COMMVAULT SnapProtect FieldGuide For NetApp Storage Including SnapMirror and SnapVault Integration PDF

Simpana SnapProtect Field Guide for
NetApp Storage
June 2011
Configuring SnapProtect on NetApp Storage Page 1

Contents
SnapProtect Field Guide Objective & Overview ...................................................................................4
NetApp Storage Overview ..................................................................................................................6
CommVault Integration Requirements for SnapProtect .......................................................................8
Array Software Licenses ............................................................................................................................ 8
Simpana Software ................................................................................................................................... 10
Software Requirements ...................................................................................................................... 10
Basic File System Environments .......................................................................................................... 10
Application Environments ................................................................................................................... 11
NAS Environments .............................................................................................................................. 11
Virtual Environments .......................................................................................................................... 11
SnapVault and SnapMirror Environments .......................................................................................... 12
Supported Applications and Operating Environments ....................................................................... 12
SnapProtect Array Configuration Details with NetApp FAS ................................................................ 13
NetApp Array Configuration ................................................................................................................... 13
SnapVault & SnapMirror ......................................................................................................................... 15
Data Fabric Manager (DFM) ................................................................................................................ 15
Steps to Configure the NetApp Architecture .......................................................................................... 16
SnapProtect Storage Policy Configuration .............................................................................................. 18
Enabling SnapVault and SnapMirror ................................................................................................... 21
The SnapProtect Process .................................................................................................................. 24
SnapProtect Backup Operation........................................................................................................... 24
Backup Copy Operations ..................................................................................................................... 24
Production Host Configuration ............................................................................................................... 26
For NAS Configurations ....................................................................................................................... 26
Application Configurations ................................................................................................................. 29
For VMware Configurations ................................................................................................................ 33
Microsoft HyperV Configurations ....................................................................................................... 35
Proxy Configuration ................................................................................................................................ 37
For Exchange ....................................................................................................................................... 37
For Oracle ............................................................................................................................................ 38
Configuration Verification Using SnapTest ........................................................................................ 40
Security & Storage Policy Best Practices............................................................................................ 47

Security Roles ...................................................................................................................................... 47
Storage Policies ................................................................................................................................... 49
Manipulating Snapshots ................................................................................................................... 51
Mount/Dismount Snaps for Manual Browse .......................................................................................... 52
Reverting a Snapshot .............................................................................................................................. 55
Application Aware Revert ................................................................................................................... 55
Non Application Aware Revert............................................................................................................ 58
Out of Place Restore Capabilities – (VMware Example) ......................................................................... 60
Appendix ......................................................................................................................................... 64
The SnapMirror Process Explained ......................................................................................................... 64
SnapMirror and DataAging Explained ................................................................................................. 67
VADP-SPE User Permissions .................................................................................................................... 71
Snap Reconciliation Registry Key ............................................................................................................ 72
Array Credentials for a Non Root User ................................................................................................... 73

SnapProtect Field Guide Objective & Overview
The SnapProtect Field Guide provides detailed descriptions for configuring hardware based
snapshot mechanisms with the CommVault Simpana Platform. This guide covers a brief introductory
overview of the storage array with its built in technology and feature sets, along with the licenses and
configuration requirements to integrate these controls with the CommVault Simpana Platform. This
document covers multiple storage environments and use cases in detail with Best Practices for
scheduling and Storage Policy management to achieve consistent results both for recovery and
protection needs.
Simpana SnapProtect enables a modernized approach to data protection merging hardware
storage systems snapshots directly into the protection/backup process. By automatically integrating
application intelligence with the array snapshot abilities, Simpana is able to reach through the
application and file systems into the storage array and discover volume/disk configurations for the
snapshot operations and coordinate these operations with proper application quiesce – minimizing
administrative configuration and eliminating any scripting requirements.
When a scheduled protection job for the defined application runs, the source system quiesces
the selected applications and automatically creates a set of persistent snapshots within the production
storage system. Upon confirmation of successful snapshot creation by the host, the workload in the
protection job shifts to a secondary proxy server to offload backup operations. This shift releases the
production host and it returns to full production side operations. This allows a consistent data image to
be created in minutes with RPOs aligning with the frequency of schedule.
The Proxy completes the second half of the protection job by reaching into the SAN, mounting
the snapshot and automatically indexing and cataloging the file-level contents of the snapshots relative
to the production host and the selected contents while preserving application context. Unlike hardware
based tools Simpana extends beyond simply creating or deleting snapshots. SnapProtect blends the
speed and efficiency of array snapshots directly into the backup /recovery process – offering full system
recovery or single file/search and restore. Once the content aware indexing completes, the snapshot is
retained in the array as a persistent recovery copy to provide the rapid recovery option to revert or
restore the data volumes.
The Proxy also serves a secondary role after the snapshot executes. The same snapshots can be
mounted and the relevant file contents copied from the snapshot to the backup copy destination.
Using the Proxy for this data movement offloads the backup burden from the production servers. The
backup copy employs a separate retention than the snapshot allowing aggressive snapshot retention to
conserve tier1 space to meet the RTO/RPO needs. As the data moves into the backup copy the original
indexes are preserved and stored along with the data to ensure access from any location. More
importantly, the backup copy leverages Simpana’s data deduplication to move and store less data. In
light of many of today’s new privacy regulations, data encryption may also be a critical feature to apply
to data to keep it highly secured from unwanted eyes. A modernized data management system ensures
you can take advantage of both benefits at the same time; deduplicating data for reduction while also
encrypting it for security without impacting Production Processes.

SnapProtect supports the leading SAN/NAS storage solutions from Dell, EMC, NetApp, LSI, HP,
SUN, IBM and HDS. As of Simpana 9 Service Pack 2, CommVault integrated SnapProtect with the Thin
Replication capabilities of the NetApp Storage Architecture. This enables joint CommVault and NetApp
customers to leverage SnapVault and SnapMirror between NetApp arrays to provide disk to disk
backups by only moving the changed blocks from one NetApp Array to the other through the Thin
Replication relationships defined on the storage. Snapshots within the NetApp array replicate to
another array while maintaining all previously mentioned capabilities for off-host proxy backups,
indexing of all snapshot copies, etc. This provides customers with NetApp Storage a truly integrated
approach to managing large data sets by leveraging one data management platform to create, mount,
dismount, retain, recover, and delete snapshots as well as create thin provision replication policies and
even provision storage on the secondary NetApp Array.
Please refer to www.commvault.com for the most up to date revision of the supported
hardware and software configurations.

NetApp Storage Overview
NetApp provides customers a storage platform to meet all storage needs. From NAS-based
storage to block based storage, NetApp continues to provide leading edge technology in the storage
space for Physical, Virtual, and Network based storage. This guide provides a brief storage technology
overview and necessary steps to configure Simpana SnapProtect with NetApp FAS systems.
The NetApp FAS devices provide a unified storage platform for mixed data types and access
protocols via the ONTAP operating system. NetApp supports NFS and CIFS based protocols for NAS
storage as well as the ability to provision block-based storage for Fiber Channel and iSCSI connections.
NetApp supports SATA, Fiber Channel, or SAS disk drives grouped together into RAID groups. RAID
groups combined together into a pool of storage are “aggregates” from which volumes may be
provisioned. The Data ONTAP operating system leverages these aggregate pools to configure "flexible
volumes" for storing end user data. This type of thin provisioning enables NetApp storage arrays to
virtualize multiple volumes over a vast number of spindles without the 1:1 RAID group restriction per
volume. The thin provisioning capability increases overall performance on the array and enables
customers to better utilize their storage capacity much more effectively. Traditional volumes may also
be leveraged (where one or more RAID groups form a single static volume), but the abilities of thin
provisioning has reduced their use. Flexible volumes offer advantages such as dynamic resizing,
leveraging multiple spindles, and better performance for multiple volumes leveraging the same spindles.
The only negative, a big one, is if space runs out in an aggregate, all shared volumes will be effect
negatively so judicious IT monitoring is typically employed. NetApp has also enable checks and balances
to help customers manage largely thin provisioned environments.
The basis of NetApp’s storage platform is the Data ONTAP operating environment. NetApp’s
Data ONTAP implements snapshots by tracking changes to disk-blocks on the WAFL file system.
Changes that occur between snapshot operations are stored with pointers providing direct access the
data set at the snapshot point in time. Due to the write-optimized fashion for executing snapshots,
ONTAP executes snapshots in seconds. This differs from the snapshot technology provided by other
storage vendors, which incorporate Copy-On-Write functionality (Changed blocks are written out to
defined snap storage at the time of write). NetApp eliminates write penalties associated with Copy-On-
Write and highlights this as core differentiation for leveraging snapshot technology for DR, and fast SLA
data access. NetApp introduced FlexClones in ONTAP 7 to allow snapshots to be mounted and
modifiable. This becomes extremely important for data operations, refreshing environments, and fast
access to data. Snapshots also have formed the basis for NetApp thin replication between two NetApp
arrays via SnapVault and SnapMirror. Both processes require a Primary and Secondary Array license for
SnapMirror or SnapVault, where the Primary License is for the source locations and the secondary is the
destination location.

