education Services Commvault® Professional Course May 2018

Managing Active Jobs

Managing Active Job (Admin Console)
The jobs view is the most effective tool for managing and troubleshooting all active jobs within the CommCell®
environment. Regardless of which method is used to initiate a job (schedule, on demand or script) the job appears in
the jobs view.

Use Jobs View Options

The following actions can be performed from the jobs view:

• View job details

• Suspend/Resume/Kill a job
• View logs
• Send logs

View Job Details

Each job includes information about the job status, data path, and media usage or job events and errors.

Page 324 of 559

Education Services Commvault® Professional Course May 2018

Viewing job details

Change Job Status

Job status can be changed from the Admin Console Jobs view. A job can be suspended to later be resumed or killed.
If needed, any job, whether it was successful, failed or was killed, can later be resubmitted. This can be useful to re-

Page 325 of 559

Education Services Commvault® Professional Course May 2018

execute a failed job that encountered an issue after it was resolved. Instead of having to initiate the job through the
Servers view and select all options, it can simply be resubmitted from the Jobs view.

Status can be changed for multiple job simultaneously by using the multi-select job option.

Active job options

Page 326 of 559

Education Services Commvault® Professional Course May 2018

Selecting and controlling multiple jobs

Resubmitting a job

Page 327 of 559

Education Services Commvault® Professional Course May 2018

View Job Logs

Running a job involves many CommCell® components and processes interacting with each other, which could make it
hard to troubleshoot if an efficient tool was not provided. Consider a backup job, which requires the CommServe ®
Server, the MediaAgent, and the client components. Each component has several processes triggered, each having a
dedicated log file. This is potentially a dozen log files containing entries relevant to this job, but also entries from other
jobs.

The Jobs view simplifies the scavenging of information from log files by concatenating it in a central window. Each
section has a header providing information on the server and log filename from which the entries were extracted.

Viewing job logs

Page 328 of 559

Education Services Commvault® Professional Course May 2018

Page 329 of 559

Education Services Commvault® Professional Course May 2018

Send Job Logs

Situations may occur where job logs must be sent to Commvault® Support. After gathering the appropriate server and
log file information in the jobs view, you can send job logs by simply using the job’s option, Send logs.

Sending job logs to Commvault® support

Page 330 of 559

Education Services Commvault® Professional Course May 2018

Apply Filters to the Jobs View

To apply filters to the Jobs view, filters must first be toggled on. Any desired filter can then be applied to a column.
Several filters can be concurrently selected and applied to the same column and more than one column can have
filters applied at the same time. This provides the necessary granularity to refine the view to better monitor and
troubleshoot the CommCell® environment.

Applying filters to the Jobs view

Page 331 of 559

Education Services Commvault® Professional Course May 2018

Page 332 of 559

Education Services Commvault® Professional Course May 2018

Managing Active Jobs (CommCell® Console)

The Job Controller manages all active jobs within the CommCell® environment. Regardless of which method is used to
initiate a job (schedule, on demand, or script), the job appears in the Job Controller in the CommCell® console. The
Job Controller is the most effective tool within the CommCell console for managing and troubleshooting active jobs.

Common actions that are conducted from the Job Controller:

• Suspend / Resume / Kill

• Change job priority
• View events
• View logs
• Add a job alert
• View job details
• Apply Job Controller filters
Change the status of a job in the Job Controller

Page 333 of 559

Education Services Commvault® Professional Course May 2018

Control multiples jobs simultaneously

Control all jobs for a specific client or MediaAgent

Page 334 of 559

Education Services Commvault® Professional Course May 2018

Create and apply filters to the Job Controller window

Page 335 of 559

Education Services Commvault® Professional Course May 2018

Controlling Job Activity

Job Activity Control (Admin Console)
Commvault® software offers a great deal of flexibility for controlling job activity. Data protection, recovery, and
administrative jobs can be temporarily disabled and then re-enabled at a specific data and time. Activity control can be
set for the entire CommCell® environment, server group, and server levels.

Job activity key points:

• If activity is disabled for a parent object in the Admin Console, activity is automatically disabled for any child
objects.
• Activity can be disabled until manually enabled or set to automatically re-enable at a specific date and time.
• If activity is enabled for a parent object, activity can be enabled or disabled for any child objects.

Which Activity can be Controlled?

• All activity for the entire CommCell® environment can be enabled / disabled.
• Disabling activity at the CommCell level will disable all activity in the CommCell environment.
• Enabling (default) allows activity to be controlled at child levels.

Page 336 of 559

Education Services Commvault® Professional Course May 2018

Enabling or Disabling CommCell Activity

Disabling Job Activity

If job activity is disabled at any level, it will automatically disable activity for any child objects within the tree. Activity
cannot be overridden at any child levels.

Example: A server group representing servers for a specific location is disabled for maintenance. By disabling activity
at the group level, all servers within the group are automatically disabled.

Activity control for the entire CommCell® console

Enabling Job Activity

If job activity is enabled at any level within the CommCell® tree activity can be disabled at any child level object within
the tree.

Example: A specific server has a maintenance window scheduled. By disabling the activity for that server, no
operations will run. All other servers within the group will operate normally.

Page 337 of 559

Education Services Commvault® Professional Course May 2018

Activity control for a client

Page 338 of 559

Education Services Commvault® Professional Course May 2018

Enabling After Delay

If activity is disabled at any level in the CommCell® tree the option ‘Enable after a Delay’ can be used to automatically
re-enable activity after a specific delay or at a specific date and time.

Enable activity after a delay

Page 339 of 559

Education Services Commvault® Professional Course May 2018

Job Activity Control (CommCell® Console)

Commvault® software offers a great deal of flexibility for controlling job activity. Data protection, recovery, and
administrative jobs can be temporarily disabled and then re-enabled at a specific data and time. Activity control can be
set for the entire CommCell® environment, client computer group, and client levels.

Job activity key points:

• If activity is disabled in a parent object of the CommCell tree, activity is automatically disabled for any child
objects.
• Activity can be disabled until manually enabled or set to automatically re-enable at a specific date and time.

• If activity is enabled for a parent object in the CommCell tree, activity can be enabled or disabled for any child
objects.

• When activity is disabled or enabled, the icon where the activity was set changes to reflect the current activity
state.

Which Activity can be Controlled?

• All activity for the entire CommCell® environment can be enabled / disabled.
• Disabling activity at the CommCell level will disable all activity in the CommCell environment.
• Enabling (default) allows activity to be controlled at child levels.

Enabling or Disabling CommCell Activity

Disabling Job Activity

If job activity is disabled at any level within the CommCell® tree, it will automatically disable activity for any child
objects within the tree. Activity cannot be overridden at any child levels.

Example: A client computer group representing clients for a specific location is disabled for maintenance. By disabling
activity at the group level, all clients within the group are automatically disabled.

Page 340 of 559

Education Services Commvault® Professional Course May 2018

Activity control for the entire CommCell® console

Enabling Job Activity

If job activity is enabled at any level within the CommCell® tree activity can be disabled at any child level object within
the tree.

Example: A specific client has a maintenance window scheduled. By disabling the activity for that client, no
operations will run. All other clients within the group will operate normally.

Page 341 of 559

Education Services Commvault® Professional Course May 2018

Activity control for a client

Enabling After Delay

If activity is disabled at any level in the CommCell® tree the option ‘Enable after a Delay’ can be used to set a date
and time where activity is automatically re-enabled.

Enable activity after a delay

Page 342 of 559

Education Services Commvault® Professional Course May 2018

Job Priorities
Commvault® software implements a robust method for configuring job priorities. There are three different number
values that make up a job priority, the job type, client, and agent. The three numbers are combined to form a three-
digit priority level.

In Commvault® software the zero value has the highest priority and the nine value has the lowest
priority.

Each job type has a specific priority value associated with it:

• CommCell administrative operations such as data aging and the CommServe DR backup have a zero-level
priority.
• Restore operations have a zero-level priority.
• Backup operations have a one level priority.
• Auxiliary copy jobs have a two-level priority.

The backup and restore priority numbers cannot be modified. It would risk breaking the system
and prevent jobs from running.

Page 343 of 559

Education Services Commvault® Professional Course May 2018

Job priority number overview

Job Type Priority

Job type priority, such as an auxiliary copy is modified from the Job Management applet.

Job type priority number configuration

Page 344 of 559

Education Services Commvault® Professional Course May 2018

Client Priority
Client priorities are configured for individual clients in the Job Options tab in the Client Properties. The default client
priority is six.

Client priority number configuration

Page 345 of 559

Education Services Commvault® Professional Course May 2018

Agent Priority
Agent priorities are configured for each agent type in the Job Management applet in the control panel and have a
default priority of six.

Agent type priority number configuration

Page 346 of 559

Education Services Commvault® Professional Course May 2018

Customizing Priority Numbers

The first digit in the priority value cannot be modified but the client and agent priorities can be. By default, the order
for the priority is job, client and agent. However, the client and agent priorities can be reversed by specifying the
‘Priority Precedence’ setting in the Job Management applet in the Configuration menu.

Priority precedence configuration for job priority number

Example: if an Oracle backup is running with an agent priority set to four on a client with a priority set to six, the
default priority for the backup would be 164. One for the backup type, six for the client, and four for the agent type.

Dynamic Priority
A new dynamic priority mechanism is available in SP11. It is applied to concurrent jobs with the same priority number.
Dynamic priority intelligently prioritizes the backups based on machine learning.

Dynamic Priority Logic:

• Strike Count - is defined as the number of failures that happened since last successful backup job of the
same backup level. Strike count is for a subclient and is computed dynamically.
• Estimated Completion Time -The Estimated completion time is forecast based on previous backup job
patterns of the same backup level on the subclient using machine learning .
Dynamic Priority Calculation:

• When jobs have equal Operation/Client/Agent priorities, the subclient with the greater Strike Count is
prioritized.
• When the jobs have equal Strike Count also, the subclient with the higher Estimated Completion Time is
prioritized.

Page 347 of 559

Education Services Commvault® Professional Course May 2018

Determining How Active Jobs Behave Based on Priorities

When multiple jobs are executed at the same time, the job priority determines the order in which they run. You can
also affect how running jobs behave when a newly queued job has a higher priority. By default, a job with a higher
priority does not preempt a running job. This is modified in the Job Management applet with the following options:

• Backups Preempt Other Backups – when enabled, permits newly executed jobs to preempt backups jobs.
• Backups Preempt Auxiliary Copy – when enabled, permits newly executed jobs to preempt auxiliary copy
jobs.
Example: A higher priority job preempts a lower priority job. If the first job is writing to the media, a higher priority
job can take over when the first job completes its writing phase. Higher priority jobs may acquire access to the media
right after a lower priority job completes its job phase.

Enabling preemption of too many jobs could negatively affect overall performance.

Job preemption configuration

Operation Windows
Operation windows allow the Commvault® administrator to designate black out windows in which selected operations
do not run. These rules can be set at the global, client computer group, client, agent, and subclient levels. Child
objects can also be configured to ignore operation windows at higher levels. Different operation windows can be
defined for data protection jobs, recovery jobs, copy jobs and administrative jobs.

Each defined operation window can have one or more ‘Do not run’ intervals defined. Different operation rules can be
specified for the same operation type to define specific time intervals for different days of the week.

Page 348 of 559

Education Services Commvault® Professional Course May 2018

Operation window configuration

How Operation Windows Work

Job starts during an operation window blackout period

If a job starts and an operation window is currently preventing jobs from running, it is placed in a queued state. This
applies to both indexed and non-indexed jobs. Once the operation window is lifted and jobs can run, the jobs status
changes to a running state.

Job is running when an operation window blackout occurs

If a job is currently running and an operation window blackout period becomes active, indexed and non-indexed jobs
behave in the following ways:

• Indexed based jobs finishes writing their current chunk, then are placed in a waiting state. When the blackout
period is lifted, the job continues from the most successfully written chunk.
• Non-Indexed jobs continues writing and ignores the operation windows blackout period.

Overriding operation windows

There are several methods to override operation windows ‘Do not run’ intervals. An optional setting ‘Allow running
jobs to complete past operation windows’ (off by default) can be enabled to allow indexed-based running jobs to
continue to run. This is a CommCell level setting that will affect all indexed-based running jobs.

For specific client groups, clients, agents or subclients, operation windows can be configured to ignore operation rules
at higher levels. In this case if no rules are defined, and the ignore operation rules at higher levels is enabled, the jobs
will run without interruption.

Page 349 of 559

Education Services Commvault® Professional Course May 2018

Overriding parent level operation windows

Page 350 of 559

Education Services Commvault® Professional Course May 2018

Data Recovery

Page 351 of 559

Education Services Commvault® Professional Course May 2018

Data Recovery Overview

A sound data recovery strategy is essential for unplanned events like a system failure, accidental file deletion, system
crashes, or larger scale disasters. Commvault software provides different recovery methods depending on the
application or file system being protected. This flexibility allows the administrator to pick the optimal recovery method
based on the situation to recover data in an efficient manner.

Recovery methods are divided into two main categories:

• Indexed
• Non-Indexed

Page 352 of 559

Education Services Commvault® Professional Course May 2018

Indexed-Based Recovery Methods

Restore Method Description

Find* Provides the ability to enter search criteria for a file, such as myfile.txt or *.docx, file size, or access
time. This option is useful if you know the specific file(s) that needs to be restored, but do not know the
location, or when you have some information, such as a partial file name.
Browse Provides the ability to browse for all protected data using the folder hierarchal structure (like Windows®
Explorer). This method is useful when multiple files, folders or drives need to be restored.
Restore* Provides the ability to enter a drive, folder path or file path such as ‘F:\users\jdoe’ that is required for
restore. This option is useful when you know the specific location for data required for restore.
Full system restore Provides the ability to restore an entire server in case of a full system crash. This method requires that
all data on the server including ‘system state’ data has been protected. It also requires a base operating
system and Commvault® file system agent to be installed prior to the restore. This method is useful
when the operating system can be reinstalled or if base images are being deployed to servers.
1-Touch restore* Provides the ability to restore an entire server in case of a full system crash. This method uses a boot
image to boot the system with a temporary operating system. It then rebuilds the operating system
through a full system restore. This method is useful when a system needs to be recovered with
minimum administrator effort.

* Not available in the Admin Console

Non-Indexed-Based Recovery Method

Restore Method Description

Restore by Job* Provides the ability to perform a non-indexed restore using one or more streams for one or more jobs.
This method is useful in disaster recovery scenarios when the index directory is not available. An indexed-
based restore would have to restore index files from media before the restore can begin. A non-indexed
restore immediately begins restoring data.

* Not available in the Admin Console

Page 353 of 559

Education Services Commvault® Professional Course May 2018

Using the Find Feature

The Find operation is the preferred method for recovering files. Available at the backup set level, the Find operation
scans the index database (in the case of V2 indexing), or multiple indexes (in the case of V1 indexing) within a
specified range of backup time and searches for a specific filename or pattern (wildcards). You can also limit your
scope of search to a specific folder or folder structure. Matching results are displayed within the specified time range.
You can select to restore any, all, or specific version(s) of the files within the display.

If multiple versions are restored, each version has a sequential number appended to the filename
beginning with 1 for the most recent version of the file.

With email, you can use the Find operation to search message metadata using the ‘From,’ ‘To,’ and ‘Received’ fields of
the message.

Page 354 of 559

Education Services Commvault® Professional Course May 2018

Using the Find operation

Page 355 of 559

Education Services Commvault® Professional Course May 2018

Using Browse
A Browse and Restore operation allows the administrator to browse through the folder structure to select files and
folders to restore. You can select multiple files and folders for recovery operations. If a parent object in the folder
structure is selected, then all objects within the parent folder are automatically selected for restore.

When selecting a file that was modified multiple times during a cycle, the specific version of the file or all versions can
be selected to be recovered.

Image and No-Image Browsing

The following features are used to browse and restore data:

• Image Browsing
• No-Image Browsing

Image Browse
Each time a backup operation is conducted an image file is generated, which represents a view of the folder structure
at the time the backup occurred. By default, when a browse and restore operation is conducted, an ‘image browse’
method is used to present the folder structure as it existed based on the browse date and time. This is done by
displaying the folder structure from the most recent image file prior to the point-in-time being browsed. So, if a
browse is being conducted on Wednesday at 2:00 PM and the most recent backup was run on Tuesday at 10:00 PM,
the image file from the 10:00 PM backup is used. This ‘image browse’ method produces a consistent structure of the
data according to the browse time. This is important since folder structures may change from day-to-day during a
cycle.

