To protect disk libraries from Ramsomware, you can activate Ramsomware Protection on properties of Commvault Media agent
Another important feature, you can get alert if commvault backed up encrypted ransomware files
To protect disk libraries from Ramsomware, you can activate Ramsomware Protection on properties of Commvault Media agent
Another important feature, you can get alert if commvault backed up encrypted ransomware files
1. EMC Networker: Change “remote access” option *@* on every client” –> http://sysarticles.com/emc-networker-security-exploit-that-remote-access/
2. Veritas Netbackup: Remove No.Restrictions file –> http://sysarticles.com/security-expolit-on-netbackup-no-restrictions/
3. EMC VMAX: Change default password of SMC user in unisphere (take snapshot or backup before changing. If you would get “Failed to authenticate user.” error, there is no way to fix except restore or reinstall. And, If you reinstall unisphere you will loose performance database. There is a trick to not get this error.)
4. EMC VPLEX: Change default passwords of VPLEX. Default passwords of VPLEX is already complex, but anyone can find default passwords of service, admin and root users in the documents.
5. Commvault: Activate Ransomware Protection –> http://documentation.commvault.com/commvault/v11/article?p=features/disk_library/t_enable_ransomware_mediaagent.htm
Sometimes we or some consultants put No.Restrictions file in “INSTALL DIR\netbackup\db\altnames” directory, this option makes our work easier. But it is a security risk, because of every netbackup client on the your network can restore data from any other clients. So, anybody can restore data of your important servers, then they can lookup and/or copy your important datas. To close this security exploit, you must delete the file No.Restrictions.
If you didn’t care when you installed EMC networker software, some consultants enter an option *@* for every client, this means that every networker client on the your network can restore data from any other clients. So, anybody can restore data of your important servers, then they can lookup and/or copy your important datas.