While very similar in function, SnapVault and SnapMirror are two different technologies.
SnapMirror relationships are between a specified source volume on a primary array and a destination
volume where the replica lives on the secondary array. Once this relationship is created, SnapMirror will
creates a snapshot copy of the data on the source volume and then copy only the delta blocks from the
source to the destination read only volume. Updates can occur in a Synchronous, Semi Synchronous, or
Asynchronous fashion (Simpana only supports a scheduled asynchronous replication today). When the
scheduled replication occurs, the updates to the destination volume only reflect the incremental
changes seen on the source. The result of this process is an online, read-only volume containing the
same data as the source at the time of the most recent update, including any snapshots present on the
source volume. Manually severing the SnapMirror allows the destination SnapMirror volume to be
accessed as read write, or alternatively snapshots may be mounted as a FlexClone to execute DR
operations from the destination volume.
SnapVault relationships are between a specified source volume/qtree on a primary array and a
destination volume/qtree where the replica baseline and snapshot vaulted versions live on the
secondary array. For each Snapshot set, SnapVault saves the number of primary storage Snapshot
copies you specify. The SnapVault secondary storage system carries out a specified set of scheduled data
transfer and Snapshot actions. For each of its secondary volume/qtrees on a given volume, SnapVault
retrieves, from the Snapshot data of each corresponding primary volume/qtree, the incremental
changes to the primary volume/qtrees made since the last data transfer. Then SnapVault creates a
volume Snapshot copy of the changes in the secondary volume/qtrees. For each transfer SnapVault
saves the number of secondary storage Snapshot copies specified. The primary difference between
SnapVault and SnapMirror is that SnapVault target volumes are not exact replicas of the source volumes
– they can have different retention criteria for the snaps than the source volumes.
In SnapProtect all of these operations are orchestrated by a set of APIs built into DFM (Data
Fabric Manager). DFM registers each of the arrays, and creates policies and relationships that define the
replication topology, schedule, and retention. Required DFM components are:
 Operations Manager
 Protection Manager
 Provisioning Manager

CommVault Integration Requirements for SnapProtect
Array Software Licenses
CommVault recommends, and depending on the application environment requires, enabling the
following Array Licenses on the FAS to integrate with CommVault Software.
 FCP, ISCSI, CIFS, NFS – These Array licenses enable features such as Fiber Channel Protocol, iSCSI
protocol, CIFS file sharing and NFS File Sharing. Enable the appropriate license for those specific
data types managed by CommVault and NetApp.
 DataFabric Manager (DFM) - A server running NetApp DataFabric® Manager server software.
DataFabric Manager 4.0.2 or later is required with licenses for Protection Manager, Operations
Manager, and Provisioning Manager.
 FlexClone - NetApp FlexClone enables true cloning, instant replication of data volumes and data
sets without requiring additional storage space at the time of creation. Each cloned volume is a
transparent, virtual copy for use for essential enterprise operations, such as testing, bug fixing,
platform, and upgrade checks, multiple simulations against large data sets, remote office testing
and staging, and market-specific product variations. FlexClone is required to mount CIFS/NFS
share snapshots for data protection. Any solution leveraging CIFS/NFS snapshots must have the
flex clone license.
In the absence of FlexClone in a Block-based configuration, SnapProtect will default to LUN
Clone operations. Remember a LUN in NetApp is simply a file defined in a volume for
presentation to a host. Depending on snapshot schedules, you will have a new LUN created
within the same volume as the parent LUN. This will use no storage, and is great for running
verifications, testing, reporting or even protection.
LUN clones may prove to become problematic due to the nature of snapshots and the location
of LUN clone data. A volume snapshot takes a copy of the file pointer tables of an entire
volume. A LUN clone creates thin-provisioned clones of the parent LUN internal to the defined
volume. Despite using no actual storage, the LUN clone becomes data snapped by any new
snapshots taken after the LUN snapshot. This is where potential problems start as locked
volumes and busy snapshot conditions may arise. To eliminate these complexities or
management concerns FlexClone is highly recommend for Block devices as well as NFS and CIFS
shares.
 SnapRestore – Enables the ability to revert back single files, LUNS, and Volume from a snapshot
in seconds. This drastically improves recovery performance as a copy out is not necessary.
 SnapMirror - NetApp replication technology used for DR. A “mirror” copy uses SnapMirror and
requires a SnapMirror Primary and Secondary License to be available.
 SnapVault - NetApp replication technology used for backup and recovery. A “vault” copy uses
SnapVault and requires a SnapVault Primary and Secondary License to be available.
No required software on the Production Host or Proxy is necessary for NetApp snapshot integration.

Application/Environment Connection Minimum ONTAP FAS Licensed Feature
Protocol Version2
Application & FS iDAs iSCSI, FC, NFS 7.3.5 FlexClone1, Snap Restore
NAS iDA (NetApp Only) CIFS, NFS 7.3.5 FlexClone, SnapRestore
Virtual Server iDA iSCSI, FC, NFS 7.3.5 FlexClone, SnapRestore
1 - With Block Based Storage, Flex Clone is not explicitly required. If FlexClone is not available, the FAS will default to LUN Clone.
2- C-MODE is not supported by SnapProtect as NetApp has not rolled out support for C-Mode DOT environments with the
necessary SnapVault/SnapMirror capabilities.

Simpana Software
Software Requirements
CommVault for SnapProtect solutions will require the appropriate data agents as defined by the
customer configuration. Below we will define a few terms in use going forward in this document:
 Production Host – Server housing the actual production LUN being snapped or cloned
 Proxy – Server mounting the snapshot or clone for backup purposes off of the Production Host
 Array – Hardware Storage Array executing the snapshots
 File System iDA – iDataAgent for protecting the file system of a host
 MediaAgent – Agent for creating and managing snapshots as well as for writing data to backup
targets
 Application iDA – Agents providing for application aware data protection operations for
applications such as SQL, Exchange, Oracle etc. Enables Application Aware snapshots
 Virtual Server Agent (VSA) – Agent providing protection of Virtualization Environments without
placing backup agents internal to the guests
 VSS Provider – CommVault VSS Provider for Windows to allow for creation of snapshots with
application consistency
 NAS iDA – Logical IDA linked to an NDMP host for data protection operations
Note** - To enable SnapVault and SnapMirror functionality, the appropriate NetApp Hardware licenses
must be available and the CommCell must have license type 196 added to provide support.
Basic File System Environments

As with all configurations, a CommServe, necessary storage capacity, and MediaAgents must
exist to enable a completely functional solution. On top of the basic infrastructure components, the
SnapProtect base configuration requires the following agents on the Production Host:
 File System iDA (for the appropriate Operating System)

 MediaAgent
 CommVault VSS Provider (Windows Only)
For a configuration where snapshots mount off host to a Proxy server, implement the following
agents on the Proxy server.
 File System iDA (Must be similar to Production Host OS)