When restoring an entire folder structure, it is important that the structure represents a specific point when a backup
was conducted—and not represent data for the entire cycle. This is best explained by using temporary files as an

Page 356 of 559

Education Services Commvault® Professional Course May 2018

example. Temporary files and folders can be generated, deleted and regenerated multiple times during a cycle. Each
time a backup is run, the file folder structure is different based on which files existed at the specific point-in-time.
When a restore operation is run, you would not want every temporary file and folder to be restored, just a particular
point-in-time or day.

Although the ‘image browse’ method is beneficial for restoring file and folder structures to a particular point-in-time, it
may also result in deleted items not showing up when a Browse and Restore operation is conducted. For example, if
on Wednesday at 2:00 PM a browse operation is run using the Tuesday 10:00 PM image file, and a file or folder was
deleted on Tuesday at 2:00 PM, the deleted files will not appear in the browse results. This is because when the 10:00
PM image file was created, the deleted files were not present.

No-Image Browsing
The ‘no-image browse’ is used to retrieve data that may have been deleted at some unknown time. It browses all the
data (including deleted items) for the selected backup set according to the browse time. It is also useful for retrieving
a previous backup version and showing deleted files across cycles.

There are two options to ensure deleted items are displayed during Browse and Restore operations:

1. Select the Show Deleted Items check box - This runs a ‘no-image browse.’ In this case, the image files
are bypassed, and the browse operation returns results from the index directory, which shows all items
backed up from the point the full was run. This method is useful when recovering user data that has been
deleted but may not be a good choice when restoring an entire folder structure, especially if the folder
structure was modified during the cycle.
2. Specify date and time to browse - This runs ‘image browse.’ If you know when the data was deleted,
specify that date and time in the Browse and Restore options. So, if data was deleted at 2:00 PM on Tuesday,
and you specify Tuesday as the browse date, then the most recent image file prior to the point the browse is
being conducted would be Monday at 10:00 PM. Since the data was deleted on Tuesday it would be present in
the image file on Monday night and will show up in the browse results.

Page 357 of 559

Education Services Commvault® Professional Course May 2018

Using the Browse and Restore tool (Admin Conaole)

Using the Browse and Restore Tool (CommCell® Console)

Page 358 of 559

Education Services Commvault® Professional Course May 2018

Basic Recovery Options (Admin Console)

When using the Admin Console, recovering data is accomplished from the client or subclient view. There are several
options available for restoring data depending on the agent type and the operating system.

Key points when restoring data:

• Data can be restored in-place, which is on the same system, in the same location.
• Data can be restored out-of-place, on the same server in an alternate location or on a different server.
• Files can be restored in a remote location by providing a UNC path and the user who has access to the share.
• Data can be overwritten if it already exists in the destination location.
There are three options to locate the data to restore:

• Show latest backup – Self-explanatory.

• Show backup as of specific date – is Point-in-time browse based on a date and time.
• Show backup for a date range – Displays files protected during a specific time range.
Recovering files

Page 359 of 559

Education Services Commvault® Professional Course May 2018

Page 360 of 559

Education Services Commvault® Professional Course May 2018

Page 361 of 559

Education Services Commvault® Professional Course May 2018

Basic Recovery Options (CommCell® Console)

Select data to restore | Click Recover All Selected | General Tab

Basic recovery options for the Windows® file system agent

Page 362 of 559

Education Services Commvault® Professional Course May 2018

Multi-Stream Restore
Use Browse or Find to select objects to restore | Click Recover All Selected | General tab

Commvault® Version 11 Service Pack 6 introduces the ability to uses multiple streams during an index-based restore
such as Browse and Restore or Find. By default, the system traditionally uses one stream, but this number can be
increased by using the ‘Number of streams’ option in the Restore Options General tab. Multi-stream restore is only
supported for data using V2 indexing.

Multi-stream restore for a file-system subclient

Copy Precedence
Click Browse or Find | Choose Advanced Options tab

Each storage policy copy within a storage policy has a copy precedence number assigned to it. By default, the primary
copy has a precedence number of one. The next secondary copy created will have a precedence number increased by
one in the order in which they are created.

When restoring data using Commvault® software, by default, it restores the data from the lowest copy precedence
number where the data is available. For example, data is stored on disks for 30 days and copied on tapes for 90 days.
If you browse for data that is earlier than 30 days, there is no need to specify the disk copy. The system automatically
goes to the disk copy since the primary copy has a precedence number one (1). If you browse for data older than 30
days, the system automatically goes to the tape copy, which has a precedence number two (2).

If it is required to restore data from a higher precedence number (even if the data is available from a lower
precedence copy), you can override the default behavior by specifying a precedence number in the Browse and
Restore or Find operations’ Advanced Options tab.

Page 363 of 559

Education Services Commvault® Professional Course May 2018

Tip: Validate Restores from a Tape Copy

Scenario: You are backing up data to disks and copying the data to a secondary tape copy to send offsite
daily. Your manager is asking you to prove that you can restore data from tapes before sending it to the
offsite location.

Solution: To restore data from tapes and avoid the system automatically restoring from disks, specify the
tape copy precedence number during the restore.

Copy Precedence number selection during a restore

Page 364 of 559

Education Services Commvault® Professional Course May 2018

Copy precedence numbers list for a storage policy

Page 365 of 559

Education Services Commvault® Professional Course May 2018

Additional Recovery Methods

Restore by Job
The Restore by jobs operation is a ‘non-indexed restore’ that uses multiple concurrent streams during the restore
operation. Unlike a traditional Browse and Recovery operation – which requires index files to be available in the index
directory and uses a single stream during the restore operation, the ‘Restore by Jobs’ provides a faster recovery in DR
situations when the production index directory location is not available. Since this operation does not require indexes
and it is a chunk-based restore that allows multiple streams to run simultaneously, restore operations run immediately
and provides a faster restore speed.

There is a negative aspect of the Restore by Jobs operation. The single pass restore method used with indexed-based
recoveries (where only the proper version of an object is restored based on the point of browse) is not used. This
means that in order to bring a machine back to its last state, the last full backup job would need to be recovered first
followed by each subsequent incremental job ending with the most recent.

The Restore by Job option restores an entire job and therefore does not offer any restore
granularity.

Page 366 of 559

Education Services Commvault® Professional Course May 2018

Restore by Job options

Page 367 of 559

Education Services Commvault® Professional Course May 2018

Full System Restore

The Full System Restore or ‘full agent restore’ operation is an indexed-based restore where the entire backup set is
selected when browsing for data. The backup set selection includes the entire contents of the file system backup,
including configuration information such as system state. This is a restore type that can be used in case of a full
system crash.

For this to work, several steps must be accomplished:

1. Build a new machine with similar hardware and same mass storage configuration.
2. Install a working Operating System of the same level as the crashed client (i.e. Windows 2008R2 SP2).
3. Install the client agent on the target system, but configured using the crashed system client name.
4. A full backup of the system including the Windows® system state must be available. The system state backup
should not have critical components filtered. Here are the required critical system state components:
o Registry
o System Protected Files
o Active Directory
o Cluster DB
o Sysvol (For 2000 or 2003 domain controllers level)
o DFSR (Windows 2008 Domain controller level)
5. Browse at the backup set and select the entire backup set.
6. Perform the restore.
7. Reboot.

Full system restore process

Page 368 of 559

Education Services Commvault® Professional Course May 2018

Page 369 of 559

Education Services Commvault® Professional Course May 2018

1-Touch Recovery

1-Touch Recovery Overview

1-Touch Restore provides a bare metal approach to recovering a server. It works using bootable media that can be
used to boot a crashed server without having to install an operating system. When the system is booted, it contacts
the CommCell® environment and initiates a complete recovery of the system. This approach recovers the system on
completely dissimilar hardware and mass storage configuration. Information is required during the recovery process
through interactive screens or as an answer file for an unattended recovery.

1-Touch can achieve multiple tasks during the restore, such as:

• Renaming a machine (cloning)

• Changing its IP address
• Un-joining/joining the system to a domain
1-Touch also integrates with the VSA agent to provide ‘Virtualize Me’ capabilities, which is basically a P2V (physical to
virtual) operation, allowing a recovery of a physical machine as a virtual machine.

Page 370 of 559

Education Services Commvault® Professional Course May 2018

Virtualization Solution

Page 371 of 559

Education Services Commvault® Professional Course May 2018

Virtual Protection Overview

Virtualization has become the standard of data center consolidation whether on premise or in the cloud. As the
number of virtual machines and the physical hosts they run on grows, a comprehensive protection strategy is required
to ensure proper protection. Commvault ® software provides several protection methods for virtual environments on
premise and in the cloud. These methods provide a comprehensive enterprise hybrid protection strategy.

There are four primary methods Commvault® software can use to protect virtual environments:

• Virtual Server Agent (VSA)

• Application Aware backup integrating the VSA and application plugins
• Agents installed within virtual machines
• IntelliSnap® Technology
Which method is best to use depends on the virtual infrastructure, type of virtual machines being protected, and the
data contained within the virtual machines. In most cases using the Virtual Server Agent (VSA) is the preferred
protection method. For specific virtual machines, using ‘application aware’ backups or an agent directly installed within
the VMs is the preferred method. For mission critical virtual machines, large virtual machines or virtual machines with
high I/O processes, the IntelliSnap feature is used to coordinate hypervisor software snapshots with array hardware

Virtual Server Agent (VSA)

The Commvault Virtual Server Agent (VSA) interacts with the hosting hypervisor to provide protection at the virtual
machine level. This means agents do not need to be installed directly on the virtual machines, although installing
restore-only agents provides a simplified method for restoring data back to the VM.

Page 372 of 559

Education Services Commvault® Professional Course May 2018

Depending on the hypervisor application being used and the virtual machine’s operating system, different features and
capabilities are available. The VSA interfaces with the hypervisor’s APIs and provides capabilities inherent to the
application. As hypervisor capabilities improve, the Commvault VSA agent is enhanced to take advantage of new
capabilities.

Agent Based VM Protection

Agent-based protection uses Commvault agents installed directly in the virtual machine. When an agent is installed in
the VM, it will appear in the CommCell® console just like a regular client and the functionality will be exactly the same
as an agent installed on a physical host. The main advantage with this configuration is that all the features available
with Commvault agents can be used to protect data on the VM. For applications, using agents provide complete
application awareness of all data protection operations.

One issue when using agents in virtual machines is when the virtual machine needs to be restored. Since the agent
protects all data at the object level, the machine will need to be restored object by object. Compare this method to
using the VSA backup process which can restore the entire virtual machine at the VM level. When protecting large
databases which are backed up as single objects, agents can be a good solution. When backing up file servers with
large amounts of smaller objects, agents within the virtual machine would not be a good solution.

With Commvault client-side deduplication, data moved over the network is dramatically reduced once the first full
backup is completed. This provides an efficient method of backing up large amounts of data and is recommended to
improve backup performance when using agents inside of VMs. It’s important to note that when using client side
deduplication in a virtual machine, all blocks will be hashed on the client. This processing will be done using the
hosting server’s resources which may negatively impact performance when too many VMs are being backed up
concurrently. Carefully consider on which VMs you want to use agents and schedule backup operations during off-peak
hours when physical hosts have adequate resources to process and protect data.

Commvault database agents provide advanced protection features that would not be available when using VSA.
Separate protection of database and logs can be performed. Options to truncate logs or replay logs to a specific
point-in-time can be used to better manage database protection. Using database agents in virtual machines provides
application consistent database protection and is a preferred protection method.

Page 373 of 559

Education Services Commvault® Professional Course May 2018

Transport Modes
VMware Transport Modes
The VMware® VADP framework provides three transport modes to protect virtual machines:

• SAN transport mode

• HotAdd mode
• NBD and NBD SSL mode
Each of these modes has their advantages and disadvantages. Variables such as physical architecture, source data
location, ESX resources, network resources and VSA proximity to MediaAgents and storage have an effect on
determining which mode is best to use. It is also recommended to consult with Commvault for design guidance when
deploying Commvault® software in a VMware environment.

SAN Transport Mode

SAN Transport Mode is used on a VSA proxy with direct Fibre channel or iSCSI access to snapshot VMs in the source
storage location. This mode provides the advantage of avoiding network movement of VM data and eliminates load on
production ESX servers. Virtual machines are backed up through the VSA and to the MediaAgent. If the VSA is
installed on a proxy server configured as a MediaAgent with direct access to storage, LAN-Free backups can be
performed. For best performance, Commvault recommends that the VSA have a dedicated HBA to access the VMDK
files. If an iSCSI SAN is used, we recommend a dedicated Network Interface Card on the VSA for access to the SAN.

Page 374 of 559

Education Services Commvault® Professional Course May 2018

VSA backup process using SAN transport mode

HotAdd Mode
HotAdd mode uses a virtual VSA in the VMware environment. This requires all data to be processed and moved
through the VSA proxy on the ESX server. HotAdd mode has the advantage of not requiring a physical VSA proxy and
does not require direct SAN access to storage. It works by ‘hot adding’ virtual disks to the VSA proxy and backing up
the disks and configuration files to protected storage.

A common method of using HotAdd mode is to use Commvault deduplication with client-side deduplication, DASH Full
and incremental forever protection strategy. Using Change Block Tracking (CBT), only changed blocks within the
virtual disk have signatures generated and only unique block data are protected.

This mode is also useful when there is no physical connectivity between the physical VSA proxy and the Datastore
storage preventing the use of SAN transport mode. Some examples of such scenarios are when using NFS Datastores
or using ESX hosts local disk storage to host Datastores.

Page 375 of 559

Education Services Commvault® Professional Course May 2018

VSA backup process using HotAdd transport mode

NBD Mode
NBD mode uses a VSA proxy installed on a physical host. The VSA connects to VMware and snapshots will be moved
from the ESX server over the network to the VSA proxy. This method requires adequate network resources. NBD mode
is the simplest method to protect virtual machines.

VSA backup process using NBD transport mode

Page 376 of 559

Education Services Commvault® Professional Course May 2018

Hyper-V Transport Modes

Commvault® software uses VSA proxies to facilitate the movement of virtual machine data during Hyper-V backup
operations. The VSA proxies are identified in the instance properties. For Microsoft Hyper-V, the VSA is installed on
each hypervisor host. VMs can be protected from each host or a VSA proxy can be designated to protect VMs. The
proxy must have access to all clustered shared volumes where VMs reside.

Hyper-V Transport Mode

Page 377 of 559

Education Services Commvault® Professional Course May 2018

Configuring the Virtualization Solution

Page 378 of 559

Education Services Commvault® Professional Course May 2018

Adding Virtualization Solution

The Admin Console for VSA provides a simplified management interface for administrators to conduct day-to-day
operations to configure, protect and recover virtual machines.

Use the Admin Console's Virtualization dashboard to check the status of applications, such as VMware® or Hyper-V®.
This view shows information specifically tailored for Virtualization jobs. From here you can check the number of
Hypervisors in your environment and the number of VMs protected. The virtualization dashboard also includes backup
job summaries with details such as how many jobs were completed, failed or killed. The dashboard also provides a
status of SLAs, and lets you monitor your Storage Utilization.

SP 11 Supports Virtual Machines:

• Amazon
• Google Cloud Platform
• Microsoft Azure
• Microsoft Azure Stack
• Microsoft Hyper-V
• Nutanix AHV
• VMWare (vCenter or ESX server)
• OpenStack
• Oracle Cloud
• Oracle VM

Page 379 of 559

Education Services Commvault® Professional Course May 2018

Key Features for Virtualization:

• Protect virtual machines in supported virtualization infrastructure.

• Quickly configure servers, storage, and collections of virtual machines to back up.
• Back up collections of virtual machines immediately or by a schedule.
• Restore full virtual machines, disks, and guest files with granular backup and recovery options.
• Monitor jobs, events, and alerts.
Virtualization Admin Console prerequisites:

• The VSA agent must be configured in the CommCell® environment.

• The Admin Console software must be installed in the Commvault environment.
Once installed, you can connect to the Admin Console using the following URL: http://webhost/adminconsole/login

Virtualization Admin Console Configuration

Once the core setup is complete, the virtualization solution can be configured. Hypervisors and subclients can be
configured prior to the Admin Console configuration, or configured directly from the Admin Console.