 MediaAgent

Application Environments
When implementing for Application Environments simply add the appropriate snap supported
Application iDA to the SnapProtect base configuration as
follows on the Production Host:
 File System iDA (for the appropriate Operating
System)
 MediaAgent
 CommVault VSS Provider
 Application iDA for selected Application
For a configuration where snapshots mount off host

to a Proxy server, implement the following agents on the
Proxy server. With SnapVault and Mirror capabilities the
option to choose a Proxy Server from the Secondary Array is
possible. To do so, the same software components must
be available in the “Proxy to Tape Server” as well.
 File System iDA (Must be similar to Production Host
OS)
 MediaAgent
 Application specific binaries to enable Proxy application API protection
(i.e. – Exchange Management Pack, Oracle for RMAN integration, etc.)
NAS Environments
For Network Attached Storage environments (NetApp Only) the configuration is slightly
different. Since a NAS iDA is a logical agent pointing to an assigned IP address to the NetApp FAS,
nothing must be installed for the Production host. Simply configure the NAS iDA per Books Online and
check the “enable SnapProtect” box under the client advanced properties to enable local ONTAP snaps
to drive the protection operation. There is no notion of a Proxy in this configuration due to the local
nature of the ONTAP snapshot. NDMP operations will simply function from the primary FAS.
In the scenario where the customer wants to execute “crash-
consistent” snapshots of VM, database, or application environments,
the best way to achieve this is through the NAS iDA. It allows the
customer to define the Volume, qtree, or LUN as the contents of a
NAS iDA subclient and execute a crash consistent snap at the
schedule defined on the subclient.
Virtual Environments
The SnapProtect with the Virtual Server Agent enables point-
in-time snapshots with hardware snapshot engines to provide
snapshot functionality for data protection operations of virtual
guests. Using a dedicated ESX server for selective copy to tier2
storage completely removes any utilization on the Production ESX
farm. The copy operation to tier2 storage enables Granular
Recovery for individual file and folder recovery.

To enable SnapProtect for the Virtual Environment ensure the following:
 File System iDA (for the appropriate Operating System)
 MediaAgent
 Virtual Server Agent (VSA) iDA
The virtual server Agent may be running as a Hot Add mode guest external to the production
farm to eliminate processing. The Virtual Server Agent leverages Proxy capabilities by default with no
agents installed on the ESX server.
SnapVault and SnapMirror Environments

SnapProtect now extends enterprise management for backup and recovery in the data center
for local Snapshot copies on NetApp primary storage and replication to secondary and tertiary storage,
as well as tape creation. Any of the above environments discussed (application data, file data for NAS,
file data in LUNs, or data in virtualized environments) with SnapVault and SnapMirror enables
management, storage provisioning, cataloging, and the granular recoverability for seamless operation
off of any copy.
Supported Applications and Operating Environments

See Books Online for a complete listing of supported SnapProtect Applications and Operating
Environments and any potential solution caveats.
http://documentation.commvault.com

SnapProtect Array Configuration Details with NetApp FAS
NetApp Array Configuration
Provisioning storage as a NFS/CIFS target or a LUN requires physical disks assignment in the
Array to an Aggregate for storage usage. Volumes creation occurs within the Aggregate grouping of
disks internal to the Array. Generation of Shares and Qtrees for NFS/CIFS access occurs within these
volumes. Additionally LUNS live internal to the volumes for block-based access to hosts. NetApp’s
snapshot mechanism is a pointer-based approach so blocks of the active file system blocks co-mingle
with snapshot blocks internal to the LUN. Ensure sufficient space is available for snapshot generation
and retention of the point in time copies. The required space directly correlates to the change rate of
the data stored on the LUN and the number of snapshots retained. NetApp’s default setting is 20% for
snapshot capacity. In the graphic below, note that the total volume size is greater than the total
capacity. The extra space designates the reserved area for snapshots.
Note** - Ensure the Volumes/LUNS have enough space to accommodate the retention settings internal
to Simpana for SnapProtect functions.

Other Provisioning Best Practices include:
 When Possible - Group LUNs according to their rate of change:

When planning for Snapshots, do not create LUNs with high rate of change in the same
volumes as LUNs with a low rate of change. When calculating the size of volumes, use rate
of change to determine the amount of space necessary for Snapshots. ONTAP takes
Snapshots at a volume level and the rate of change of data in all LUNs affects the amount of
space needed for Snapshots.
 A 1:1 Volume to LUN relationship is not Necessary, but may simplify Storage and Application
Management. It is also best practice to ensure each LUN lives within a Qtree in SnapMirror and
SnapVault configurations.
Thin Provisioned Volumes with LUNS are a great way to provide flexibility to your storage
provisioning and snapshot management; however, it is not required. SnapProtect will still
provide the full suite of capabilities for recovery regardless of the Volume to LUN
relationship and ratio.
 Disable NetApp Schedule for Snapshots on Volumes

CommVault highly recommends disabling the native NetApp schedule for snapshots on
volumes Simpana manages. This ensures snapshot retention and storage use is in line with
the policies defined within Simpana. This may accomplished by un-checking the Scheduled
checkbox for the volume from Filer View (below) or System Manager.

Note** – Failing to disable the internal snapshot scheduling set by default may cause contention issues if
multiple calls occur at the same time for snapshot creation. Snapshot retention management only
applies to CommVault Simpana generated snapshots.
SnapVault & SnapMirror

Data Fabric Manager (DFM)
To Integrate SnapVault and SnapMirror it required to install Data Fabric Manager 4.0.2 and
register all pertaining NetApp arrays with the Management Console. DFM may be installed on any
Windows server in the environment and will require licensing keys for Operations Manager, Provisioning
Manager and Protection Manager. Multiple DFM instances can be leveraged for distributed
environments and redundancy control.
Once installed it is required to define
“Resource Pools” for the SnapVault secondary and
SnapMirror secondary targets. SnapProtect will
automatically provision the proper Qtree, volume,
and/or LUN configuration for the desired source
contents of the defined resource pools. Resource
Pools are allocated by adding defined aggregates in
the NetApp FAS. These can be created from within
the NetApp Management Console.

Steps to Configure the NetApp Architecture
Defining configuration properties for the NetApp Architecture requires arrays and DFM servers
leveraged for SnapProtect to be defined in the Array Management area of the Simpana Control Panel.
Defining the NetApp component to the platform enables execution of snapshot operations during the
appropriate backup jobs using the credentials provided.
To define a NetApp FAS:
1. Click on Array Management in the Control Panel
2. Select Add on the Array Management Dialog Box
3. Select “NetApp” for the Snap Vendor dropdown
4. Enter the Fully Qualified Domain Name or IP address of the

Controller for the FAS in the Array ID field, or the FQDN of the DFM
server in the Name field.
5. Enter a username and confirm the username password for the

Username and Password fields. DFM will use the login credentials
for the NetApp Management Console, while registered FAS will use
local login rights (Root, etc. See Appendix for specific security rights
for a non-Root user)
6. For NetApp Arrays, ensure the “File Server” button is selected. If it

will act as a Primary Array in a SnapVault or SnapMirror relationship,
ensure the Primary Checkbox is marked. This will also consume a
license for SKU based customers. If this is a DFM component,
ensure the DataFabric Manager button is selected.
NetApp NFS Specific Integration Notes

1. For VMware ensure the VMware Data Store array ID (FQDN or IP address in vCenter) matches
what the array ID (IP or FQDN) in Array Management. For example, if the Data Store leverages the
NetApp controller IP address then utilize the NetApp IP address for Array Management. The same
rule applies for applications leveraging NFS storage. Ensure the same naming convention appears
in array management as it appears for the application access.
2. For NFS Data Stores in VMware configurations Repeat Steps 2 – 7 from the preceding page for
each IP used for NetApp NFS storage into Array Management. A single IP for a management
interface is not sufficient for NFS configurations with SnapProtect in VMware
3. The VSA will need visibility into the storage network for NFS and iSCSI implementations. This may
require a second network connection on the VSA for isolated storage networks.

SnapProtect Storage Policy Configuration
SnapProtect operations require a “Primary Snap Copy” to house the indexing information for
the data retained internal to the snapshots. Any currently defined or newly created Storage Policy
supports the addition of an additional “Primary Snap Copy”. For detailed information on Storage Policy
creation and the options available for configuration see the online documentation at:
http://documentation.commvault.com/commvault/release_9_0_0/books_online_1/english_us/en-
us/universl/subclient/storage_device.htm
To create configure a Storage Policy with a Snapshot Copy:
1. Select a Storage Policy and right click; select “All Tasks”; select “Create New Snapshot Copy”
2. Define a unique Copy Name of the newly created Snapshot Copy and define the Library and
MediaAgent where the Snapshot Copy indexing information will be stored.