During configuration, a backup plan must be created. The plan dictates when VMs are backed up and where the data
is stored. Additional backup plans can later be defined.

Virtualization solution setup and configuration

Page 380 of 559

Education Services Commvault® Professional Course May 2018

Page 381 of 559

Education Services Commvault® Professional Course May 2018

Page 382 of 559

Education Services Commvault® Professional Course May 2018

Page 383 of 559

Education Services Commvault® Professional Course May 2018

VSA Filters
Virtual Machine Swap File Filtering
When backing up VMware® or Hyper-V virtual machines, by default, the VSA filters the Windows page file or Linux
swap file. To achieve this, the system maps the virtual machine disk blocks from which the page file or swap file is
made of. These blocks are skipped during the backups, significantly reducing the storage footprint and the backup
time.

It is possible to disable the skipping of page and swap files by creating the bSkipPageFileExtent additional setting
on the VSA proxy and by setting its value to 0 (zero).

Page 384 of 559

Education Services Commvault® Professional Course May 2018

Swap or Page file filtering during VSA backups

Virtual Machine Filtering

Virtual machines can be filtered by browsing for VMs or adding specific criteria for VM filtering. This can be useful
when content is being defined at a parent level but specific virtual machines are to be excluded from backup. For
instance, if the subclient is configured to auto-discover and protect all VMs within a specific Datastore, but there are
few virtual machines that do not require protection, they can be added as filters. Virtual machines can be defined as
filters at the subclient or at the backup set level.

If your subclients content is defined using auto-discovery rules, it is recommended to define VM

filters at the backup set level to ensure that none of the subclients back up the VM.

Virtual Disk Filtering

For some hypervisors, such as VMware and Hyper-V, disk level filtering can also be applied. This provides the ability to
filter disks based on host, Datastore, VMDK, VHD or VHDX name pattern or hard disk number. This can be useful
when certain disks do not require protection or if Commvault agents installed within the VM are used to protect data.

Example: A database server requires protection. For shorter recovery points and more granular backup and recovery
functionality, a database agent can be used to protect application database and log files. For system drives, the virtual
server agent can be used for quick backup and recovery. Disks containing the database and logs should be filtered
from the VSA subclient. The VSA will protect system drives and the application database agent will be used to protect
database daily and log files every 15 minutes. This solution provides shorter recovery points by conducting frequent
log backups, application aware backup and restores, and protects system drives using the virtual server agent.

Page 385 of 559

Education Services Commvault® Professional Course May 2018

Subclient Filters (Admin Console)

Subclient filters can be used to filter virtual machines or virtual machine disks for both Hyper-V and VMware. This
provides the necessary granularity when using auto-discovery rules. For instance, a subclient can be defined to
discover all VMs in a cluster, for which VMs not requiring protection can be filtered out.

Subclient VM and disk filters configuration

Page 386 of 559

Education Services Commvault® Professional Course May 2018

Page 387 of 559

Education Services Commvault® Professional Course May 2018

Page 388 of 559

Education Services Commvault® Professional Course May 2018

Subclient and Backup Set Filters (CommCell® Console)

Right-click the desired subclient | Click Properties | Filters tab

Subclient or backup set filters can be used to filter virtual machines or virtual machine disks for both Hyper-V and
VMware. If auto-discovery rules are used to define content, it is recommended to apply filters at the backup set level
to ensure that no subclients protect the VM.

The option to filter an entire datastore is available in the disk filters option. This means that VM disks stored in the
selected Datastore are filtered out from backups.

Page 389 of 559

Education Services Commvault® Professional Course May 2018

Subclient VM and disk filters configuration

Backup set VM and disk filters configuration

Page 390 of 559

Education Services Commvault® Professional Course May 2018

VSA AppAware Backup

Configuring Application Protection Methods

Right-click the desired subclient | Click Properties | Backup Options tab

Application aware VSA backups inserts an ‘application plugin’ into the VM during a VSA backup and IntelliSnap®
feature. When a VM backup runs, the plugin quiesces the application using a VSS snapshot. The VSA coordinator then
communicates with the hypervisor to conduct a VM snapshot. If IntelliSnap is used, a hardware snapshot is taken on
the Datastore and then the software snapshot and VSS snap is released.

VSA Application Aware backup support as of SP11:

Oracle Oracle
Microsoft Microsoft Microsoft SQL
Hypervisor database for database for
Exchange SharePoint Server
Windows Linux

Amazon
(streaming)

Microsoft Hyper-
V (streaming)

Microsoft Hyper-
V (IntelliSnap

Page 391 of 559

Education Services Commvault® Professional Course May 2018

with non-
persistent snap
engines)

OpenStack (only with (only with

(streaming) Windows proxy) Linux proxy)

Oracle VM (only with (only with

(streaming) Windows proxy) Linux proxy)

Red Hat (only with (only with

Virtualization Windows proxy) Linux proxy)
(streaming)

VMware (only with (only with

(streaming) Windows proxy) Linux proxy)

VMware (only with (only with

(IntelliSnap) Windows proxy) Linux proxy)

To enable application aware VSA backups, a user account with administrative privileges for the application must be
used. This account can be entered at the instance or subclient level. When the VSA backup runs, the system detects if
any supported agents are installed in the VM and automatically installs the application plugin. After the backup
completes, the plugin remains in the VM for subsequent backup operations. Application data recovery is conducted
using the agent in the CommCell® console, providing full agent level recovery options.

Application Aware Backup additional prerequisites:

• MediaAgent software must be installed on the VSA proxy

• A snap copy must be created in the storage policy receiving the backup
When the first backup is initiated, a ‘VSAAppAwareBackupWorkflow’ is initiated. The workflow executes required tasks
to properly protect the application.

VSAAppAwareBackupWorkflow high level phases:

1. It validates that the MediaAgent software is installed on the VSA proxy server
2. It validates that the Snap Copy is created for the storage policy
3. It discovers if a supported application is installed in the VM
4. It pushes the application plugin
5. It protects the application

Page 392 of 559

Education Services Commvault® Professional Course May 2018

Application Aware backup configuration

VSSAppAwareBackupWorkflow initial execution

Page 393 of 559

Education Services Commvault® Professional Course May 2018

SQL Transaction Log Backup Support

In Version 11 SP5, the VSA application aware backups for SQL server has been enhanced to include a new automatic
schedule for transaction log backups.

This provides the following advantages:

• Allows point-in-time restores of SQL databases, also known as log replays.

• Since the automatic schedule uses a free space threshold, it ensures that the volume containing the SQL logs
does not fill up between VSA backups.

The schedule default setting can be modified as desired.

Page 394 of 559

Education Services Commvault® Professional Course May 2018

Admin Console – VSA Tasks

Subclient Job History View
From the VM Groups view | On the desired group line | Click … | jobs

The job history of a subclient can easily be displayed in the Admin Console.

Page 395 of 559

Education Services Commvault® Professional Course May 2018

Job History of a VSA subclient

Page 396 of 559

Education Services Commvault® Professional Course May 2018

Manual Virtual Machines Backup

There are two places from which manual VM backups can be initiated in the Admin Console. It is important to
understand the difference between the two as it may launch a backup for more VMs than required.

Methods to launch a manual VM backup:

• From the VM Group view – This initiates a backup for all the VMs defined in the VM Group/subclient.
• From the virtual machine – This initiates a backup only for the selected virtual machine.

VM Group Manual Backup

A manual backup can be initiated for a VSA subclient, also called VM group. This protects all the virtual machines
defined in the subclient. Use this method to re-conduct a backup job that has failed but is not suited for an on-
demand protection of a single VM.

Running a subclient manual backup

Page 397 of 559

Education Services Commvault® Professional Course May 2018

Single Virtual Machine Manual Backup

A single virtual machine can be backed up manually using the Admin Console. Running this manual backup does not
affect any configured subclient.

Points to consider when running a VM manual backup:

• Virtual machines must be backed up at least once before you can request a backup on demand.
• An on-demand VM backup is always an incremental backup.
• If a VM is included in multiple subclients, an on-demand backup is run for the subclient that performed the
latest backup of the VM.

Running a single virtual machine backup

Page 398 of 559

Education Services Commvault® Professional Course May 2018

Virtual Machine Restore

All VMs, VM disks and VM files can be restored from the Admin Console. The available options are similar to restore
options located in the CommCell® console.

Restore Full Virtual Machine

Restoring a Full Virtual Machine

Page 399 of 559

Education Services Commvault® Professional Course May 2018

Page 400 of 559

Education Services Commvault® Professional Course May 2018

Page 401 of 559

Education Services Commvault® Professional Course May 2018

Restore Guest Files

The Virtual Server Agent for some hypervisors, such as Microsoft Hyper-V and VMware, supports agentless restores of
files and folders into a virtual machine, without requiring the installation of the File System Agent on the destination
VM. Using this feature simplifies deployment and reduces the impact of backup and restore operations for virtual
machines.

Setup Requirements for Hyper-V:

• The Hyper-V host must be running on a Windows 2012 R2 server operating system
• For Windows, the destination VM must be running on Windows 2008 R2 with Service Pack 1 or later
• The destination VM must be powered on
• Ensure the latest integration services are running on the destination VM
• Enable Guest file services on the destination VM. If not enabled, the restore operation enables the services
Setup Requirements for VMware:

• For Windows, the virtual machine must have the NTFS file system
• Requires ESX 5.x, 6.0, 6.5
• The virtual machine must be powered on
• The latest release of VMware Tools must be installed and running
• You can use open-vm-tools on guest VMs running supported Linux releases; open-vm-tools must be installed
and running
• The user account that is used to browse the destination VM must have write permissions for the VM

Whether the traditional file recovery or the Live File Recovery is used, the restore screens are the same. Only the
mechanics under the hood differs to achieve the restore.

Page 402 of 559

Education Services Commvault® Professional Course May 2018

Restoring guest files

Page 403 of 559

Education Services Commvault® Professional Course May 2018

Page 404 of 559

Education Services Commvault® Professional Course May 2018

Page 405 of 559

Education Services Commvault® Professional Course May 2018

Page 406 of 559

Education Services Commvault® Professional Course May 2018

Traditional File Recovery vs. Block-Level Browse

Collect File Details vs. Live File Recovery

In version 11, there are two available methods to recover files within a virtual machine that was protected using VSA
backups: the traditional file recovery or the Live File Recovery, also referred to as the block-level browse or Live
Browse.

There are differences between the two methods:

• File Recovery – indexes every virtual machine during the backup, which increases backup time but provides
quicker browse and restore.
• Live File Recovery – doesn't require indexing during backup, which improves backup performance, but
slows browse operations since the virtual machine must be mounted from the disk library.

For file servers where browse and recovery operations are frequent, consider using traditional
recovery mode, and for all other virtual machines use the default Live File Recovery.

Page 407 of 559

Education Services Commvault® Professional Course May 2018

Enable Granular Recovery Option

The ‘Collect File Details’ option dictates which method is used. If it is checked, it uses traditional file recovery. When
unchecked, it uses Live File Recovery. The benefit of collecting file details is to conduct faster browse operations since
the indexes already exist. However, generating indexes on hundreds of VMs at backup time will have a negative
impact on performance.

For Linux virtual machines, the traditional file recovery only supports EXT2 and EXT3 file systems. If the VM is using
EXT4, JFS, XFS or any other advanced file systems, in such cases the block-level browse is the recommended method.

Page 408 of 559

Education Services Commvault® Professional Course May 2018

Configuring the Collect File Details option (Admin Console)

Page 409 of 559

Education Services Commvault® Professional Course May 2018

Configuring the Collect File Details option (CommCell® Console)

Page 410 of 559

Education Services Commvault® Professional Course May 2018

VSA Backup Options

Page 411 of 559

Education Services Commvault® Professional Course May 2018

Backup Failed VMs Option

From the incremental backup job or scheduled job | Click Advanced | Data tab

The option to backup failed VMs only can be used to create special schedules or run special backup jobs to protect
VMs that were skipped during regular VSA backups. Let’s take a subclient that has 100 VMs defined, for which the last
backup job failed two VMs. Running another backup job for the subclient would back up the entirety of the 100 VMs.
With the ‘Backup Failed VMs Only’ option enabled, the system looks for failed VMs in the previous subclient backup job
and only protects these machines.

Page 412 of 559

Education Services Commvault® Professional Course May 2018

Backup Failed VMs Only Option

Page 413 of 559

Education Services Commvault® Professional Course May 2018

VSA Recovery Options

Page 414 of 559

Education Services Commvault® Professional Course May 2018

VSA Basic Recovery Options (CommCell® Console)

Full Virtual Machine

Right-click the desired subclient or backup set | Click All Tasks | Browse and Restore | Virtual Server tab

When restoring a full virtual machine, you can restore data to the same destination host and place all disks back to
their original Datastores; this is an in-place restore. Virtual machines can also be restored to a different location than
where they existed at the time of backup; this is an out-of-place restore. For some hypervisors, such as VMware and
Hyper-V, multiple VMs can be selected for restoration.

The following options can be used for an out-of-place restore:

• Different vCenter – An entire virtual machine can be restored to a different vCenter. This feature provides
the flexibility to distribute restored virtual machines to a location with greater space and resource availability.
This is useful when the virtual machine's original location does not provide optimal space and resources.
• Different ESX server – By default, a virtual machine is restored to the ESX server where it was at the time
of backup, but you can choose to restore to a different ESX server. Specifying a different location provides the
flexibility to distribute restored virtual machines to a location with greater space and resource availability.
• Different Datastore – You can specify a different Datastore on the destination host. After the restore, the
virtual machine is automatically associated to the new Datastore.
• Different Resource Pool or vApp – By default, a virtual machine is restored to its original resource pool,
but you can select a specific resource pool or vApp on the host. vApp is a customized form of a resource pool.
• Different VM name – By default, a virtual machine is restored with the original name used at the time of
backup, but you can change the name when the VM is restored. It can be seen as a VM clone operation.
• Restore to a VM folder – Select a destination folder on the datacenter.

Page 415 of 559

Education Services Commvault® Professional Course May 2018

• Restore with different network adapter – Select a network adapter that is available for the destination.

Full virtual machine restoration

Page 416 of 559

Education Services Commvault® Professional Course May 2018

Page 417 of 559

Education Services Commvault® Professional Course May 2018

Page 418 of 559

Education Services Commvault® Professional Course May 2018

Virtual Machine File Recovery

Right-click the desired subclient or backup set | Click All Tasks | Browse and Restore | Virtual Server tab

It is possible to restore the virtual machine files, such as vmdk, vmx, and any other VM configuration files, as flat files.
A VM Files recovery operation does register the VM to any vCenter server. It is useful in cases where files can be
restored in a location to be imported in another virtualization software such VMware Player.

During the restoration, disks can also be converted to another supported hypervisor format, such as VMware vmdk to
Hyper-V vhdx.

Virtual Machine File Recovery

Page 419 of 559

Education Services Commvault® Professional Course May 2018

Page 420 of 559

Education Services Commvault® Professional Course May 2018

Attach Disk to Existing VM

Right-click the desired subclient or backup set | Click All Tasks | Browse and Restore | Virtual Server tab

A virtual machine disk is restored and attached to an existing virtual machine. The disk is restored, and the VSA
communicates with the vCenter server to reconfigure an existing VM to which the disk is then attached. It is useful
when a larger virtual machine with many disks crashes. If one of the disks is critical, it is quickly restored and attached
to another VM.

Attach Disk to Existing VM recovery screens

Page 421 of 559

Education Services Commvault® Professional Course May 2018

Page 422 of 559

Education Services Commvault® Professional Course May 2018

Guest Files and Folders Recovery

Right-click the desired subclient or backup set | Click All Tasks | Browse and Restore | Virtual Server tab

The Virtual Server Agent for some hypervisors, such as Microsoft Hyper-V and VMware, supports agentless restores of
files and folders into a virtual machine, without requiring the installation of the File System Agent on the destination
VM. Using this feature simplifies deployment and reduces the impact of backup and restore operations for virtual
machines.