3. Select the Retention tab and define retention for the number of days or cycles the snapshots will
live internal to the array and click OK to create the Snapshot Copy
The configured Storage Policy will show both the previously defined Primary Copy and the new
Snapshot Copy as seen below.
4. To protect Snapshot data in the Primary Snap Copy to the Primary Storage Policy Copy initiate a
Backup Copy to backup the selected jobs. To define which snapshots are marked for inclusion of
the backup copy operation select the previously configured Storage Policy, right click and go to
properties.
5. Select the “Snapshot” tab. Under the Snapshot tab are the options to define which snapshots
generate backup copies. The selection rules allow all snapshot operations to drive a synchronous
backup copy or selectively choose snapshots based upon timing or manual selection. Any job
meeting the rules for backup copy will be mounted on the defined proxy upon executing the
backup copy operation.

6. To execute the Storage Policy Backup Copy operation, simply right click on the Storage Policy,
select All Tasks, and Run Backup Copy. The Backup Copy dialog box allows for backup copy
creation on demand or through a schedule.

Enabling SnapVault and SnapMirror
SnapVault and SnapMirror copies are managed and controlled by creating a specified SnapCopy
for the Vault and Mirror destinations. Execution of the Vault or Mirror process initiates through a
simple Auxiliary Copy operation between Snap Copies. Simpana supports all Vault and Mirror
configurations supported by NetApp Protection Manager Policies.
To create configure a Storage Policy with a Snapshot Copy:
1. Select a Storage Policy and right click; select “All Tasks”; select “Create New Snapshot Copy”
2. On the General Tab define the copy name as well as the disk library target for indexing. Select the
“Protection Type” as a Mirror or Vault Copy. Note, if Mirror is selected, the retention tab will
remain greyed out as the Mirror copy will inherit the retention values of the primary Snap Copy. If
Vault is chosen the Retention Tab will be enabled to define specific retention needs.
3. Under the Copy Policy Tab, define the Source Copy from which the Mirror or Vault process will
execute from. A mirror can come from the Primary Snap copy or from another Mirror or Vault
Copy. Same for a Vault Copy, with the one exception, a Vault cannot specify another Vault copy
as the Source (this is not supported by DFM architecture with NetApp)

4. Next go to the Provisioning Tab and select the Resource Pool (automatically imported from DFM)
as the destination storage location for the Vault/Mirror copies.
5. Click Ok. At this point DFM will execute upon a conformance check and will create the protection
policy internal to the NetApp Management Console.

6. To execute the NetApp Thin Replication for Mirror or Vault, simply execute an Auxiliary Copy from
the Source Snap Copy to the destination. Schedule this process as often as desired to synchronize
the snapshot points in time from one array to the next.

The SnapProtect Process
SnapProtect Backup Operation
SnapProtect backups encompass the following operations:
1. Backup job initiates from the CommCell Console via schedule or an on demand Job
2. When the backup job starts the files system or associated applications or Virtual Machines
properly acquiesce (VSS calls in Windows or through application interfaces such as RMAN to put
the DB in a hot protection mode). In VMware configurations, vStorage APIs are called to create
software snapshots and enable delta file creation for each of the guests targeted as contents of
the snapshot.
3. Array API calls proceed next to:
a. Verify the backup job contents (validate underlying disk structure for file systems,
databases, VM data stores, etc. and the required log files)
b. Create a snapshot or clone
c. Mount up the snapshot on a selected proxy or the source computer for post snapshot
operations (For e.g., Scan & Catalog for File System, Integrity checks for Exchange
Database & backup to media if selected). For VMware and RMAN proxy configurations
the Virtual Machines and database files will be registered by the proxy application
software.
4. Array API calls proceed next to:
a. Unmount the snapshot and retain based upon retention rules
This snapshot now provides availability for backup copy operations and high speed restore /mount
/revert operations.
Backup Copy Operations

A backup copy operation provides the capability to copy the snapshots of the data to media. You
have the ability to enable/disable backup copy operations for a snapshot copy, i.e., once a backup copy
is enabled, the snapshots will be copied to media during a Backup Copy operation. Additionally, the
snapshots will be copied to media based on the backup copy rules specified for the snapshot copy.
A backup copy execution occurs during the SnapProtect backup or at a later time. The backup
copy operations can be useful for creating additional standby copies of data. When selecting/deselecting
a job for backup copy operations, ensure that all the dependent jobs (e.g., incremental, differential, etc.)
in the complete backup cycle are selected/deselected as the snapshots are copied to media in a
sequential order. If a previously selected snapshot has not been copied to media, a request inline
SnapProtect backup job will complete without creating the backup copy due to sequential order in
which these copies must be made. An on demand offline backup copy operations must be scheduled for
the current backup and the previously non copied job to get the data to backup media. Backup Copy
operations mount the selected snapshots in sequential fashion to execute a file system level backup of
the snapshots.

For Oracle and VMware, the backup copy operations will leverage RMAN and VADP to provide complete
object integration (table level restore, single file access, etc.) in to the backup copy store.
During the Backup Copy operation:
1. The snapshot is mounted to the source or proxy computer. The mounted snapshot receives
commands to scan and backups like a normal file system and the required contents are read.
2. The file system backup is performed to Primary Copy of the Storage Policy of all defined files. The
data is indexed and linked back to the original production host.
3. When the backup copy job is finished, the snapshot is unmounted and retained based upon
SnapCopy retention settings.
** Note – With Vault and Mirror operations it is possible to execute backup operations off of the Vault or
Mirror copy. You must define the SnapCopy for Backup Copy execution on the Storage Policy properties.
A new Subclient Option noted as “Separate Proxy for Snap to Tape” will allow servers local to the
secondary and tertiary copies to mount the desired snapshots and drive the data protection operations
to disk or tape.

Production Host Configuration
For NAS Configurations
Simpana SnapProtect supports NAS configurations on NetApp only. This configuration replaces the
deprecated Quick Recovery configurations leveraging ONTAP local snapshots to drive scheduled
snapshot operations and then execute NDMP backups from the those snaps. Like standard production
hosts, enabling SnapProtect occurs on the NAS NDMP agent for NetApp FAS Arrays.
1. Configure the NAS NDMP iDA by selecting and then right clicking on “Client Computers” in the
CommCell. Select new client, and in the next dialogue box choose NAS client. This produces the
NAS NDMP Server screen. Enter in the NetApp FAS Hostname in the “NDMP Server Hostname”
field and provide an account for “NDMP Login” with the associated password in “NDMP
Password.” Typically Root is used here (See Appendix for Security Details for non-Root users).
Click Detect to validate the configuration and login information are correct. The “Vendor” and
“Firmware Revision” should populate with the appropriate details if the detection succeeds. Click
OK to configure the NAS Client.

1. Next select the NAS iDA server name just added and right click and select “properties.” Navigate
to the “Advanced Tab” and select the “Enable SnapProtect” checkbox.
2. Create a new subclient (or simply use the default one) and select the Volumes that will leverage
snapshots for protection. It is recommended to select the NFS and CIFS shares at the VOLUME
level as NetApp snapshots will occur at the volume level. For best multi-threaded performance
create multiple subclients for separate volumes to drive higher parallelism for backup copy
creation.
3. After setting the contents, navigate to the “SnapProtect Operations” Tab and enable SnapProtect
for this Subclient by selecting the SnapProtect checkbox. Choose NetApp as the available snap
engine, and then set the appropriate Storage Policy under the “Storage Device” Tab. When
completed, choose OK to save the configuration.

4. The defined NFS/CIFS shares will now execute snapshots for their protection when backup jobs
are selected. Backup copies will enact NDMP Backups from the defined snapshots based off the
snapshot job selection in the Storage Policy. Incremental snapshots will leverage SnapDiff APIs to
execute fast incremental indexes of the snapshot copies.
Note** - Selecting Restore ACLS or Use Direct Access Restore is not applicable when restoring data from
a snapshot.
Note** - Cross-platform restores of NetApp data to Windows/Unix hosts using File System NDMP
Restore Enabler is not supported with SnapProtect enabled operations.