Setup Requirements for Hyper-V:

• The Hyper-V host must be running on a Windows 2012 R2 server operating system
• For Windows, the destination VM must be running on Windows 2008 R2 with Service Pack 1 or later
• The destination VM must be powered on
• Ensure the latest integration services are running on the destination VM
• Enable Guest file services on the destination VM. If not enabled, the restore operation enables the services
Setup Requirements for VMware:

• For Windows, the virtual machine must have the NTFS file system
• Requires ESX 5.x, 6.0, 6.5
• The virtual machine must be powered on
• The latest release of VMware Tools must be installed and running
• You can use open-vm-tools on guest VMs running supported Linux releases; open-vm-tools must be installed
and running
• The user account that is used to browse the destination VM must have write permissions for the VM

Whether the traditional file recovery or the Live File Recovery is used, the restore screens are the same. Only the
mechanics under the hood differs to achieve the restore.

Page 423 of 559

Education Services Commvault® Professional Course May 2018

Guest Files and Folders recovery screens

Page 424 of 559

Education Services Commvault® Professional Course May 2018

Page 425 of 559

Education Services Commvault® Professional Course May 2018

VM Conversion
Right-click the desired subclient or backup set | Click All Tasks | Browse and Restore | Virtual Server tab

For some hypervisor, it is possible to convert the VM to another hypervisor format. During the restore, simply select
the target supported hypervisor. This useful feature can be used as a migration tool, or to provide recovery capability
between two datacenters using different hypervisors.

VM Conversion during recovery

Page 426 of 559

Education Services Commvault® Professional Course May 2018

Application Aware Recovery

The application aware recovery of application data is initiated from the VSA since no application agents are installed in
VMs.

Exchange Application Aware Recovery

From VSA Application aware backups, Exchange databases can restore in-place or out-of-place.

VSA Application Aware Exchange database recovery

Page 427 of 559

Education Services Commvault® Professional Course May 2018

Page 428 of 559

Education Services Commvault® Professional Course May 2018

SQL Application Aware Recovery

From VSA Application aware backups, SQL databases can be restored in-place or out-of-place. It can also be
recovered to a specific point-in-time, using log replays.

VSA Application Aware SQL database recovery

Page 429 of 559

Education Services Commvault® Professional Course May 2018

Page 430 of 559

Education Services Commvault® Professional Course May 2018

Data Security

Page 431 of 559

Education Services Commvault® Professional Course May 2018

Ransomware Prevention

Page 432 of 559

Education Services Commvault® Professional Course May 2018

Ransomware
Millions of computers have been infected with ransomware type malware, such as WannaCry, CryptoLocker, CBT-
Locker, Tesla Crypt, and more. Ransomware malware takes a user system hostage by encrypting popular file types,
such as Office Files, image and video files that are present on the computer. The criminal organization behind the
malware then asks the user for money to receive the key that allows decrypting the data, thus the name,
ransomware.

This type of virus spreads itself very quickly when it can infiltrate a company network; making it hard to limit the
damages when systems are not properly monitored. Therefore, a system administrator must find ways to be alerted as
soon as possible to react to an infection. To help detect such attacks, Commvault ® software provides various tools to
combat ransomware.

Page 433 of 559

Education Services Commvault® Professional Course May 2018

Ransomware spreading on an organization network

Page 434 of 559

Education Services Commvault® Professional Course May 2018

Ransomware Protection Strategy

Implementing the best protection possible against malware attacks must be planned properly. Simply having a good
anti-virus does not sufficiently counter modern infection systems. The strategy must prevent and detect attacks, react
once potential threats are detected and ultimately, recover infected data.

Recommended ransomware protection strategy

Prevention and Detection

The first line of defense against an attack is prevention and detection. Prevention methods minimize the risks of an
attack being triggered. Unfortunately, malware could still be executed even with the best prevention possible. Having
reliable detection systems enables an administrator to quickly stop infections and avoid attacking additional systems
and data. By implementing a sound strategy, less data will be recovered on infected systems.

Prevention
Prevention is a critical part of a sound protection strategy. It must combine human intervention and software systems.

Recommended prevention methods:

• Users and administrators training

• Antivirus and anti-spyware systems
• Firewall
• Applying updates
• Offsite/offline backups
• Commvault® software storage lockdown
• CommServe® server DR Backups to cloud
• Strengthening the CommServe® Server security

Page 435 of 559

Education Services Commvault® Professional Course May 2018

Commvault® Ransomware Driver

To protect disk-based storage, enable the Commvault® Ransomware driver from the MediaAgents Advanced options.
Once enabled, it restricts the access to the storage that is presented to the MediaAgent as disk library mount paths to
Commvault processes only, ensuring that no other process such as malware modifies disk library files.

Enabling ransomware protection on a MediaAgent disk storage

Page 436 of 559

Education Services Commvault® Professional Course May 2018

Detection
Commvault® software includes built-in coded mechanisms that can be enabled to monitor clients and detect potential
ransomware attacks. Once an attack is detected, an event is triggered in the Event Viewer, and an alert notification
can optionally be configured to notify administrators to react as quickly as possible.

A workflow could be created to be used by the alert to take the infected system offline, to stop the spread.

The mechanisms offered to monitor the client are as follows:

• Using ‘honey pot’ files

• File activity anomaly detection

‘Honey Pot’ Monitoring

This colorful name explains exactly how this method works. When enabled, Commvault ® software creates .xls files
that will act as decoys. These files are monitored and when a malware encrypts and modifies it, it triggers the event in
the CommCell® and can trigger an alert to notify users. The frequency in minutes for the ransomware check is defined
by the administrator.

This monitoring method is enabled via an additional setting that is pushed to client systems. The setting can be
applied to a client, or a client computer group in the CommCell Console. The check frequency value is set in minutes.

Enabling the ‘honey pot’ monitoring for a client or client computer group

Page 437 of 559

Education Services Commvault® Professional Course May 2018

Page 438 of 559

Education Services Commvault® Professional Course May 2018

File Activity Anomaly Detection

The second method that can be used to monitor for ransomware attacks is using file handling pattern. Once enabled,
the client server is monitored for seven days, during which information is collected on file access, creation,
modification, and rename. After the seven days’ worth of information is collected, Commvault ® software monitors for
atypical file operations. For instance, an exceptionally large number of files being renamed will trigger the alert. The
ransomware check is executed every five minutes.

Optionally, a report named File Activity Anomaly Report can be viewed from the Reports section of the Admin Console.

Page 439 of 559

Education Services Commvault® Professional Course May 2018

File Activity Anomaly Report sample

Enabling File Activity Anomaly Detection

Page 440 of 559

Education Services Commvault® Professional Course May 2018

Page 441 of 559

Education Services Commvault® Professional Course May 2018

User and Security Management

Page 442 of 559

Education Services Commvault® Professional Course May 2018

User and Group Security

Commvault® software has a security management capability in Version 11 that transcends limitations of traditional
user and group security models. This functionality separates the permissions required to perform CommCell ® actions
from the user or group through the implementation of roles. Roles allow users or user groups to have different
security settings for various CommCell® entities.

In Version 11, Commvault security is configured using two methods:

• Role-based Security – used for administrators who need permissions on multiple entities. To use role-based
security, you must create a security association between users or user groups, a role, and entities.
• Owner Security – used for end-users who need permissions on very few client entities. For example, a user
needs permission to restore files to a laptop.

Security has evolved significantly in Commvault® software. The following sections describe the
differences in security management between Version 10 and Version 11.

V10 Security
In CommCell® V10, security works by assigning local users and domain user groups to CommCell user groups. These
CommCell groups are then associated with entities in the CommCell® browser to grant access to specific areas within
the CommCell® console.

Page 443 of 559

Education Services Commvault® Professional Course May 2018

Each CommCell® user has their own login with a full or restricted set of capabilities to view entities and/or perform
tasks.

• CommCell Users – defined internally within the CommCell® software or enabled externally through
Microsoft’s Active Directory or IBM’s Domino Directory Server. The ability of a user to view entities and
perform tasks within a CommCell group collectively is managed exclusively via membership to a CommCell
User Group.
• CommCell User Group(s) – associated with CommCell entities (e.g., clients, libraries, storage policies)
allowing the member users to perform authorized tasks on those entities only.
A CommCell user is a member of any number of CommCell User Groups. The user’s ability to
perform tasks on a CommCell entity is determined by the combined capabilities of the CommCell User Groups
that are associated with that entity.

A list of tasks and required capabilities are found in the Commvault Online Documentation.

• External Users/Groups – Microsoft’s Active Directory or IBM’s Domino Directory Service can be associated
with CommCell User Groups. Associated external group members login to the CommCell ® console using their
external credentials. Single Sign-on can be enabled to allow external users, who are already logged into the
domain, access to the CommCell console without re-entering their password.

V10 security overview

Page 444 of 559

Education Services Commvault® Professional Course May 2018

Role Based Security

Role-based security in Commvault® Version 11 uses roles to grant access to CommCell® resources and tasks, such as
performing backup, restore, and administrative operations on entities. It’s a granular mechanism that clearly defines
what resources are displayed to a user and the available tasks provided to him or her. For instance, role-based
security can be implemented to display only SQL servers to database administrators and only the backup and restore
tasks that are assigned to them.

To use role-based security, you must create a ‘security association’ between users or user groups, a role, and entities:

• User(s) – defined by using a CommCell user, an external domain user, a CommCell user group, or an
external domain user group.
• Role – A collection of permissions that defines the level of access granted to a user or a user group.
• Entity – A CommCell® resource, such as a client computer, client computer group, library, storage policy,
schedule policy, MediaAgent, etc.
For instance, the separation of user/user group (who), role (permissions), and entity (what) allows a user or
user group to have different permissions depending on what their role is for a specific entity.

Example: A user requires backup and recovery permissions for a file server. The same user requires restore only
permissions for a mail server. The user is associated with the file server entity and assigned the backup and recovery
role. The same user is assigned to the mail server entity with the recovery role.

Page 445 of 559

Education Services Commvault® Professional Course May 2018

V11 role-based security overview

Upgrading Roles from Previous Versions

Prior to Commvault® Version 11, all permissions (formerly called capabilities) were associated with a CommCell ® user
group. When upgrading Commvault software, a role is created for each user group and permissions are assigned to
the role which is based on the capabilities of the old user group. For each user group, a role that is automatically
created is prefixed with <SystemCreatedRole>_Role. These roles are automatically assigned to entities along with the
user groups.

Page 446 of 559

Education Services Commvault® Professional Course May 2018

Security roles inherited from previous versions

Manage Users
Two sets of users can be used to define security associations in Commvault ® software; CommCell® users and external
domain users. You can create CommCell and external domain users and control the features they have access to by
making security associations between the user(s), a role, and entities. CommCell and domain users can also be
combined in the same security association. Once CommCell users are created and external users are added, they both
are available in the CommCell® console.

To use domain accounts, a connection to the directory services must be configured prior to
configuring the security association.

Create a CommCell® User (Admin Console)

CommCell® users are created to grant access to the CommCell console and CommCell resources. During initial
installation, a built-in administrative account, called ‘Admin,’ is created. This account has all privileges to all CommCell
resources.

During the creation of a user, the password can be generated by the system. The user receives an email prompting
him to connect for the first time with the generated password. At this point, the system prompts the user to change it.

Page 447 of 559

Education Services Commvault® Professional Course May 2018

Tip: CommCell users for DR purposes

Commvault recommends that you create at least another account with all permissions. This can be used by
the main backup administrator to ensure that in case of a disaster (e.g., directory services are unavailable),
the administrator can still use his or her account to execute restores.

Creating a CommCell® user account

Page 448 of 559

Education Services Commvault® Professional Course May 2018

Create a CommCell® User (CommCell® Console)

CommCell® users are created to grant access to the CommCell console and CommCell resources. During initial
installation, a built-in administrative account, called ‘Admin,’ is created. This account has all privileges to all CommCell
resources.

Tip: CommCell users for DR purposes

Commvault recommends that you create at least another account with all permissions. This can be used by
the main backup administrator to ensure that in case of a disaster (e.g., directory services are unavailable),
the administrator can still use his or her account to execute restores.

Page 449 of 559

Education Services Commvault® Professional Course May 2018

Creating a CommCell® user

Expand the Security entity | Right-click CommCell Users | New User

Add an External Domain

External domain users are used to define security associations in Commvault® software. This allows a user to use his
or her regular domain account, thus preventing the need to remember an additional login and password. Single Sign-
On can be used to automatically populate the username and password field on the Admin Console or CommCell®
console login screen.

To use external domain users, a connection to the directory services must first be created in the CommCell console.
More than one domain connection can be added if users from multiple domains are required to login to Commvault
software.

The following directory services are supported as of Service Pack 11:

• Microsoft® Active Directory

• IBM® Domino Directory Services
• JumpCloud® Directory
• Apple® Open Directory
• RADIUS Servers
• Oracle Directory Services

Page 450 of 559

Education Services Commvault® Professional Course May 2018

For JumpCloud directory and Apple Open Directory, an additional setting must first be configured
to allow the creation of connections.

Active Directory domain connection configuration (Admin Console)

Page 451 of 559

Education Services Commvault® Professional Course May 2018

Active Directory domain connection configuration (CommCell® Console)

Right-click Domains And Organizations | Add new domain | Active Directory

Page 452 of 559

Education Services Commvault® Professional Course May 2018

Roles
A role is a consolidated set of permissions that is used when creating a security association. A role can be part of as
many security associations as needed to make managing permissions much easier, but each security association can
only have one role. A wide variety of associations are available to define user tasks, such as: ‘in-place recovery,’ ‘out-
of-place recovery,’ ‘tape media operation,’ ‘scheduling,’ VM operations,’ and ‘Content Search.’

Example: If User01 requires backup and restore permissions on server A and User02 requires backup and restore
permissions on server B, you can create a single role called ‘Backup and Restore’ with the appropriate permissions set.
This role can then be used on two different security associations, one for User01 and one for User02.

For a complete list of permissions, refer to Commvault ® Online Documentation.

Create a Role
During the role creation process, you can create a security association with it. All of the users and user groups that are
a part of the security association inherit the permissions in the role.

Creating a role (Admin Console)

Page 453 of 559

Education Services Commvault® Professional Course May 2018

Creating a role (CommCell® Console)

Expand Security | Right-click Role | New Role

Security Associations
To use role-based security you must create a security association between users or user groups, a role, and
CommCell® entities. The entity defines the object or group of objects on which the defined user or users can execute
tasks defined by the role. For instance, if a user needs to achieve tasks on a server, create the security association on
the desired client computer entity. If the user needs to execute tasks on several servers, a client computer group can
be leveraged on which the security association can be defined.

Page 454 of 559

Education Services Commvault® Professional Course May 2018

Security association overview

Create a Security Association

You can associate entities and roles to CommCell users and user groups. This controls the operations that the user or
user groups can perform on the entity.

Creating a security association (Admin Console)

Page 455 of 559

Education Services Commvault® Professional Course May 2018

Page 456 of 559

Education Services Commvault® Professional Course May 2018

Creating a security association using (CommCell® Console)

Page 457 of 559

Education Services Commvault® Professional Course May 2018

Cascading Security Associations

When creating a security association on a parent CommCell® entity, it cascades down to all child objects. Cascaded
security associations appear as greyed out in the Security tab of a child object.

Viewing security associations (Admin Console)

Page 458 of 559

Education Services Commvault® Professional Course May 2018

Viewing security associations (CommCell® Console)

Page 459 of 559

Education Services Commvault® Professional Course May 2018

Encryption

Page 460 of 559

Education Services Commvault® Professional Course May 2018

Encryption Overview
Both software and hardware encryption keys are scrambled using a proprietary algorithm and maintained in the
CommServe® database. Encryption keys can optionally be written to storage media. In the event of the loss of the
CommServe database, encrypted data may be recovered using tools provided by Commvault ® Support. Encryption
keys are destroyed when the job is aged and deleted from the CommServe database. This provides complete end-to-
end encryption key management.

Third Party Key Management

Commvault® software also supports third party key management.

Currently, Commvault supports Safenet and Vormetric third party systems.

Data is encrypted using Commvault® encryption keys, which are stored in the CommServe® database. These keys are
encrypted using a third-party master key. The third-party system and the keys are required for any restore operations.

Page 461 of 559

Education Services Commvault® Professional Course May 2018

Conceptual overview of Commvault encryption options

Page 462 of 559

Education Services Commvault® Professional Course May 2018

Inline Encryption
There are several advantages for software encryption:

• Data can be encrypted on the client during initial data protection providing complete end-to-end security.
• Different encryption ciphers are used based on security requirements.
• In certain cases, software encryption can provide a performance benefit by distributing the load of data
encryption to multiple systems as opposed to hardware encryption, where all data encryption is handled on
the tape drive.
• Data can selectively be encrypted using inline encryption by configuring encryption settings at the subclient
level. This can further improve performance by only encrypting data that requires encryption.
• Restore operations always decrypt data at the destination location.

Page 463 of 559

Education Services Commvault® Professional Course May 2018

Commvault software supports the following encryption algorithms

Cipher Key Length

3-DES 192

Triple Data Encryption algorithm symmetric-key block cipher. Applies cipher algorithm three times to
each block.

AES (Rijndael) 128 or 256

Advanced Encryption Standard (AES) is a symmetric block cipher which encrypts data in 128-bit blocks
and uses a key length from 128 to 256 bits.

Blowfish 128 or 256

Symmetric cipher, which divides data into 64 bits and encrypts the blocks individually. This algorithm is
available in the public domain and is fast and it is claimed to never have been compromised.

Serpent 128 or 256

Serpent is a symmetric cipher, which encrypts data in 128-bit blocks and uses a key size between 128 to
256 bits. This algorithm is in the public domain.

TwoFish 128 or 256

The successor to Blowfish, this symmetric encryption method uses keys up to 256 bits. This algorithm is
fast and, like Blowfish, is available in the public domain.

GOST 256
Developed by Soviet and Russian government. A symmetric cipher in 64-bit blocks
using a key length of 256 bits.

AES (Rijndael) encryption is the industry standard used by hardware devices and most encryption
software. The other ciphers were AES candidates and meet all requirements. Some are faster and
some are stronger. Rijndael was selected as the most flexible.

Page 464 of 559

Education Services Commvault® Professional Course May 2018

Inline Encryption
Right-click the storage policy primary copy | Click Properties | Advanced tab

Inline encryption is used to encrypt data during primary protection operations. The encryption can take place on the
client or the MediaAgent. Encryption is enabled for Commvault ® software through the storage policy primary copy or
at the client level. Encryption can further be configured at the subclient level. Subclient level encryption provides the
flexibility of defining only that data which requires encryption. By default, when encryption is enabled on a client,
encryption is enabled on all subclients.

Inline encryption best practices:

• Only encrypt the data that has such requirement.

• Isolate encrypted data in a different storage policy than unencrypted data.
• To achieve these goals, turn off encryption on the default subclient and create a dedicated subclient with the
folders or files requiring encryption defined as content.
• Turn on encryption on that subclient only and associate it with the dedicated storage policy.

A storage policy primary copy is used to enable encryption on all subclients associated with the storage policy. Ensure
the clients encryption settings are configured to ‘Use Storage Policy Settings.’

Enable encryption on all subclients associated with a specific storage policy

Page 465 of 559

Education Services Commvault® Professional Course May 2018

Inline encryption is configured on the client in two areas:

1. Client Advanced properties enables encryption and provides choice of cipher, key length, and option to write a
copy of the keys on media.
2. Subclient properties provides options to encrypt on client, on MediaAgent, encrypt on client and decrypt on
MediaAgent (encrypt for transmission only), or disable encryption.

Enable Encryption for a Client

Right-click the desired client | Click Properties | Encryption tab

When encryption is enabled on a client, the cipher and key length must be set. The default cipher used is blowfish 128
bit. The ‘Direct Media Access’ setting determines whether encryption keys are stored on the media. The ‘Via Media
Password’ option puts the keys on the media. The ‘No Access’ option only stores the keys in the CommServe ®
database. If the keys are stored on the media, data can be recovered using Commvault ® software’s ‘catalog’ feature,
or in the case of Disaster Recovery data, the Media Explorer tool. Encryption keys are always stored in the CommServe
database.

DR Data recovery using Media Explorer requires the user to provide the Media Password used
when the data was written. The default Media Password is blank. If the Media Password is not
known, contact Commvault Support to assist in recovering the password.

Client encryption configuration

Page 466 of 559

Education Services Commvault® Professional Course May 2018

Subclient Encryption Settings

Right-click the desired subclient | Click Advanced | Encryption tab

When encryption is enabled for a client, the default subclient encryption setting ‘Client and MediaAgent’ encrypts all
data on the client and the data remains encrypted when written to storage.

Subclient encryption configuration

Page 467 of 559

Education Services Commvault® Professional Course May 2018

Copy Based Encryption

Right-click the desired storage policy secondary copy | Click Properties | Advanced tab

The ‘Offline’ or ‘Copy-based’ encryption uses Commvault® software encryption to secure data during auxiliary copy
jobs. From the Data Encryption section in the storage policy copy’s Advanced tab, the ‘encryption cipher,’ ‘key lengths,’
and the option to ‘store keys on the media’ are configured.

In some cases, encrypted source data will be decrypted first then re-encrypted when storing deduplicated data or
changing encryption ciphers. By default, encrypted data is preserved during an auxiliary copy operation. The ‘Store
Plain Text’ option is selected to decrypt data during the auxiliary copy job. If ‘Store Plain Text’ option is selected, you
can still encrypt data during data transmission by selecting the option ‘Encrypt on network using selected cipher.’

Page 468 of 559

Education Services Commvault® Professional Course May 2018

Copy based encryption for a secondary copy

Page 469 of 559

Education Services Commvault® Professional Course May 2018

Hardware Encryption
Right-click the desired storage policy tape copy | Click Properties | Select path | Click Properties | General tab

For tape drives that support hardware encryption, Commvault® software can enable or disable an encryption operation
on the drive and manage encryption keys. Keys are stored in the CommServe® database. The ‘Direct Media Access’
option ‘Via Media Password’ puts a copy of the keys on the media. The ‘No Access’ option only stores the keys in the
CommServe database.

Commvault software writes data in chunks. Tape media uses 8GB chunks for indexed-based backups and 16GB chunks
for database backups. When encryption is enabled for data protection jobs writing to tape media with ‘hardware
encryption’ enabled, each chunk has a separate encryption key seeded by a random number generator and other
factors. Generating keys at the chunk level provides an enhanced level of security and greatly reduces the potential of
data compromise.

Page 470 of 559

Education Services Commvault® Professional Course May 2018

Hardware encryption enabled for a storage policy copy

If data has been encrypted using Commvault ® software encryption and hardware encryption is also
enabled, the data is encrypted twice.

Page 471 of 559

Education Services Commvault® Professional Course May 2018

Network Topologies

Page 472 of 559

Education Services Commvault® Professional Course May 2018

Network Route Overview

In most modern data centers, corporate networks use one or many firewalls. A firewall blocks TCP and UDP ports
between two networks, to ensure restricted users cannot access sensitive resources and data. An example is
computers that are required to have direct access to the internet, such as web servers. These servers are usually
isolated in a dedicated network called a demilitarized zone, or DMZ. This ensures that if a hacker successfully breaks
into and accesses a web server, he or she cannot reach the corporate network since the machine is isolated in the
DMZ.

There are two methods of implementing network routes:

• Physical network appliance that segregates networks through physical connections

• Software-based firewall that restricts inbound and/or outbound traffic
Typical illustration of a DMZ

Page 473 of 559

Education Services Commvault® Professional Course May 2018

Commvault® Software Default Ports

Commvault® software uses predefined ports to handle communication and data transfer. Some are static, and some
are dynamic.

Commvault® Software Default Ports

Service Port Number Protocol

Commvault® Communications Service, GxCVD service, found 8400 TCP

on all CommCell® computers.

Commvault® Server Event Manager, GxEvMgrS service, 8401 TCP

available on CommServe® server.

GxCVD service dynamically uses free ports for 1024 to 65535 TCP
communication during data protection and data recovery
jobs.

Since multiple ports are used, especially dynamic ports, it makes it hard to protect a computer behind a firewall if no
other mechanism is in place. If this is the case, you would have to ask your network team to open ports 1024 to
65535 between all clients in the DMZ and the internal servers. Because this scenario is not an effective solution,
Commvault® software has a set of network routes in place.

Page 474 of 559

Education Services Commvault® Professional Course May 2018

Restricted Firewall Configuration

A restricted network route configuration is when Commvault components can communicate through a firewall, but
only on specific ports. A listening port is used to establish the connection between resources. In a restricted
configuration, any resource can initiate communication. Before setting up network routes, the listening port must be
opened bi-directionally on the firewall between components.

Typical restricted firewall environment

Page 475 of 559

Education Services Commvault® Professional Course May 2018

Blocked Firewall Configuration

A blocked network route configuration is when only components on one side of the firewall initiates communication.
This is typically used in a strongly secured DMZ or when external clients such as laptop clients are connecting to the
CommCell® environment from unsecure networks.

The CommCell component that establishes connection attempts to communicate with other CommCell resources when
Commvault services start. Connection attempts and ‘keep alive intervals’ are set in the Options tab of the firewall
settings.

Page 476 of 559

Education Services Commvault® Professional Course May 2018

Typical blocked firewall environment for DMZ clients

Blocked firewall environment for roaming users when no proxy is available

Page 477 of 559

Education Services Commvault® Professional Course May 2018

Proxy Firewall Configuration

A proxy network route configuration is used when resources cannot directly communicate using a blocked or restricted
connection. A proxy is designated in the DMZ by selecting the ‘This computer is in DMZ and will work as a proxy’ check
box in the Options tab of the Network Route Configuration settings. Network routes must be configured from
resources outside the firewall to the proxy and then from the proxy to resources inside the firewall.

Typical proxy configuration

Page 478 of 559

Education Services Commvault® Professional Course May 2018

Configuring Network Topology

Network topologies provide a simplified template to deploy network route configurations to CommCell® components.
There are three network topology groups to configure: One-Way, Two-Way, or Via Proxy. Once the simplified topology
is configured, advanced network route settings remain available at the client group and client levels to further
configure settings if desired.

To use network topologies, client computers groups must be created first.

Network topologies for client computer groups:

For One-Way Network Topology

• Infrastructure Client Group

• DMZ Client Group
For Two-Way Network Topology

• Client Group 1
• Client Group 2
For Proxy Network Topology

• Trusted Client Group 1

• Trusted Client Group 2
• Proxy/DMZ Group

Page 479 of 559

Education Services Commvault® Professional Course May 2018

One-Way Network Topology Groups

• Infrastructure Client Group – The clients in the client groups can be the CommServe server, MediaAgents,
or client components. By default, there is a system created computer group called Infrastructure that can be
leveraged for network topologies. When creating a network topology, the Infrastructure Client Group has
restricted communication on a specific port with the DMZ Client Group.
• DMZ Client Group – These are the systems located in the untrusted networks, such as the DMZ. When
implementing the network topology, the DMZ Client Group has blocked communication with the Infrastructure
Client Group.
One-Way Network topology client computer groups

Two-Way Network Topology Groups

• Client Group 1 – These are the systems on the first side of the firewall. When implementing the network
topology, Client Group 1 has restricted communication on a specific port with Client Group 2.
• Client Group 2 – These are the systems on the other side of the firewall. When implementing the network
topology, Client Group 2 has restricted communication on a specific port with Client Group 1.

Page 480 of 559

Education Services Commvault® Professional Course May 2018

Two-Way Network topology client computer groups

Proxy Firewall Topology Groups

• Trusted Client Group 1 – These are the clients that are using the proxy to reach the Trusted Client Group 2
on the internal network. It has restricted communication on a specific port with the Proxy/DMZ Group but has
blocked communication with the Trusted Client Group 2.
• Trusted Client Group 2 – These are your CommCell® components such as the CommServe® server and the
MediaAgents. By default, there is a system created computer group called Infrastructure that can be leveraged
for network topologies. When creating a network topology, the Trusted Client Group 2 has restricted
communication on a specific port with the Proxy/DMZ Group but has blocked communication with the Trusted
Client 1.
• Proxy/DMZ Group – These are the systems that acts as proxies in the DMZ to relay any communication
between Trusted Client Group 1 and Trusted Client Group 2. When creating a network topology, the
Proxy/DMZ Group has blocked communication with both the Trusted Client Group 1 and Trusted Client Group
2. By default, there are system created Proxy Clients groups. Any system that are defined to act as proxies are
automatically associated with this group.

Page 481 of 559

Education Services Commvault® Professional Course May 2018

Proxy Network topology client computer groups

Page 482 of 559

Education Services Commvault® Professional Course May 2018

Configuring Firewall Topology

Before configuring a topology, create the required client computer groups if needed. You can then launch the network
topology configuration wizard.

Configuring a Network Topology

Page 483 of 559

Education Services Commvault® Professional Course May 2018

Monitoring, Maintenance, and Tuning

Page 484 of 559

Education Services Commvault® Professional Course May 2018

Monitoring

Page 485 of 559

Education Services Commvault® Professional Course May 2018

Admin Console
The dashboard view provides an overall view of the status of the CommCell® and client protection jobs. By default, the
view displays information about all clients of all solutions. If needed, other specific solution dashboards can be
accessed.

Use your mouse to hover over and identify active areas of the dashboard that can be expanded for additional
information.

Page 486 of 559

Education Services Commvault® Professional Course May 2018

Dashboard window

Page 487 of 559

Education Services Commvault® Professional Course May 2018

CommCell® Monitoring Resources

Storage Usage Views
Storage views determine how much disk capacity is being used by protected data. The Deduplication Engine view,
determines how much capacity is used based on all storage policies associated with the engine.

Disk Library Summary View

The disk library summary view is accessed in the Storage Resource section. When the library is clicked, the mount
paths are displayed in the summary window. Information including the status of mount paths, the total disk capacity,
and the free space is provided.

Page 488 of 559

Education Services Commvault® Professional Course May 2018

Disk library information summary view

Disk Usage Tab of a Disk Library

The Disk Usage tab of a disk library properties provide information about space usage and deduplication
performances.

The Disk Usage tab information is divided in three sections:

• Disk Space Utilization – Provides information on space consumed and space left.

• Disk Space Savings – Provides the total amount of application data that is protected for all backups,
compared to the amount of data that is physically written in the library. By this information, the performance
of deduplication is illustrated. It also provides the amount of data that is non-deduplicated.
• Average Daily Disk Consumption – Gives the daily average of space consumption and compares it to the
daily average of space released by aging obsolete data. If more space is consumed daily than released, the
library will fill up at some point. Based on these metrics, this section estimates and displays the expected date
on which the library will be filled.

Page 489 of 559

Education Services Commvault® Professional Course May 2018

Disk Usage tab from the disk library properties

Engine Views
The Deduplication Engine view, under Storage Resources in the CommCell browser® provides information about the
Deduplication Engine performance. Information such as the amount of data protected vs. the amount of data written,
the number of unique blocks in the deduplication store, the amount of records pending deletion and the average query
and insert (Q&I) time are important to properly monitor deduplication health of a CommCell® environment.

Key points to deduplication monitoring:

• A Deduplication Database (DDB) with an average Q&I time over 2000 microseconds should be investigated as
it may be indicative of performance issues which could impact backup jobs, auxiliary copy jobs and data
aging.
• A DDB or DDB partition getting close to 750,000,000 unique blocks may represent a partition reaching its
capacity. Overtime, the DDB partition performances will degrade, impacting all deduplicated operations. If a
DDB is near this limit, a call should be placed with support to ensure performances are adequate.
• A DDB with an excessive number pending delete records that increases each day may be indicative of either
an underperforming DDB, or an operation window blackout period not providing enough time for the DDB to
purge obsolete records.

Page 490 of 559

Education Services Commvault® Professional Course May 2018

Deduplication Engine views

Device Status View

The Resource status view displays readiness status for storage components within the CommCell® environment.

Resource status view is used for the following:

• MediaAgent status – online or offline (pause)

• Library status – online or offline (pause)

• Tape Drive status – online, offline, and jobs currently running and tape barcode label

Page 491 of 559

Education Services Commvault® Professional Course May 2018

Device Status View

Page 492 of 559

Education Services Commvault® Professional Course May 2018

Job Controller
The Job Controller in the CommCell® console is used to manage all active jobs within the CommCell® environment.
Regardless of which method is used to initiate a job (schedule, on demand or script), the job will appear in the Job
Controller. The Job Controller is the most effective tool within the CommCell ® console for managing and
troubleshooting active jobs.