Application Configurations
Protecting Application Databases and log volumes through an array snapshot provides fast
access for recovery and many flexible options for data protection. SnapProtect integrates key
application awareness together with the array and our Platform to deliver all of the benefits of
traditional streaming backups with all of the performance and Proxy capabilities of a snapshot. The
application awareness allows true log consistent hot backups with appropriate log management
operations based off the contents of the data in the snapshot. SnapProtect aligns all of the log and data
base volumes and snapshots using them in concert to provide fast low impact recovery points through
the Array without scripts.
Before stepping through any configuration steps, deploy the proper agents on the Production
Host requiring snapshot integration with the Array. Application environments require:
 File System iDA (for the appropriate Operating

System) – The Base agent that manages and
protects the file system data from the Production
Host. File System contents are supported for
SnapProtect operations as well, but it is
recommended to define application data sets with
the application iDA.
**Note - If no supported Application iDA’s are available,

end-user written Pre and Post Snap scripts can be used to
acquiesce the unsupported application successfully for
SnapProtect integration.
 MediaAgent – Provides media management

capabilities to execute array functions and provide
LAN free access to snapshots for recovery
 CommVault VSS Provider – Provide VSS interaction with the array and the Simpana Platform to
ensure Microsoft applications are properly quiesced and protected during the snapshot process
 Application iDA for selected applications – Provides low level application integration for Oracle,
SQL, Exchange, VMware, Hyper-V, DB2, SAP, etc. ensuring the appropriate APIs are called when
quiescing and releasing the application during the snapshot operations. This iDA will also align
the volumes to be snapped based off the logical databases or contents defined in the subclient
including logs. If five databases all have separate LUNS and log volumes, the application agent
will defined the contents appropriately for all ten volumes to be snapshotted together.

The following steps will configure the implemented Application Environment for SnapProtect
operations:
1. First, enable SnapProtect on the Application Server acting as the Production Host in the CommCell
GUI. Right Click on the server name, select “All Tasks”, and then select “Properties.”
2. Navigate to the Advanced Tab and check the box marked “Enable SnapProtect.” This will consume
a SnapProtect license from the license key.
3. Browse to the Production Host Application iDA (in this case we are using Exchange Database iDA)
and select the desired subclient to enable SnapProtect Operations.

4. Browse to the SnapProtect Operations tab; check the “SnapProtect” box. Select NetApp as the
“Available Snap Engine.”
5. To define Proxy configurations on the “SnapProtect Operations” tab click on the drop down box
next to “Use Proxy.” This provides available servers to use as the Proxy during the index and
backup copy operations. The selected server mounts the Array snapshot when a backup copy
operation executes.
If the “Use source if proxy is unreachable” is selected the snapshot will default to the Product Host
if the defined proxy server is unreachable for any reason.
6. Ensure the Storage Device tab has a Storage Policy with a Snap Copy defined and click OK to close
the Subclient properties.

7. To execute a Snap Operation for the Application agent, simply schedule or generate a backup
request of the previously configured subclient.
**Note - For Exchange Database SnapProtect operations, an ESE consistency check run on the snapshot
copy to validate the consistency of the database files. This is enabled by default and can be found and
modified under the “advanced” job options on the scheduled backup operation. It is highly
recommended to leave this enabled to provide integrity checks to Exchange messaging environments.

For VMware Configurations
SnapProtect enables fast protection of large or volatile

VMware environments without placing load on the production
Virtualization Farm. SnapProtect technology integration with the
Virtual Server Agent (VSA) enables the Array to perform backups in
minutes even with large numbers of virtual machines and sizable
data stores. A dedicated ESX server for Proxy data movement
completely removes any utilization on the ESX farm with granular
access providing individual file and folder recovery from the
secondary tier of storage.
Prior to configuring the virtualization environment, deploy
the proper agents requiring snapshot integration with the Array.
VMware specifically requires more security rights beyond the typical
VADP use case. See the Appendix for security details in creating
proper security environment for SnapProtect. Virtualization
environments require the following agents:
 Virtual Server Agent (VSA) on the physical server(s) or virtual hot-add guest(s)
 File System iDA on the physical server(s) or virtual hot-add guest(s)
 MediaAgent on the physical server(s) or virtual hot-add guest(s)
The following steps will configure the implemented Virtualization Environment for SnapProtect
operations:
1. First, enable SnapProtect on the physical or virtual server with the VSA Agent by selecting the
server in the CommCell GUI. Right Click on the server name, select “All Tasks”, and then select
“Properties.”
3. Browse to the VSA iDA and select the desired backup set and then access the properties on the
desired subclient to enable SnapProtect Operations.

4. Browse to the SnapProtect Operations tab, check the “SnapProtect” box. Select NetApp as the
“Available Snap Engine.”
5. To define Proxy configurations on the “SnapProtect Operations” tab, below the “Proxy ESX
Server”, click on “Select ESX server for snap mount”. This opens a dialogue box with the available
ESX servers in the environment. Select the desired ESX server to perform the Proxy operations for
generating granular backups to disk/tape/cloud. The selected ESX server mounts the Array
snapshot when a backup copy operation executes.
6. Ensure the Storage Device tab has a Storage Policy with a Snap Copy defined and click OK to close
7. To execute a Snap Operation for the VSA agent, simply schedule or generate a backup request of
the previously configured subclient.

Microsoft HyperV Configurations
SnapProtect enables fast protection of large or volatile HyperV environments placing minimal
load on the production Virtualization Farm. SnapProtect technology integration with the Virtual Server
Agent (VSA) enables the Array to perform backups in minutes even with large numbers of virtual
machines and sizable data stores. Granular access provides individual file and folder recovery from the
secondary tier of storage along with the full guest .vhd files.
Prior to configuring the virtualization environment, deploy the proper agents requiring snapshot
integration with the Array. Microsoft HyperV is very similar to an application environment for the
components necessary to execute SnapProtect operations. Microsoft HyperV virtualization
environments require the following agents:
 Virtual Server Agent (VSA) on the Microsoft HyperV physical server(s) or virtual cluster server(s)
 File System iDA on the Microsoft HyperV physical server(s) or virtual cluster server(s)
 MediaAgent on the Microsoft HyperV physical server(s) or virtual cluster server(s)
 CommVault VSS Provider on the Microsoft HyperV physical server(s)
The following steps will configure the implemented Virtualization Environment for SnapProtect
operations:
1. First, enable SnapProtect on the physical or virtual server with the VSA Agent by selecting the
server in the CommCell GUI. Right Click on the server name, select “All Tasks”, and then select
“Properties.”
3. Browse to the VSA iDA and select the desired backup set and then access the properties on the
desired subclient to enable SnapProtect Operations.

4. Browse to the SnapProtect Operations tab; check the “SnapProtect” box. Select NetApp as the
“Available Snap Engine.” To define Proxy configurations on the “SnapProtect Operations” tab click
on the drop down box next to “Use Proxy.” This provides available servers to use as the Proxy
during the index and backup copy operations. The selected server mounts the Array snapshot
when a backup copy operation executes.
Note** - Always select a proxy if this client is a node of a Hyper-V Live Migration Cluster
5. Ensure the Storage Device tab has Storage Policy with a Snap Copy defined and click OK to close
6. To execute a Snap Operation for the VSA agent, simply schedule or generate a backup request of
the previously configured subclient.

Proxy Configuration
SnapProtect provides a modernized architecture for handling data protection operations within
the datacenter. Proxy capabilities enable an array based snapshot to mount off-host eliminating backup
processes on the production servers and linking indexing information to the original location. Allowing
for multiple snapshots from differing servers across high-speed FC and IP networks eliminates any
compression, deduplication, and encryption load and centralizes this execution to a dedicated tier of
services. Each OS with a SnapProtect client requires a similar OS for proxy (i.e. Windows to Windows,
Linux to Linux, etc.) execution. Simpana will automatically link indexing information back to the original
host enabling full application protection for recovery purposes. Execution of application integrity checks
may also occur on the Proxy servers to validate the data prior to backup creation.
For a configuration where snapshots mount off host to a Proxy server, implement the following
agents on the Proxy server.
 File System iDA (Must be similar to Production Host OS)

 MediaAgent
 Application Specific Binaries for Proxy
(i.e. – Exchange Management Pack, Oracle & RMAN, etc.)
For Exchange
Any Proxy configuration interacting with Exchange Databases provides the capability to execute
an ESE Integrity check against the Exchange Database. In order to enable the Proxy to validate the
Microsoft Exchange database files, install the proper version of the Microsoft Exchange Management
Tools from the Exchange installation media on to the Proxy.