Job Details

Right-click job | Details or double-click job

Details for specific jobs are used to provide information on job status, data path, media usage or job errors.

Viewing Job Details

Page 493 of 559

Education Services Commvault® Professional Course May 2018

Event Viewer
The Event Viewer window displays events reported based on conditions within the CommCell ® environment. By
default, the event viewer displays the most recent 200 events. This number can be increased up to 1,000. The event
log maintains up to 10,000 events or 7 days of events. These default settings can be modified.

Filter the Event Viewer

Double-down arrow | Filter | Select field down-arrow and select the appropriate filter

The Event Viewer can be filtered based on the available fields. Although some filters, such as ‘Date’ does not have a
practical application, other fields such as ‘Computer,’ ‘Program’ or ‘Event code’ can be used to quickly locate specific
events.

Apply Filters to the Event Viewer Window

Page 494 of 559

Education Services Commvault® Professional Course May 2018

Search Event Log

Right-click in Event Viewer | Search Events

Although only 200 to 1,000 events are displayed in the event viewer, the entire event log can be searched from the
event viewer. The default total number of events retained is 10,000.

When right-clicking anywhere in the event viewer, select the option to search events. Events are searched by time
range, severity and job ID. If common searches are frequently conducted, the search criteria can be saved as a query
and run at any time.

Search Events using Criteria

Page 495 of 559

Education Services Commvault® Professional Course May 2018

Alerts (Admin Console)

The Admin Console provides several pre-configured alerts, which monitor the health of CommCell® components and
activities. Additional alerts definitions can also be created. Once triggered, it appears in the Triggered alerts view,
where detailed information can be accessed by clicking the information link. Keeping a close eye on alerts ensures that
issues are addressed as soon as they arise.

Manage Triggered Alerts

Once a triggered alert is no longer required, it can be deleted. The view can be filtered by severity, and the search box
can be used to find an alert.

Page 496 of 559

Education Services Commvault® Professional Course May 2018

Managing triggered alerts

Page 497 of 559

Education Services Commvault® Professional Course May 2018

Manage Alerts Definitions

The following tasks are available to manage alerts:

• Enable/disable alert
• Delete an alert
• Define users or user groups to notify when triggered

Managing alerts definition using the Admin Console

Page 498 of 559

Education Services Commvault® Professional Course May 2018

Create an Alert
Several alert types are available for which a value or condition can be set. When the value is reached or the condition
met, the alert is triggered.

Notifications can be configured for an alert. In addition to showing up in the triggered alerts view, an email will be
sent to the defined recipients.

Page 499 of 559

Education Services Commvault® Professional Course May 2018

Creating an alert

Page 500 of 559

Education Services Commvault® Professional Course May 2018

Page 501 of 559

Education Services Commvault® Professional Course May 2018

Alerts (CommCell® Console)

Alerts are configured to provide real-time feedback about conditions in the CommCell® environment as they occur.

• Alerts can be accessed from the Home tab.

• The Alert window displays all alerts configured for the CommCell® environment.

• The Alert Summary displays settings for the selected alert and provides the capability to email or save them.
Alerts inform you about certain conditions within the CommCell® environment. They can be triggered based on
failures, successes, or changes that may occur during different types of CommCell operations.

Key points about alerts:

• Added when configuring a data protection or recovery job

• Configured based on an operation

• Configured to monitor clients or client groups

• Storage alerts are configured, and libraries are selected and monitored

Page 502 of 559

Education Services Commvault® Professional Course May 2018

Built-In Alerts
A wide range of alerts are preconfigured in the system on initial installation. Some are enable, others can be enabled if
required. These alerts monitor several components and conditions. A summary view explains what the alert is for. For
more information on the preconfigured alerts, refer to the Commvault Online Documentation.

Managing alerts

The Alert Wizard

From the Home tab | Click Alert | Configure Alert | Edit or Add an existing alert

The Alert Wizard is used to configure the alert type, entities to be monitored, notification criteria and notification
method.

Configure alert options from the Alert Wizard:

• Type of alert
• Entities to be monitored
• Notification criteria
• Notification method

Page 503 of 559

Education Services Commvault® Professional Course May 2018

Alert wizard screens

Page 504 of 559

Education Services Commvault® Professional Course May 2018

Page 505 of 559

Education Services Commvault® Professional Course May 2018

Notification Providers
Commvault® software offers many easy-to-configure notification providers. These providers ensure that an
administrator is notified at any time should an issue arise.

As of Service Pack 11, the available providers are as follows:

• email
• SNMP
• Event Viewer
• Run Command
• Save to
• RSS Feeds
• Console Alerts
• SCOM
• Workflow

Email
Email notifications are sent to the CommCell® console or domain users by selecting them from the list. The user must
have logged in at least once to the CommCell console. Email addresses or distribution lists can be defined. If the email
server is down, the system tries to resend the email for four hours. After that time limit, if the server is still down, the
notification is discarded and will not be sent. Email notification format can be HTML or text and be modified as
needed.

Page 506 of 559

Education Services Commvault® Professional Course May 2018

To use email notification, a SMTP server must be configured using the email and Web Server applet from the
Configuration tab.

SNMP
Alerts can be sent by the CommServe® server as SNMP to any desired computer listening for SNMP traps. This
notification method is useful if an existing monitoring and/or ticketing system is in place. SNMP alerts support SNMP
Version 1 (SNMPv1) and SNMP Version 3 (SNMPv3) and require the SNMP Enabler to be installed on the CommServe
server.

SNMP alerts offer the following benefits:

• A CommServe server can send SNMP alerts to multiple computers.

• Computers can receive the SNMP alerts even if they do not have CommServe software installed.
• SNMP alert notifications can be customized by adding alert token arguments to the alert configuration. The
tokens will be included in the body of the alert notification message.

Event Viewer
You can send alert notifications from the CommServe® server to the Windows Event Viewer of other computers where
it is generated as an event. For all alerts related to backup and restore operations, the following information is sent to
the Windows Event Viewer:

• Galaxy is the Source

• 256 is the Event ID

Run Command
The Run Command notification is used to send alert notifications from the CommServe ® server to other client
computers by executing a command script. The Run Command can be located on the CommServe server or on remote
computers but is executed only on the CommServe server. It also can be used to run a script to resolve the issue,
such as restarting some services or any desired tasks.

Save to
You can send an alert notification to a local directory, a network share, or the Cloud Services website. This is
particularly useful in obtaining a list of failed attempts in an operation. If you plan on using the Cloud Services, Cloud
Metrics Reports must first be activated for the CommCell® console.

The following is an example of a "Save to" alert notification:

Alert: Client_Properties Type: Configuration - Clients
Alert: Client_Properties
Type: Configuration - Clients
Detected Criteria: Properties Modified
Detected Time: Mon Feb 27 10:13:02 2017
CommCell: winter
User: Administrator

Property Modifications:
Status: Modified
Client: winter
Agent Type: Not Applicable
Instance: Not Applicable
Backup Set: Not Applicable
Subclient: Not Applicable
Comments:

Page 507 of 559

Education Services Commvault® Professional Course May 2018

Update Client properties

Client: winter
Client
Client Description: Set to [text description of a client]

RSS Feed
It is possible to turn the CommServe® server into a RSS Feed server, which allows an alert notification to be sent as
an RSS Feed. Your favorite RSS Feed client can be configured to receive notifications by subscribing to the
CommServe server.

SCOM
The Commvault® software can send alert notifications from the CommServe® database to the Microsoft Systems
Center Operations Manager (SCOM). The Microsoft SCOM Server provides a monitoring service for critical applications
within an enterprise and sends alerts about events in these applications. An administrator can raise tickets against
these alerts and take any necessary action to resolve the problem. SCOM must first be installed and the CommServe®
server defined as a SCOM agent. For the agent to communicate with the SCOM server, firewall ports 5723 and 5724
must be open. For more information on SCOM notification configuration and prerequisites, please refer to the
Commvault Online Documentation.

Workflow
It can be useful to try to resolve an issue using automation. When an alert is triggered, a workflow notification
launches any desired workflow. Note that when configuring the alert, the workflow must be created first, then
selected.

Tip: Try to Resolve Communication Issues During Backups

Scenario: A backup job goes into a pending status, stating that it cannot communicate with the client.

Solution: A workflow alert could launch a script to restart the Commvault services on the client, then restart
the backup and send an email if the backup is still pending.

Console Alerts
When configuring alerts, console alerts can be selected as a notification method. Once an alert is triggered, it appears
in the Console Alerts window within the CommCell ® browser. Right-click on an alert to view details, delete, mark as
read or unread, or to insert a note. Console alerts can be pinned or deleted using the icons at the bottom of the
window.

Page 508 of 559

Education Services Commvault® Professional Course May 2018

Managing Console Alerts

Common Alerts
Category Type Options

Automatic Updates Download, Install Job Failed

Job Management Data Protection, Data Recovery Job Failed, Phase or network errors

Job Management Dedupe DDB Reconstruct All alert criteria

Job Management Disaster Recovery Backup Job Failed

Media Management Device Status Drive / Library offline

Media Management Library Management Insufficient storage, Maintenance

alerts

Page 509 of 559

Education Services Commvault® Professional Course May 2018

Reports (Admin Console)

The Admin Console provides several reports to monitor the CommCell® environment. In addition to these, a wide
variety of custom reports can be downloaded from Commvault ® store providing monitoring, trend analysis, and
various statistical information. This set of tools allows an organization to ensure the proper functioning of the
environment, to control its growth, and to optimize its performances.

Admin Console Reports

The Admin Console provides the following reports:

• Audit Trail Report

• AuxCopy – Fallen Behind Storage Policies
• Backup Job Summary
• Backup Success Trending
• Computers
• Disk Library Utilization
• File Anomaly Detection
• Last 24 Hours Backup Job Statistics
• Recall Summary
• Restore Job Summary
• Servers Restore Job Summary
• Servers SLA

Page 510 of 559

Education Services Commvault® Professional Course May 2018

• User and User Group Permissions

• Virtual Machine Protection in the Last 30 Days
• VM Backup

Working with Charts

Any chart within a report can be printed or downloaded. The chart can also be maximized to full screen. To revert it
back to its original size, simply click the Exit full screen button.

Working with charts in reports

Page 511 of 559

Education Services Commvault® Professional Course May 2018

Reports (CommCell® Console))

CommCell® reports can be configured from the Reports tab in the CommCell toolbar. The most common report types
are listed in the toolbar, such as:

• Job Summary

• Job Schedule

• CommCell Readiness
When the report type is selected, it is the default report in the report window. Note that any other report type can be
accessed from the window. Reports can be scheduled, saved to a specific location, or saved as report templates.
Depending on the report type selected, various report criteria are configured from the tabs in the Report Selection
window. Use the tabs to choose which resources; clients, MediaAgents, libraries, or storage policies, to include in the
report. You can also select the information to be included in the report, such as failed items, storage usage, job
information, or resource configuration.

Configure a report using the following methods:

• Time Range tab – sets the scope of the report.

• Output tab – provides a selection for the output format, which is HTML, PDF, or Text file. Choosing Text
saves the report as a CSV file for spreadsheet import.
• Output method – includes choices for scheduling, save as script, save as template or save to a disk location.
Reports can be executed on demand or scheduled to be send by email.
Common CommCell® reports:

Page 512 of 559

Education Services Commvault® Professional Course May 2018

• Job Summary report – is used to view data protection, data recovery and administrative jobs.

• CommCell® Readiness report – is used as a status report for CommCell components such as clients,
MediaAgents, library storage capacity and index directories.
• CommCell® Configuration report – provides CommCell configuration, license usage, and update status of
CommCell components.

• Job Schedule report – is used to view schedules for client computer groups, clients, and administrative jobs.

• Data Retention Forecast and Compliance report – is used to view jobs in storage, the media it is located
on, and the estimated time the data will age.

Report Outputs
When running any report, it can be formatted using HTML, text delimited, PDF, XML. A copy of the report can also be
saved on a local drive of any CommCell® client computer, on a network share by providing credentials that have
access to the share, or to an FTP site by providing login information. Language, date and time formats are selected
from drop-down lists.

Configuring report output

Page 513 of 559

Education Services Commvault® Professional Course May 2018

Running and Scheduling Reports

Reports are executed on demand or scheduled to be sent by email on the desired frequency. To use emailed reports,
a mail server must first be configured using the Email and Web Server applet from the Configuration menu.

Running or scheduling a report

Page 514 of 559

Education Services Commvault® Professional Course May 2018

Maintenance

Page 515 of 559

Education Services Commvault® Professional Course May 2018

CommServe® Server DB Maintenance

The CommServe® server, being the orchestrator of all CommCell® operations, is the most important server. Therefore,
it is crucial to ensure that its performances are maintained to the highest level possible. To optimize the CommServe
server database, a tool called DBMaintenance.exe, which is located in the installation directory of the Commvault®
software, is available. This tool can be executed manually from a command prompt, or can be executed from the
CommCell® Console, through a workflow and a schedule. This tool first validates the consistency of the database by
executing a CheckDB command against it. Then, it optimizes the database by performing Reindex and/or ShrinkDB
commands.

Maintenance Modes
There are several modes that can be selected when executing a DB maintenance:

• Full - Performs a full maintenance on the database. It includes CheckDB, ReindexAll and ShrinkDB commands.
It is recommended to run on a bi-yearly basis.
• Recommended - Performs a recommended maintenance which includes ShrinkDB and
ReindexRecommended commands. It is recommended to run this maintenance mode every couple of weeks.
By default, a system created schedule will execute it on every other Sunday.
• CheckDB - Validates the consistency of the CommServe database by running an integrity check.
• ReindexRecommended - Re-indexes the largest and most frequently used tables of the database.
• ReindexAll - Re-indexes all tables of the database.
• ShrinkDB - If table re-indexing creates a significant amount of fragmentation, the ShrinkDB command will
reclaim that space by shrinking the database.

Page 516 of 559

Education Services Commvault® Professional Course May 2018

CommServe® DB Maintenance tool command line usage

DB Maintenance Workflow and DB Maintenance Schedule

V11 Service Pack 5 introduced a workflow and a schedule that maintains the CommServe server database
automatically. The schedule, which is called System Created DB Maintenance schedule, runs every other Sunday at 3
p.m. and executes a Recommended maintenance. The Full maintenance is not scheduled. It is therefore
recommended to either run it manually, or schedule it twice a year.

Page 517 of 559

Education Services Commvault® Professional Course May 2018

This schedule executes a workflow called DBMaintenance, which executes the maintenance based on the mode that is
selected in the schedule. The workflow also contains email components that can be modified to send a result
notification on failure or success.

CommServe® DB Maintenance schedule

Page 518 of 559

Education Services Commvault® Professional Course May 2018

CommvaultTools
Commvault Software provides several tools that are launched from the command line, or from the CommCell®
console. These tools are available in the Base folder of the Commvault software:

• Process Manager
• CVPing
• CVIPInfo
• Network Test Tool
• TapeToolGUI

Process Manager
Each operation in the CommCell® console may have processes associated with the operation. From the Process
Manager, you can view processes and information about each one, such as the CPU usage and memory usage. The
Process Manager has tabs that provide information about controlling services and log files, and has buttons to stop,
start or recycle Commvault® services.

Page 519 of 559

Education Services Commvault® Professional Course May 2018

The Process Manager General tab

Page 520 of 559

Education Services Commvault® Professional Course May 2018

The Process Manager Processes tab

The Process Manager Services tab

Page 521 of 559

Education Services Commvault® Professional Course May 2018

CVPing
The CVPing tool validates network, as well as port connectivity. This tool is useful when troubleshooting issues when
implementing firewall rules.

CVPing command syntax:

cvping <address> <IP Family> -Port <port number>

Where:

• Address: is the DNS name or the IP address

• IP Family: is either -UseIPv4 or -UseIPv6
• Port number: The port number to use
CVPing command example

Page 522 of 559

Education Services Commvault® Professional Course May 2018

CVIPInfo
CVIPInfo tool validates forward and reverse DNS resolution. It is important to remember that Commvault ® software
frequently uses the reverse DNS zone.

CVIPInfo command syntax:

cvipinfo <IP Family> <address>

Where:

• IP Family: is either IPv4 or IPv6 or Any

• Address: is the DNS name

CVIPInfo command example

Page 523 of 559

Education Services Commvault® Professional Course May 2018

Network Test Tool

The Network Test Tool verifies network connectivity between CommCell® components. It provides a single interface to
all basic network tests for troubleshooting network connectivity and data transmission issues between any two
CommCell components.

Possible modes for the Network Test Tool:

• Executing a host name lookup

• Verifying service status
• Verify connectivity (server and client mode)
Executing a Host Name Lookup

This mode is available to execute a host name lookup, which is similar to a CVIPinfo or an nslookup command.

CVNetworkTestTool in host name lookup mode

Page 524 of 559

Education Services Commvault® Professional Course May 2018

Verifying service status

This mode validates if Commvault® software services installed on the target machine are up-and-running and
reachable.

CVNetworkTestTool in service check mode:

Verifying Network Connectivity in Server Mode

This mode validates network connectivity and bandwidth throughput between two servers. The servers could be
clients, MediaAgents, or the CommServe® server. It is helpful to validate the throughput between a client and its
target MediaAgent, or between two MediaAgents in preparation to implement DASH copies.

This tool works in two modes:

• Server mode – This is started on the target server and acts as the listener.
• Client mode – This is executed on the source machine and will connect to the target machine’s listener to
run the test.

Page 525 of 559

Education Services Commvault® Professional Course May 2018

CVNetworkTestTool in network check Server mode

CVNetworkTestTool in network check client mode

Page 526 of 559

Education Services Commvault® Professional Course May 2018

TapeToolGUI
The TapeToolGUI tool is used to troubleshoot media in the library and run performance testing on the mounted
media. The TapeToolGui is also available as a command line interface, called TapeTool.

Use the TapeToolGui to perform the following functions:

• Read and write data to the media

• Read the On Media Label (OML)
• Read the tape marks
• Format the media
• Set the tape tension
• Copy the media
• Unload the media

The TapeToolGUI interface

Tip: Risks of Using the TapeToolGUI tool with Media

The TapeToolGUI tool does not connect with the Commvault ® software and does not know about the contents
of tapes. Therefore, when using the tool to perform a destructive operation on a media, such as a write,
format, or target for a copy media operation, ensure that the media that you type in the Tape Name box, is a
scratch tape and contains no data. Otherwise, the backup data can potentially be destroyed.

Page 527 of 559

Education Services Commvault® Professional Course May 2018

Tuning

Page 528 of 559

Education Services Commvault® Professional Course May 2018

Performance Benchmarks
Commvault® software is a high-performance solution for protecting all data in any environment within defined
protection windows. The software also provides many settings to improve performance. Before considering tuning
Commvault software, it is important to understand capabilities and limitations of all hardware and software deployed
within an environment.

There is no such thing as a static data center. Network infrastructures are constantly changing, new servers are
added, mission critical business systems are moving to hybrid cloud, or public cloud infrastructures. Before considering
Commvault tunables, it is first important to understand your environment including the capabilities and limitations of
the infrastructure; specifically, the ability to transfer large amounts of data of production or backup networks.

When making modifications to an environment, changes that may positively impact one aspect of the environment can
negatively affect another aspect. This is also true about Commvault settings. For example, enabling multiplexing when
writing to tape drive can improve backup speeds. However, it may have a negative impact on restores if dissimilar
data types are multiplexed to the same tape. Another example is using Commvault deduplication and setting a high
number of data streams. Since client-side deduplication is being used, there will be a low impact to the network. But if
the deduplication database needs to be sealed, the next set of backup operations may result in oversaturating the
network while re-baselining blocks in storage.

Performance Benchmarks
Benchmarks can be divided into two kinds, component and system. Component benchmarks measure the performance
of specific parts of a process, such as the network, tape or hard disk drive, while system benchmarks typically
measure the performance of the entire process end-to-end.

Establishing a benchmark focuses your performance tuning and quantifies the effects of your efforts. Building a
benchmark is made up of the following 5 steps:

Page 529 of 559

Education Services Commvault® Professional Course May 2018

• Understand the process

• Identify the resources involved
• Minimize outside influence
• Periodic test
• Write it down
Understand the process

You can’t document or improve something if you don’t know what’s going on. More importantly, you need to
understand what phases a job goes through and how much each phase affects the overall outcome.

For example, a backup job over a network to a tape library takes two hours to complete. You think it should take a lot
less and you spend time, effort, and money to improve your network and tape drives and parallel the movement of
data. The job now takes 1.8 hours to complete. You gained a 10% improvement.

Looking at the job in more detail we find that the scan phase of the job is taking 1.5 hours and the rest is the actual
data movement. Switching the scan method reduces the scan phase time to 12 minutes. The job now takes .4
hours. You gained a 78% improvement.

Knowing what phases a job goes through and how much each phase impacts the overall performance can help you
focus your time, effort, and money on the real problems.

Identify the resources involved

Each hardware component is going to have a theoretical performance limit and a practical one. Attempting to get
improvement beyond these limits without changing the resources involved is a waste of time. Consider using newer
vs. older technologies, such as tape drives.

Minimize outside influence

Large data movements are usually done during non-production hours for two reasons – one, they can degrade
production work, and two, production work can degrade the movement of data. You want to minimize competition for
resources to get a fair benchmark of what performance is achievable. In those cases, where competition cannot be
eliminated, you must accept the impact to performance or invest in more resources.

Periodic Test

A single measurement is not a benchmark. Tape devices have burst speeds that are not sustainable over the long run.
Networks have various degrees of bandwidth availability over a period of time. A single snapshot check of bandwidth
will not give you a realistic expectation. Do periodic testing over the actual usage of a resource to determine its
average performance. Try to level out the peaks and valleys - or at least try to identify what causes these variations.

Multiple measurements scattered over a day can also help in establishing if an unexpected external process is
impacting the environment. For example, if you have a database server that is slowly backing up at night, but when
you sample during the day, it is achieving expected performances, you can suspect an external process impacting the
backup, such as a database administrator dumping the database and copying it to another server at the same time in
this example.

Write it down

The hardest lessons are the ones you must learn twice. Once you’ve established your acceptable and/or expected
performance levels for each resource and end-to-end, write them down and use them as the baseline for comparing
future performance.

Page 530 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Environment

Before modifying Commvault® software settings to improve performance, consider environmental capabilities and
limitations. Ensure the environment is optimized to the best of your team’s abilities. Commvault software can move
data at high rates of speed, but it will ultimately be limited by bottlenecks on servers and network devices.

TCP/IP
TCP/IP is the most common network transmission protocol. Factors that can degrade TCP/IP performance are:

• Latency - Packet retransmissions over distance take longer and negatively impact overall throughput for a
transmission path.
• Concurrency - TCP/IP was intended to provide multiple users with a shared transmission media. For a single
user, it is an extremely inefficient means to move data.
• Line Quality - Transmission packet sizes are negotiated between sender/receiver based on line quality. A
poor line connection can degrade a single link’s performance.
• Duplex setting - Automatic detection of connection speed and duplex setting can result in a half-duplex
connection. Full duplex is needed for best performance.
• Switches - Each switch in the data path is a potential performance degrader if not properly configured.
• Firewalls – Firewall is the first line of defense against hackers, malware, and viruses. There are hardware
firewall appliances and software firewalls, such as operating system firewalls. Firewalls can have minor to
moderate impacts on transfer performances.

Page 531 of 559

Education Services Commvault® Professional Course May 2018

SCSI/RAID
SCSI is the most common device protocol used and provides the highest direct connection speed. An individual SCSI
drive’s speed is determined by spindle speed, access time, latency, and buffer. Overall SCSI throughput is also
dependent on how many devices are on the controller and in what type of configuration. The limitation of SCSI is the
distance between devices and the number of devices per controller.

• RAID arrays extend the single addressable capacity and random access performance of a set of disks. The
fundamental difference between reading and writing under RAID is this: when you write data in a redundant
environment, you must access every place where that data is stored; when you read the data back, you only
need to read the minimum amount of data necessary to retrieve the actual data--the redundant information
does not need to be accessed on a read. Basically – writes are slower than reads.

• RAID 0 (striping) or RAID 1 (mirror) or RAID 1+0 with narrow striping are the fastest configurations when it
comes to sequential write performance. Wider striping is better for concurrent use. A RAID 5 configured array
can have poor write performance. The tradeoff in slower write performance is redundancy should a disk fail.

Fine tuning a RAID controller for sequential read/write may be counterproductive to concurrent
read/write. If backup/archive performance is an issue, a compromise must be arranged.

iSCSI/Fibre Channel
iSCSI or Fibre Channel protocol (FCP) is essentially serial SCSI with increased distance and device support. SCSI
commands and data are assembled into packets and transmitted to devices where the SCSI command is assembled
and executed. Both protocols are more efficient than TCP/IP. FCP has slightly better statistics than iSCSI for moving
data. Performance tuning is usually setting the correct ‘Host Bus Adapter’ configuration (as recommended by the
vendor for sequential I/O) or hardware mismatch. Best performance is achieved when the hardware involved is from
the same vendor. Given that configuration and hardware is optimum, then for both iSCSI and FCP, performance is
inhibited only by available server CPU resources.

Disk I/O
Performing I/O to disks is a slow process because disks are physical devices that require time to move the heads to
the correct position on the disk before reading or writing. This re-positioning of the head is exacerbated by having
many files or having fragmented files. You can significantly improve read performance of the source data by de-
fragmenting the data on a regular basis.

Anti-Virus
Anti-viruses are intelligent software protecting a system against corrupted data by periodically scanning files systems
and ensuring that every file accessed or opened by any processes running on the system is a legitimate file (and not a
virus). You can easily imagine that when a backup runs and protects every system files, the anti-virus validation
significantly decrease backup performances. It might also access and lock Commvault files, such as log files. It is
recommended on all systems on which Commvault software is installed, to add exclusions to the anti-virus software
for Commvault® software folders, so that when Commvault related processes are in action, they do not trigger the
anti-virus validation process.

Page 532 of 559

Education Services Commvault® Professional Course May 2018

Windows Recommended anti-virus exceptions

For V10 and earlier environments, any Content Store directory must be replaced by ‘Simpana.’ For
V11 environments, any Content Store directory must be replaced by ‘ContentStore.’

CommServe, Software Installation Path

client, and *:\Program Files\CommVault\ContentStore\**
MediaAgent Updates Cache folder with CVPackages and CVUpdates subfolders on the CommServe
Installation
C:\Program Files\CommVault\ContentStore\SoftwareCache
Paths
DR backup set directories on the CommServe
C:\Program Files\CommVault\CS_DR
Job Results folder
C:\Program Files\CommVault\ContentStore\iDataAgent\JobResults
Index Directory folder
C:\Program Files\CommVault\ContentStore\IndexCache
Additional Magnetic libraries
MediaAgent *:\**\CV_MAGNETIC\**
Paths Deduplication databases
Obtain the deduplication database location from the CommCell ® console, from the Copy Properties
dialog box of the primary copy, located in the Deduplication tab.
SharePoint Temp folder path
Agent C:\Users\Commvault Services account\AppData\Local\Temp

Content Exclude entire CI Engine install folders:

Indexing and C:\Program Files\CommVault\ContentStore\CIServer
Search C:\Program Files\CommVault\ContentStore\CVCIEngineSolr folder path
C:\Program Files\CommVault\ContentStore\CVCIEngine\solr
CI Index folder path
C:\Program Files\CommVault\ContentStore\CVCIEngine\solr\CIIndex

Page 533 of 559

Education Services Commvault® Professional Course May 2018

UNIX, Linux and Macintosh Recommended anti-virus exceptions

CommServe, Software install directory

client, and */opt/commvault/**
MediaAgent Job Results directory
Installation
/opt/commvault/iDataAgent/jobResults
Paths
Index directory
/opt/commvault/IndexCache
Directory to extract installation binaries
/tmp/.gxsetup

Additional Magnetic libraries

MediaAgent */CV_MAGNETIC/**
Paths Deduplication databases
Obtain the deduplication database location from the CommCell® console, from the Copy
Properties dialog box of the primary copy, located in the Deduplication tab.

Page 534 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings – File System & VSA

File System Backup

Consider the following key points when backing up the File System Agent:

• For backups on Windows operating systems, ensure source disks are defragmented.
• Ensure all global and local filters are properly configured.
• If source data is on multiple physical drives increase the number of data readers to multi-stream protection jobs.
• For larger high speed disk, a maximum of two data readers can set for an individual disk. Enable ‘Allow Multiple
Data Readers within a Drive or Mount Point’ to allow multiple streams on a single disk.
• If source data is on a RAID volume, create subclient(s) for the volume and increase the number of data readers
to improve performance. Enable the ‘Allow Multiple Data Readers within a Drive or Mount Point’ option.
• Consider using synthetic full, or better, DASH Full backups over traditional full backups.
• Consider using the Commvault OnePass® agent to archive older ‘stale’ data.
• For large volumes containing millions of objects use the File System Block-Level Backup.
• Consider using multiple subclients and stagger backup operations over a weekly or even monthly time period.
• For supported hardware, consider using the Commvault IntelliSnap® feature to snap and backup volumes using
a proxy server.
• Increase the ‘Application Read Size’ from the default of 64KB to 512KB.

Page 535 of 559

Education Services Commvault® Professional Course May 2018

Data Readers
Disk I/O is the most costly, time-consuming portion of a data movement job. Using multiple data readers (also called
data streams) can improve performance.

Conditions that can degrade performance for the File System Agent:

• In some configurations, such as concurrent backups that use embedded agents on multiple virtual machines
(VMs) in a hypervisor environment, using multiple data readers for each backup might overwhelm the disk I/O
and degrade performance. In this situation, using only one data reader for each VM might achieve the best
performance.
• Internal algorithms determine the maximum number of data readers that can read concurrently from a single
physical drive. Too many data readers on a single physical drive can actually degrade performance.

• Subclient content is divided between data readers based on physical drives. Thus, the first data reader reads
from the first physical drive, the second data reader reads from the second physical drive, and so on. By
default, only one data reader is allowed per physical drive, regardless of how many data readers are
configured. Often, a data reader completes before the other data reader completes, which reduces the
performance gain of using multiple data readers.

Allow Multiple Readers within a Drive or Mount Point

For the File System Agent, the Number of Data Readers value determines the number of parallel read operations from
the data source.

The ‘Allow multiple data readers within a drive or mount point’ option helps you to use data readers more efficiently.
For example, if you have subclient content that spans 4 physical drives, and you configure 8 data readers. Each
physical drive gets 2 data readers. When one data reader completes its task, it assists another physical drive. This
process continues until all data is read. This process maximizes the time that multiple data streams are moving data,
which can improve performance.

Page 536 of 559

Education Services Commvault® Professional Course May 2018

Setting the number of readers and multiple readers within a drive or mount point

Application Read Size

The application read size is the size of the application data that is read from the clients during backup jobs.

Values for the application read size must be in the power of 2; the minimum value is 64 KB, and the maximum value is
4,096KB (4MB).

Recommended values for Application Read Size

• NTFS volume 512KB

• ReFS volume 2,048KB
When the size of the application data that is read during backup jobs matches the source application’s internal buffer
allocation, the overhead is minimized and performance is improved. To achieve the optimal rate of data transfer
during backup jobs, configure the application read size based on the source application's internal buffer allocation. You
can increase the application read size to reduce the amount of data that is read from the given application. Reducing
the amount of data that is read also reduces the number of I/O jobs that are performed against the application. As a
result, overall backup performance might improve. However, backup memory usage might also increase, which might
inadvertently consume additional resources from the application.

Commvault recommends that you set the application read size at either the default value or at the
cluster size that is directed by the application.

Page 537 of 559

Education Services Commvault® Professional Course May 2018

Microsoft NTFS uses a default cluster size (allocation unit) of 4KB by default. The 4KB cluster size was established
when 2GB disks were considered large. Today, Microsoft recommends using a cluster size of 16KB or higher for NTFS
volumes on servers. Commvault recommends that you use 64KB clusters, which matches the Microsoft ReFS default
cluster size. With source data on volumes that have a 64KB cluster size, Commvault recommends using an application
read size of at least 2,048KB for NTFS and ReFS.

For information about cluster sizes, see the Microsoft support article “Default cluster size for NTFS,
FAT, and exFAT”.