Upon implementation of the management tools, verify the implementation of the necessary
MediaAgent and File System as well. This enables the Proxy for selection as the Proxy Host in the
application subclient contents. When scheduling the Microsoft Exchange SnapProtect backup
operation, click the advanced button. This will bring you to the General Options to enable the integrity
check for the Exchange Backup job upon Snapshot Index completion.
For Oracle
SnapProtect supports Unix and Linux –based ASM (Automatic Storage Management) and RMAN
backups with Array based snapshots. With this support SnapProtect enables RMAN based movement to
disk/tape allowing Recovery Manager (RMAN) for the movement to media operation. This however,
requires the installation and configuration of the Oracle binaries and the configuration of an Oracle
instance on the Proxy server. In order to perform a proxy based SnapProtect backup or restore
operation; configure the following on the proxy computer:
 The Oracle database instance on the proxy machine should be the same version as the source.
For example if Oracle 10.2.0.4 is installed on source then the proxy should be 10.2.0.4
 ASM instances require configuration for both ASM and the RDBMS instances on the Proxy.
 The catalog user and the catalog database must be the accessible by the source and the proxy
Oracle instances.
 Best Practice is to mount the snapshots on the same mount point as the source.
 Best Practice is to ensure that the data and log mount points do not overlap.

 Before executing any ASM based Snapshot or Movement to media jobs, run the following
commands:
o cd $ORACLE_HOME/rdbms/lib
o gmake -f ins_rdbms.mk ikfed; ensure that kfed is specified in the path.
After putting the above configurations and considerations in place, the configured server may
enable RMAN for tape movement and properly manage ASM databases in a proxy configuration.
Note** - Table Level restores of SnapProtect data is now supported.
Note** - It is highly recommended to work with Professional Services to ensure successful

implementation of SnapProtect with Oracle databases, especially in Proxy Configurations

Configuration Verification Using SnapTest
Validation of the SnapProtect configuration prior to running production jobs occurs through the
SnapTest utility. This tool, located in the Base folder of the Simpana installation, allows one to check
array connectivity and exercise the hardware snap engine to create and remove snapshots. Running this
prior to productions routines will validate the configuration is properly defined on the Production Host
side.
1. Locate the SnapTest executable in the base directory (…\simpana\base\snaptest.exe) and run it
from the Command Line.
2. Enter option 1 “Show HBA/iSCSI address” (example shows iSCSI configuration)

In this example the LUNs are being exposed via iSCSI
3. Choose Option 2 “Send SCSI inquiry to the storage device”
For Windows Servers enter a drive letter or mount path for the mount point. In a Unix/Linux
environment, enter only a mount path location.

The iSCSI LUN presentation from the NetApp FAS shows in the inquiry string output. This validates
we have an array based volume to execute snapshot operations from.
4. Choose option 3 “Snapshot management”

Select the appropriate Snap Engine
5. Exercise the selected Snapshot Engine by choosing “C”

6. Enter the Mount Point for the volume(s) on the NetApp FAS

7. Execute array options for Mounting, Dismounting, etc as necessary. Successful creation and
deletion of snapshots will verify the configuration is likely correct. Enter “D” to delete

Note that snap identifiers will require that the “-“ be included as shown here.
8. Once deleted, the snapshots will no longer exist in the array. Choose option ”E” to exit from the
Snap Engine Operation menu.

Security & Storage Policy Best Practices
Security Roles
The power of a Storage Array in providing fast full volume recovery changes data architectures
and SLA alignment. Any technology providing fast sweeping recovery directly linked to production data
can be potentially dangerous without proper controls. Revert operations are perfect for massive data
corruptions on productions volumes that require fast recoveries, assuming the proper controls are in
place to allow only those who understand what the defined action will do for/to the business. Typical
script based tools lack these controls and expose environments to high risk side effects with very little
oversight or reporting. A single mis-aligned scripted argument could bring an entire production
database environment down and cause catastrophic data loss. Further, restoring data through array
based reverts when a single file/database is all that is necessary can destroy entire collections of data
resetting the environment back hours or days if done incorrectly. Recent mail, revenue transactions,
business data, etc. would all be lost due to a simple mistake in operation
Rather than risking the business to make or beat the backup window with scripts or standalone
tool sets, an integrated data management platform should provide proper safety controls to allow
critical actions to entrust the right users at the right time while ensuring a reporting and audit system to
overlay the full end-to-end view. In most medium to large environments, application operational
responsibilities, backup, DR, compliance and audit may be distributed functions that need to be
coordinated into a single policy. The embedded role based
security system native to Simpana automates this function.
For Example, a customer may have three specific

roles within an operations environment
 Backup Admins
 Application owners (DBAs)
 Audit & Business Compliance
Each of these roles own specific responsibilities to

managing and protection the enterprise. Backup Admins are
the typical day to day operators with access to perform
standard backup and recoveries, manage media, issue
reports, etc. However, the Backup Admin Role may not be
the right team to execute application level recoveries or have
the capabilities to issue array based reverts for recoveries
due to knowledge and awareness of the application architecture. The Application Owner Role is not so
concerned about the general day to day backup environment, but is laser focused on the application
space they own. They need to know what tools are available to them and who has the capabilities to
execute on those toolsets at any time as they manage the applications running the business. Any
recovery operations involving their applications, especially powerful techniques such as Array reverts
and snapshots must be managed from their group to mitigate any risk to the business. The Audit Role
simply needs to eliminate red flag events and provide security, operational, and process proof of who
can perform what and how.

For this three specific roles should be defined solely for the SnapProtect and Application iDA’s
within the CommCell. An example of this basic security structure as defined in Simpana Security Roles is
below:
Audit Team
Application
Security Roles
Backup
(For Application Clients or Groups)
(Separate groups may provide this grouping of users
Assigned to SnapProtect Application Client Groups more right for other objects in the CommCell. This
solely highlights the ability to lock down capabilities
Administrative Management X
for the applications to ensure that an entire volume is
Agent Management X X not inadvertently reverted with SnapProtect
Agent Scheduling X X integration.)
Alert Management X X
Browse X X
Browse and In-Place Recover X
Browse and Out of Place Recover X
Compliance Search X
Data Protection X X
Data Protection Management X X
End User Search X
Job Management X X
Library Management X
Library Administration X
License Management X
MediaAgent Management X
Report Management X X X
Storage Policy Management X X
User Management
Vault Tracker Operations X

Storage Policies
Managing proper retention on the snapshot copies becomes another critical requirement.
Improper retention either increases the amount of tier 1 storage that is holding recovery points, or it
causes the snapshots to fall short of fully meeting SLA requirements for the business. Simpana’s Storage
Policies are broken down into copies for managing retention on the proper tier of storage. In the typical
Storage Policy for SnapProtect, three copies will be available, the Primary SnapCopy, the Primary backup
to disk copy, and the Offsite disk/tape copy. Properly meeting SLA requirements for the business
requires proper alignment for the retention characteristics of each of the storage tiers.
For example, SLAs for Sub 24hr RPO/RTO drastically lower the returns on leveraging snapshot
technology on copies beyond 48hrs. The typical Best Practice for Storage Policy configuration will
change from environment to environment, with the standard retention aligning to the primary recovery
time for the SnapCopy with the primary backup to disk and tape copies providing SLA coverage for
complete Site based disasters. For Example, with the previous description retention may be set in the
following way:
 Primary SnapCopy – 2days & 0 Cycles