Setting the Application Read Size

Page 538 of 559

Education Services Commvault® Professional Course May 2018

Virtual Server Agent Backup

General guidelines

• To optimize virtual environment data protection and recovery performance, contact Commvault Professional
Services for the latest guidance and assistance.
• Use the Commvault Virtual Server Agent (VSA) to protect most VMs. Specific I/O intensive VMs may require
more advanced protection methods.
• Use backup set or subclient VM filters to filter VMs that don’t require protection.
• Use subclient VM rules to group priority VMs for protection. For example, use the power state rule to set
infrequent schedules of VMs that are not powered on.
• Maximize VM backup concurrency by increasing the ‘Data Readers’ option. Use caution as setting the readers
option too high can cause performance degradation on backups and DataStores or volumes hosting the VMs.
As a general starting point, start with two VM backups per DataStore or volume.
• It is preferred to use physical VSA MediaAgent proxies versus virtual server MA proxies.
• Ensure there are enough proxies to handle data movement load.
• Use Commvault Client Side Deduplication and DASH Full backups.
• For larger VMs, consider using the Commvault OnePass® feature to archive older ‘stale’ data.
• Consider using multiple subclients and staggering schedules for when incremental and full or synthetic (DASH)
full backups run.
VMware specific guidelines

• Ensure VSA proxies can access storage using the preferred transport mode. SAN transport and HotAdd will fall
back to NBD mode if they cannot access VMs from the SAN or DataStore.
• Ensure Change Block Tracking (CBT) is enabled for all virtual machines.
When protecting applications in a virtual environment:

• Using the VSA to protect applications without the Application Aware feature or agents installed within the VM
may result in crash consistent backups.
• For low to medium I/O applications, use the Application Aware feature. Check the Commvault Online
Documentation for a list of applications supported by the VSA Application Aware feature.
• For I/O intensive applications, it is still preferred to use application agents installed in the VMs.
Commvault IntelliSnap® for VSA:

• Use IntelliSnap for VSA to protect I/O intensive VMs.

• Define subclients by DataStore affinity. When hardware snaps are performed the entire DataStore is snapped
regardless of whether the VM is being backed up.
• For smaller Exchange or MS-SQL databases (less than 500GB), application consistent snapshots can be
performed using the IntelliSnap feature and VSA.

Page 539 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings – Database & Exchange

Database Agents
General Guidelines

• For large databases that are being dumped by application administrators, consider using Commvault database
agents to provide multi-streamed backup and restores.
• When using Commvault database agents for instances with multiple databases, consider creating multiple
subclients to manage databases.
• For large databases, consider increasing the number of data streams for backing up database. For multi-
streamed subclient backups of SQL and Sybase databases, the streams should not be multiplexed. During
auxiliary copy operations to tape if the streams are combined to a tape, they must be pre-staged to a secondary
disk target before they can be restored.
• For MS-SQL databases using file/folder groups, separate subclients can be configured to manage databases and
file/folder groups.

Database Agent Streams

Disk I/O is the most costly, time-consuming portion of a data movement operation. Using parallel data readers (also
called data streams) can improve performance. For databases, the Number of Data Readers value determines the
number of parallel read operations that are requested from the database application.

Page 540 of 559

Education Services Commvault® Professional Course May 2018

Before you modify the number of data readers, Commvault recommends recording baseline
throughput performance using the default settings, which are the recommended settings. You can
then modify the number of data readers until you achieve the fastest throughput performance.

SQL data streams configuration

Page 541 of 559

Education Services Commvault® Professional Course May 2018

Microsoft Exchange Database Agent

Application Read Size

The performance of both regular backup operations and IntelliSnap backup operations of an Exchange Database can
benefit greatly from an application read size of 4MB (4,096 KB). The default value is 64KB.

For most Data Availability Group (DAG) environments, backup operations are performed on the passive node, and
memory usage for the application read size is not a concern. If production performance problems occur, then you can
decrease the application read size.

Multi-streamed Exchange Database Backups

Multi-streamed backups of Exchange database reduce backup time by allocating streams on a per database level. The
maximum number of streams that is used by a backup is determined by the number of databases in the Exchange
environment. If a subclient’s content contains four databases, then four streams could be used – each stream
protecting one database.

In a DAG environment, the stream allocation is based on the number of nodes. When the job starts, the stream logic
automatically assigns one stream to each node. If there are additional streams remaining, they are allocated based on
which node has the most databases. The stream allocation process continues in order of Exchange servers in the DAG
environment containing the most databases to fewest in a prioritized round-robin method until all streams are
allocated.

Configure Multi-Streamed Exchange Database Backups

Page 542 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings - Network

Pipeline Buffers
By default, Commvault software establishes 30 Data Pipeline buffers for each data movement connection. You can
increase the data transfer throughput from the client by increasing or even decreasing the number of Data Pipeline
buffers. The number of the Data Pipeline buffers depends largely on the transport medium.

To set the number of pipeline buffers, use the ‘nNumPipelineBuffers’ additional setting.

Although the maximum value for ‘nNumPipelineBuffers’ is 1,024, if you use a value that is greater than 300, you
should consult with Commvault Support. When you increase the number of Data Pipeline buffers, the client or
MediaAgent consumes more shared memory. When available memory is low, this consumption of shared memory
might degrade the server performance for other operations.

Recommended values for nNumPipelineBuffers:

• Internet - 30 buffers
• 100BASE - 30 buffers
• 1000BASE - 120 buffers

Page 543 of 559

Education Services Commvault® Professional Course May 2018

Add Pipeline buffers additional setting

Network Agents
Network agents are threads or processes that transfer data to and from the network transport layer. Each network
agent spends half its time reading and half its time writing. For higher speed networks, having multiple networks
agents can improve performance.

Network agents consume both CPU and memory resources. Commvault usually recommend increasing the number of
network agents only for backup operations of large databases to LAN-free MediaAgents.

Default values and valid values for the number of network agents:

• Windows default – 2. Valid options 1 – 4

• Unix default – 1. Valid options 1 – 2

Page 544 of 559

Education Services Commvault® Professional Course May 2018

Network Agent configuration for a Windows subclient

Page 545 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings – Disk Storage

Disk Storage
Chunk Size
Chunk sizes define the size of data chunks that are written to media and is also a checkpoint in a job. The default size
for disk is 4GB. The default size for tape is 8GB for indexed based operations or 16GB for non-indexed database
backups. The data path ‘Chunk Size’ setting can override the default settings. A higher chunk size results in a more
efficient data movement process. In highly reliable networks, increasing chunk size can improve performance.
However, for unreliable networks, any failed chunks must be rewritten, so a larger chunk size could have a negative
effect on performance.

Chunk size recommendation for disk storage

Storage media Job type Default chunk size Recommended chunk

size

Disk All data protection jobs 4 GB 512 MB – 8 GB

Direct-attached All data protection jobs 8 GB N/A

NDMP

Page 546 of 559

Education Services Commvault® Professional Course May 2018

Chunk size settings for a disk data path

Chunk size configuration for MediaAgents

Use the ‘DMMBCHUNKSIZE’ additional setting to control the chunk size of the data write jobs that go to the
MediaAgent on which the additional setting is created.

The chunk size that you specify in the additional setting overrides the values that you specify in the chunk size that
you specify for the CommCell® in the Media Management configuration.

Page 547 of 559

Education Services Commvault® Professional Course May 2018

Configuring MediaAgent chunk size

Block Size
MediaAgents can write to media that is formatted with different block allocation sizes or file allocation sizes if the
MediaAgent operating system supports those sizes. Using a larger block size for disk library volumes can reduce
overhead and thus increase the speed of write operations to media.

Linux ext3 and Microsoft NTFS use a default block (allocation unit) of 4KB. The 4KB block size was established when
2GB disks were considered large. Today, Microsoft recommends using at least a 16KB block size or higher for NTFS
volumes. Commvault recommends that you use 64KB, which matches the Microsoft default value for the ReFS block
size.

You can increase the Linux ext3 block size only on an Itanium system. For other file systems, consult your OS vendor
documentation for your file system’s available block sizes.

Page 548 of 559

Education Services Commvault® Professional Course May 2018

Block size settings for a disk data path

Unbuffered I/O for Windows® MediaAgent

If the source copy is on disk and is managed by a Windows MediaAgent, then enable the Use Unbuffered I/O option
for each mount path. Using unbuffered I/O can significantly improve performance.

To increase the speed of jobs that access the mount path, you can configure the MediaAgent to bypass the Microsoft
Windows file system buffering.

You can make this configuration for Windows MediaAgents and for disks that are mounted directly (not for UNC
paths).

Page 549 of 559

Education Services Commvault® Professional Course May 2018

Unbuffered I/O configuration for Windows MediaAgent

Unbuffered I/O for UNIX/Linux MediaAgent

A similar option is available for UNIX/Linux based MediaAgent, however, it must be enforced at the operating system
level and not through the Commvault® software GUI. It can be achieved using two methods:

• Method one – Use the GFS tool provided by most UNIX/Linux based OS. This tool sets a direct I/O flag to a
directory and all its current subdirectories and files. Once enabled, any new directory or files created will also
inherit the direct I/O attribute. It can be turned on (using the setflag parameter) or off (clearflag) as desired.

• Method two – Use the Unbuffered I/O configuration for Linux MediaAgent:
• Gfs_tool setflag inherit_directio MyDirectory
Mount the NFS filesystem using the force direct I/O flag (forcedirectio). For as long as the filesystem is
mounted, it will bypass the operating system buffer.

For more information on the GFS tool or the mount direct I/O option, refer to your operating system vendor’s
documentation.

Page 550 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings – Tape Storage

Tape Storage
Chunk Size
A chunk is the unit of data that the MediaAgent software uses to store data on media. For sequential access media, a
chunk is defined as data between two file markers. By default, the chunk size is configured for optimal throughput to
the storage media.

Job type Default chunk size Recommended chunk size

Granular (index based) job 8 GB 8 – 32 GB

Database (non-indexed) job 16 GB 8 – 32 GB

Chunk Size for tape libraries can be modified on the data path for a specific tape library, or globally, using the Media
Management applet. Global chunk size settings are configured per agent type.

Page 551 of 559

Education Services Commvault® Professional Course May 2018

Chunk size settings for a tape data path

Global chunk size settings for tape media

Page 552 of 559

Education Services Commvault® Professional Course May 2018

Block Size
Before changing tape block size, ensure that the following criteria are satisfied:

• Block size is supported by the MediaAgent OS, Host Bus Adapter (HBA), and the tape device.
• All the MediaAgents that are associated with a storage policy support the block size that is configured on that
storage policy. Consider the support and the compatibility of MediaAgent platforms at any disaster recovery
site.
• If you use different MediaAgents for backup operations and restore operations, and if the backup MediaAgent
has a higher block size, then ensure that the restore MediaAgent can read data that is written with a higher
block size.
Many streaming tape drives perform a read-after-write check. If the drive detects a bad block, then the drive puts a
discard token after the block, and repeats the entire buffer write. If the drive detects a discard token, then the read
cycle has corresponding logic to replace the bad block with the replacement block.

All tapes will have media defects. If you write 1,024KB blocks instead of 256KB blocks, then the chance of any block
spanning a media defect are increased by a factor of 4. Because of the larger block size, the rewrite time is 4 times as
long as well.

Increasing block size can improve the performance of writing to tape by minimizing the overhead associated with
accessing and recording each block. If you select the data path’s Use Media Type Setting option, then the data path’s
default block size for tape is 64KB. Refer to the Commvault Online Documentation: Use Media Type Setting section for
more information.

Important notes on configuring tape block size:

• Use caution when you select large block sizes. Large block sizes can vastly increase error rates and retries.
• Block size applies only to tape media in direct-attached libraries.
• Changes to the block size settings take effect when the next spare tape media is used.
• Ensure hardware at data center and other location, including DR sites support higher block sizes.

Page 553 of 559

Education Services Commvault® Professional Course May 2018

Block size settings for a tape data path

Page 554 of 559

Education Services Commvault® Professional Course May 2018

Improving Performances – Commvault® Settings – Streams

Commvault® Stream Management
Data Streams are used to move data from source to destination. The source can be production data or Commvault
protected data. A destination stream will always move to Commvault protected storage. Understanding the data
stream concept will allow a CommCell® environment to be optimally configured to meet protection and recovery
windows.

Stream settings are configured in various places within the CommCell® console including the storage policy,
MediaAgent, subclient, and library. The system always uses the lowest setting. If a MediaAgent is configured to
receive as many as 100 streams and one storage policy is writing through the MediaAgent and is configured to use 50
streams, then only 50 streams will be sent through the MediaAgent.

During a data protection job, streams originate at the source file or application that is being protected. One or more
read operations is used to read the source data. The number of read operations is determined by the number of
subclients and within each subclient, the number of data readers or data streams, depending on which agent is
managing the data. Once the data is read from the source it is processed by the agent and then sent to the
MediaAgent as job streams. The MediaAgent then processes the data, arranges the data into chunks and writes the
data to storage as device streams. The data is written to storage based on the number of writers, for a disk library, or
devices (tape drives) for a tape library.

Page 555 of 559

Education Services Commvault® Professional Course May 2018

Stream management high level overview

Stream Settings Summary Table

Features & Description
Functionality

Subclients • Subclients are independent jobs, meaning each subclient will have one or more streams
associated with each job.

Multi-stream • Most subclients can be multi-streamed. For subclients that do not support multiple streams,
subclients multiple subclients are used to multi-stream data protection jobs.
• Data readers are configured in the General tab of the subclient.
• Data Streams are configured in the storage device tab for MS-SQL and Oracle subclients.

Non-Subclient based • Agents such as the new Exchange Mailbox agent manage streams at the object level. For
agents Exchange, each mailbox is protected as a single stream.
• The default subclient data readers setting is still used as the primary stream governor for the
maximum number of concurrent objects that can be protected.

Job Streams • Job streams are active network streams moving from source (client or MediaAgent) to
destination (MediaAgent).
• The Job controller shows the total number of job streams currently in use in the bottom of the
window and the job stream ‘high watermark’ for the CommCell environment.
• Add the ‘Number of Readers in Use’ field in the job controller to view the number of streams
being used for each active job.

Device Streams • Configured in the Storage Policy properties.

• Determines how many concurrent write operations will be performed to a library. This number
should be set to equal the number of drives or writers in the library to maximize throughput.
• Multiplexing is used to consolidate multiple job streams into single device streams.

Drives • For a removable media library writing data sequentially to devices, there will be one device
stream per drive.

Writers • For a disk library where random read/write operations can be performed the number of writers
should be set to allow the maximum throughput without creating bottlenecks in your network,
MediaAgents, or disks.

Page 556 of 559

Education Services Commvault® Professional Course May 2018

Thank You
At Commvault, we have a strong focus on providing quality education. We use a 3-tier student survey process to
assess your learning experience, how the training affected your ability to be more productive using Commvault
products, and finally how the training impacted your ability to enhance and improve the impact Commvault products
have in your data management environment.

1. The initial ‘Learning Experience’ or course survey can be done as soon as your course is complete via
Education Advantage. We’ll show how to launch the survey on the next slide and take 10-15 minutes for
all to complete it.
2. The ‘Learning Effectiveness’ follow-up survey is sent to all students about 6 weeks after your course via
email. We are looking for your input on how you were able to apply the skills learned in your environment
and whether there is content we need to add to our courses to better address your skills needs (something
that may not be evident at course completion).
3. 3-6 months after completing your course you will receive the Education Value Survey via email from
Techvalidate. We use a third party to collect, audit, and validate these survey responses. This survey is used
to assess the impact training has had on your business and data management environment. Were you better
able to leverage Commvault products, with better performance, better resource usage? Were you better
skilled, reducing reliance on customer support for product usage queries over time? Finally, we ask based on
your Commvault learning experience, how likely you would be to recommend Commvault training to a friend
or colleague. This one question produces an overall learner satisfaction (or Net Promotor) score. This metric
is used to measure (at a high level) how we are doing overall.

Page 557 of 559

Education Services Commvault® Professional Course May 2018

We strive to meet your highest expectations and highest survey marks. If we fail to meet your
expectations with the learning experience, please provide specific comments on how we can
improve. We take all comments seriously and will adjust our offerings to better support your
needs.

Page 558 of 559

COMMVAULT.COM | 888.746.3849 | EA.COMMVAULT.COM

©2018 COMMVAULT SYSTEMS, INC. ALL RIGHTS RESERVED.