 Primary Disk Copy – 28days & 1 Cycle
 Offsite Disk/Tape Copy – 60days & 1 Cycle
This definition allows snapshot retention on a 48hr rotation providing multiple high-speed
recovery points available on the array to meet the SLA requirement. This configuration requires storage
space allocation to maintain two persistent days of change for the associated clients. By setting “cycles”
to 0, the removal of old snapshots occurs regardless of success, so proper alerting and monitoring is
required.
The other recommended option for SnapCopy retention sets the “days” variable to 0 and
focuses solely on the Number of cycles. In this configuration full backups must occur frequently to allow
for proper snap management. With this setup, the # of snapshots retained will be determined on the
number of cycles configured. The scheduled frequency becomes very important to defining the
environment conditions. If 8 snapshots execute over a week timeframe, then 7 days of delta change
must be available in the Array configuration. If 8 Snapshots execute in a 48 hour period, only 48hrs of
delta change must be available in the Array configuration. Fully understanding the schedule and
process configurations enable making the proper retention setting when keying off of “cycles.”
Improperly setting retention and effects of days and cycles can adversely affect the available recovery
scenarios for the business applications.
This definition will then enable the Primary and Secondary backup to disk and tape copies.
Backup Copies should follow that standard backup schedule for the production (i.e. – daily backups
should equate into at least one SnapCopy Point in time to drive local and offsite backups). Remember,
backup copies will execute synchronously, and the failure to “backup” SnapCopys to disk/tape will
extend the storage requirement on the Array, as the snapshots will not prune until the selected recovery
points execute in a Backup Copy to disk/tape copies. Application data will always be consistent on this
data movement. Backup Copy operations will always use File System mechanisms to protect the
properly acquiesced applications except in the instance of RMAN Proxy’s in an Oracle configuration. The
rest of the data aging follows the standard days and cycles rules for purging off data sets.

Note** - Snapshots may be deleted from the array due to factors like low disk space on the array,
number of snapshots exceeds the threshold etc. and the jobs corresponding to these deleted snapshots
can no longer be used for any data recovery or backup copy operations. Use the nRunSnapRecon registry
key to start snap reconciliation to check for missing snapshots once in every 24 hours and marks jobs
corresponding to the missing snapshots as invalid. See Appendix for detailed information.

Manipulating Snapshots
Part of the value of creating and leveraging snapshot is the flexible options it provides IT in
achieve typical tasks by leaning on the high speed storage infrastructure to efficient results. Out of
place refresh, single file recoveries, mount and browse capabilities, etc. provide flexibility in executing
daily IT operations. The following sections describe how to perform these operations for hosts protected
with SnapProtect.
1. Snapshot access is always achieved via right clicking on your defined object and selecting the
“All Tasks” options and selecting “List Snaps”
2. The snapshot list for the client application is displayed when the List Snaps item is selected.
From the dialog several snapshot operations are available.

Mount/Dismount Snaps for Manual Browse
1. After accessing the available snapshots for the selected client, mount the desired snapshot by a
right click on the snapshot shown in the menu. Select the mount operation to continue
Note** – Any writes or updates made to a mounted snapshot will be lost when the snapshot is
dismounted. Ensure any changes required to retain are protected while the snapshot is mounted
2. The following dialog appears. Click Yes to continue. On NetApp arrays the mount time rarely
will exceed 30 – 45 seconds.
3. Define the host you wish to mount the snapshot to (this must be a MediaAgent). Ensure the
host has the appropriate Storage Zoning to mount this snapshot. If this is an iSCSI volume log in
the initiator for this host if not already done, otherwise the mount will fail. For Destination
Path, select a mount point. This must be a folder, and is recommended to be an empty folder.
4. Once the snapshot is mounted the following dialog will appear. Click OK.

5. The Snapshot list updates with the current information on the snap which will include the
mount path and the updated time of the mount operation.
6. The mounted snapshot can now be accessed from the mount host.

7. Dismount of the snapshot is a simple process. Select the mounted snapshot and use the right
click menu to select the Unmount option.
8. The following dialog will appear. Click OK to continue.
9. Once completed the following dialog will appear.
Note** - It is important to remember to dismount the snapshot once finished. If a snapshot has been
manually mounted it will not be pruned until it no longer is being accessed. Mounted snaps that have
not been copied for backup copy will fail on the backup copy operation until they are unmounted.

Reverting a Snapshot
There are two ways to revert a snapshot. One is application aware and one is not. Generally the
application aware revert is the mechanism to use.
Application Aware Revert

1. An application aware revert is done in the context of a standard recovery. This starts with
browsing for the application data to be restored. Click the Browse Backup Data menu item.
2. The backup selection dialogue appears to select the time frame from which the restore will take
place. Here the latest backup will be used. Click OK.

3. The browse window will appear from which the appropriate application data can be selected for
restore. The entire information store for Exchange is selected. Click the Recover All Selected
button.
4. The Recovery dialog box appears. Select the Advanced Button.

5. In the Advanced Dialog check the Use hardware revert … option and click OK to the warning
dialog to proceed with the revert operation.
This will execute a LUN revert from the Latest Snapshot back to the production Server (in this
case we showed Exchange).
Note** - Some Applications require an overwrite option for any restore to occur including LUN based
Reverts. Ensure Applications such as Exchange and others have the appropriate “overwrite” settings
defined for this to execute properly. ALL FILES and DATABASES will be rolled back to the point in time of
the last snapshot. DO NOT REVERT IF NOT ALL DATA REQUIRES TO BE ROLLED BACK TO THE PREVIOUS
POINT IN TIME!

Non Application Aware Revert
A hardware revert can be done which is not application aware as well. This is done directly from
the snapshot list. This process initiates a rollback for the selected volumes instantly to the desired point
in time without communicating with applications for graceful restore. This option may be leveraged for
file systems and shut down application environments.
1. The process begins by selecting the List Snaps menu item to bring up the list of snapshots dialog.
2. When the dialog appears, select the desired snap and use the right click menu to select the “Use
hardware revert …” option to revert the snap. The following confirmation dialog will appear.
3. Validate this operation is correct and type “Confirm” in the dialog box and click OK to perform the
operation.

Note** - Caution should be taken when using the non-application aware revert functionality as you
can corrupt a running application as a result of this operation. You should be absolutely sure that you
will not cause any data corruption issues before using this option.

Out of Place Restore Capabilities – (VMware Example)
Within the restore process snapshots can be used just like any other media based backup.
MediaAgent software and access to the NetApp array for access to the snap directly is a requirement.
Also, the corresponding application agent must be installed on the target for it to be an eligible
candidate (if necessary).
1. To restore out of place select the Browse Backup Data option for the desired data set. Select the
appropriate time or the latest backup.

2. Depending on the application different options are available for out of place restore. In this
example the graphics show a VSA agent used to backup VMs which live in a data store which is an
NFS share being presented by the NetApp FAS. The selected VM will be restored to a different
data store with a new name. Browse into the subclient contents and select the data to be
recovered out of place. In this case the selection is a Virtual Machine.
3. When the Recover All Selected button is clicked the following dialog appears to direct the restore
activity. Note the VM Name. The ability to automatically enable the VM can be done through the
“Power ON Virtual Machine After Restore” box.

4. The “Browse Virtual Center / ESX Server for Destination” provides out of place selections. Here
DataStore_3 is the location for the VM recovery. Select OK, and then OK again on the Restore
Options windows to execute the recovery, out of place.

Appendix
The SnapMirror Process Explained
Make sure destination filer has SnapMirror access to the source filer. The SnapMirror filer's
name or IP address should be in “/etc/snapmirror.allow”. Use wrfile to add entries to
/etc/snapmirror.allow:
source-filer> wrfile /etc/snapmirror.allow

destination-filer
<Ctrl+C>
source-filer> rdfile /etc/snapmirror.allow

destination-filer
Alternatively, you can also go into each of the hosts in DFM and configure the FAS for the proper
security rights for source and destination. This is done by selecting the Hosts section and editing the
During the First Auxiliary Copy Job (to get the full detailed Snap Management plan for
SnapMirror/SnapVault to run) it runs will always give you a Conformation check:

During every SnapMirror Auxiliary Copy, SnapMirror will create a “BackupVersion” – basically a
new Snapshot of the entire volume requiring replication:
Once a new Snapshot for SnapMirror is available the Snapshot is listed under the volume on the
Primary Filer:

That has a relationship with the current SnapMirror session:
On the destination filer site, we notice the same Snapshot has been sent. In addition, if there
were any previous SnapMirror on-demand jobs run, only the very last one will stay on the target box:
NetApp calls this a “Swizzling Process”. That is, the primary FAS takes delta set between the
original snapshot used from the previous SnapMirror job and the new snapshot created for the current
SnapMirror job. Only the details of the snapshot and the deltas are sent to the destination FAS, and will
refer to the previous snapshot (that used to be the target SnapMirror session) and will de-swizzle the
volume to match what is in the primary FAS’s side. The previous snapshot does not get deleted as the
entire de-swizzling process is a background job.

SnapMirror and DataAging Explained
Once a job has been Data-Aged – or even deleted manually, the job will no longer appear in the
SnapMirror target as well (SnapVault is not affected here):
Pre-deleted:

Post-Delete:
Primary FAS
CommVault on the SnapMirror:

Secondary FAS:
The DataAging process will not remove this either. Only the next AuxCopy will – this is after a new
job has run (AuxCopy complains there is no new data to move):
Primary FAS shows a new snapshot used for SnapMirror:

Secondary FAS now shows the new snapshot here, but the de-swizzle process has not removed
the volume snapshot pertained to Job 18.
Now the Job has been deleted from within Simpana. This won’t affect the SnapMirror
relationship until the next job is run and another Auxiliary Copy has been run, the latest SnapMirror
“Snapshot” that was synchronized to the Secondary FAS will be the one responsible for deleting the
snapshot on the destination FAS box.

VADP-SPE User Permissions
A dedicated account can be used for performing VSA with SnapProtect. This account requires additional
permissions for the VADP User role. This account is only required in the event a restricted account is
desired.
Backup Permission Requirements Restore Permission Requirements

Datastore Datastore
• Allocate Space • Allocate space
• Browse a datastore
• Configure Datastore
• Remove Datastore Host → Configuration
• Storage partition configuration
Host → Configuration
• Storage partition configuration Network
• Assign network
Virtual machine → Configuration
• Disk Change Tracking
Resource
• Disk Lease
• Assign virtual machine to resource pool
• Low Level file operations
• Assign vApp to resource pool
Virtual machine → Provisioning

• Allow read-only disk access Virtual machine → Configuration
• Allow virtual machine download • Add existing disk
• Clone virtual machine • Add new disk
• Add or Remove device
• Advanced
Virtual machine → State
• Change CPU count
• Create snapshot
• Change Resource
• Remove snapshot
• Disk change Tracking
• Disk Lease
• Host USB device
• Memory
• Modify device setting
• Raw device
• Reload from path
• Remove disk
• Rename
• Reset guest information
• Settings
• Swapfile placement
• Upgrade virtual hardware
Virtual machine → Interaction

• Power Off
• Power On
Virtual machine → Inventory

• Create new
• Register
• Remove
• Unregister
Virtual machine → Provisioning

• Allow disk access
• Allow read-only disk access
• Allow virtual machine download
Virtual machine → State

• Create snapshot
• Remove snapshot
• Revert to snapshot

Snap Reconciliation Registry Key
This key validates Simpana created snapshots have not been altered externally to the software
invalidating recovery options.
Location
Windows HKEY_LOCAL_MACHINE\SOFTWARE\CommVault
Systems\Galaxy\Instance<xxx>\MediaManager
Unix Not Applicable
NetWare Not Applicable
Key nRunSnapRecon (optional)
Value Not Applicable
Value Type DWORD
Valid Range 1 or x, where 'x' is any other value than 1
Default Value None
Created in Client Computer
Description To enable Snap Reconciliation from the Media Manager. When this registry key
is set to 1, the snap reconciliation is enabled and the MM will run the snap
reconciliation every 24 hours. When this registry key is set to 0, the snap
reconciliation is disabled. Also, the absence of this registry key is considered as
if the value is set to 0 and hence the snap reconciliation will not be started.
Additional N/A
Information
Applies To SnapProtect Backup

Array Credentials for a Non Root User
To use a Non-Root user for the Array configuration and NDMP configurations follow the command steps
below:
Snapprotectrole may be names as the customer chooses

Snapprotectgroup may be named as the customer chooses
SnapProtectuser may be named as the customer chooses
The first command creates the SnapProtect Role with the proper rights
The second command adds this role to a newly created SnapProtect group
The third command creates the user to for the Array credential field in the Simpana Control Panel
NetApp1> useradmin role add snapprotectrole -c ”SnapProtect Management Role" -a login-ndmp,login-

http-admin,api-*
NetApp1> useradmin group add snapprotectgroup -c ”SnapProtect Management Group" –r

snapprotectrole
NetApp1> useradmin user add snapprotectuser -c ”SnapProtect Management Account" -n ”S Admin" –g

snapprotectgroup
The same user can be used for NDMP credentials by using the encrypted password
NetApp1> ndmpd password snapprotectsuser

COMMVAULT SnapProtect FieldGuide For NetApp Storage Including SnapMirror and SnapVault Integration PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

COMMVAULT SnapProtect FieldGuide For NetApp Storage Including SnapMirror and SnapVault Integration PDF

Uploaded by

Copyright:

Available Formats

Simpana SnapProtect Field Guide for

Configuring SnapProtect on NetApp Storage Page 1

Configuring SnapProtect on NetApp Storage Page 2

Configuring SnapProtect on NetApp Storage Page 3

Configuring SnapProtect on NetApp Storage Page 4

Configuring SnapProtect on NetApp Storage Page 5

Configuring SnapProtect on NetApp Storage Page 6

Configuring SnapProtect on NetApp Storage Page 7

Array Software Licenses

Configuring SnapProtect on NetApp Storage Page 8

Configuring SnapProtect on NetApp Storage Page 9

Basic File System Environments

 File System iDA (for the appropriate Operating System)

 File System iDA (Must be similar to Production Host OS)

Configuring SnapProtect on NetApp Storage Page 10

For a configuration where snapshots mount off host

Configuring SnapProtect on NetApp Storage Page 11

SnapVault and SnapMirror Environments

Supported Applications and Operating Environments

Configuring SnapProtect on NetApp Storage Page 12

Configuring SnapProtect on NetApp Storage Page 13

 When Possible - Group LUNs according to their rate of change:

 Disable NetApp Schedule for Snapshots on Volumes

Configuring SnapProtect on NetApp Storage Page 14

SnapVault & SnapMirror

Configuring SnapProtect on NetApp Storage Page 15

To define a NetApp FAS:

1. Click on Array Management in the Control Panel

2. Select Add on the Array Management Dialog Box

3. Select “NetApp” for the Snap Vendor dropdown

4. Enter the Fully Qualified Domain Name or IP address of the

5. Enter a username and confirm the username password for the

6. For NetApp Arrays, ensure the “File Server” button is selected. If it

NetApp NFS Specific Integration Notes

Configuring SnapProtect on NetApp Storage Page 16

Configuring SnapProtect on NetApp Storage Page 17

To create configure a Storage Policy with a Snapshot Copy:

Configuring SnapProtect on NetApp Storage Page 18

Configuring SnapProtect on NetApp Storage Page 19

Configuring SnapProtect on NetApp Storage Page 20

To create configure a Storage Policy with a Snapshot Copy:

Configuring SnapProtect on NetApp Storage Page 21

Configuring SnapProtect on NetApp Storage Page 22

Configuring SnapProtect on NetApp Storage Page 23

SnapProtect backups encompass the following operations:

Backup Copy Operations

Configuring SnapProtect on NetApp Storage Page 24

During the Backup Copy operation:

Configuring SnapProtect on NetApp Storage Page 25

Configuring SnapProtect on NetApp Storage Page 26

Configuring SnapProtect on NetApp Storage Page 27

Configuring SnapProtect on NetApp Storage Page 28

 File System iDA (for the appropriate Operating

**Note - If no supported Application iDA’s are available,

 MediaAgent – Provides media management

Configuring SnapProtect on NetApp Storage Page 29

Configuring SnapProtect on NetApp Storage Page 30

Configuring SnapProtect on NetApp Storage Page 31

Configuring SnapProtect on NetApp Storage Page 32

SnapProtect enables fast protection of large or volatile

Configuring SnapProtect on NetApp Storage Page 33

Configuring SnapProtect on NetApp Storage Page 34

Configuring SnapProtect on NetApp Storage Page 35