HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce
software version 4.3.x
Part Number: 20-STO-3660UG-ED4
Published: January 2023
Edition: 4
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version
4.3.x
Abstract
This document is the user guide for the Hewlett Packard Enterprise StoreOnce Systems version 4.3.5, and is intended for users who
install, operate, and maintain the StoreOnce System. Always check www.hpe.com/info/storeonce/docs for the most current
documentation, including localized versions for your product. Refer to the Quick Specs on www.hpe.com for supported features for your
model.
Part Number: 20-STO-3660UG-ED4
Published: January 2023
Edition: 4
© Copyright 2018 - 2023 Hewlett Packard Enterprise Development LP
Notices
The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and
services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed
as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions
contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or copying. Consistent with
FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items
are licensed to the U.S. Government under vendor's standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise has no control over
and is not responsible for information outside the Hewlett Packard Enterprise website.
Notice for OpenSSL
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. ( http://www.openssl.org)
Acknowledgments
Intel®, Itanium®, Optane™, Pentium®, Xeon®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation or its subsidiaries.
AMD and the AMD EPYC™ and combinations thereof are trademarks of Advanced Micro Devices, Inc.
Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other
countries.
Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
Java® and Oracle® are registered trademarks of Oracle and/or its affiliates.
UNIX® is a registered trademark of The Open Group.
All third-party marks are property of their respective owners.
Revision history
Part number
Publication date
Edition
Summary of changes
20-STO-3660UGED4
January, 2023
4
StoreOnce 4.3.5 fixes an issue where event payloads
generated for HPE Service Tools and Technical Support
(STaTS) are incorrectly generated, causing the application to
fail to process events and take appropriate action.
20-STO-3660UGED3
November, 2022
3
StoreOnce 4.3.4 now support StoreOnce systems as a target
for Backup and Recovery on HPE Data Services Cloud Console.
Part number
Publication date
Edition
20-STO-3660UGED2
June, 2022
2
Summary of changes
Dual authorization that requires approval of two separate
users to authorize execution of an operation. This feature
protects data loss caused by malicious actions, such as a
ransomeware attack.
New option to edit the iLO security state to High Security or
Production.
A passphrase for additional security in the Time-based
password option.
TLS 1.2 version to secure SMTP connection.
VMWare vSphere ESXi 7.0 for the VSA product.
ISV Controlled Data Immutability for Catalyst stores.
Table of contents
Getting started
What's new in StoreOnce Systems 4.3.5
FAQ
Logging in to the StoreOnce Management Console
User interface quick tour
Selecting a system to view and manage (federation)
StoreOnce Management Console supported browsers
Using the StoreOnce First Time Setup wizard
About StoreOnce Systems
StoreOnce hardware models
Key capacity parameters
Optional hardware
Security features
Configure Linux and Unix on StoreOnce Systems
Linux (x86, x64, and IA64)
Supported versions of Linux
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS
The StoreOnce System and iSCSI
Installing the Open-iSCSI module for SUSE Linux Enterprise Server
Installing the Open-iSCSI module for RedHat Enterprise Linux
Configuring the StoreOnce System for iSCSI
Configuring the Open-iSCSI module manually
Configuring the StoreOnce System for Fibre Channel
HP-UX 11i v2/v3 (IA64)
Supported versions of HP-UX
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS in UNIX
Configuring the StoreOnce System for iSCSI
Installing the iSCSI software initiator
Configuring the iSCSI software initiator manually using the command line
Configuring the StoreOnce System for Fibre Channel
Changing the HP-UX buffer size
Solaris (x86 and SPARC)
Supported versions of Solaris
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS in Solaris
Configuring the StoreOnce System for iSCSI
How to enable the iSCSI software initiator
How to manually configure the iSCSI software initiator using the command line
AIX
Supported versions of AIX
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS in AIX
Configuring the StoreOnce System for Fibre Channel
Federations
Federation guidelines
Standalone federation example
Overlapping federations example
Viewing federation health
Viewing federation members
Creating federations
Adding systems to federations
Removing systems from federations
Selecting a system to view and manage (federation)
Dashboards
Viewing system dashboards
Viewing federation dashboards
Capacity efficiency terms
Editing system information
Data services overview
Viewing data services
Housekeeping function
Housekeeping statistics
StoreOnce Catalyst data services
About StoreOnce Catalyst
Stores
Viewing StoreOnce Catalyst stores
The StoreOnce Catalyst Item filter
Creating StoreOnce Catalyst stores
Editing StoreOnce Catalyst stores
Deleting StoreOnce Catalyst stores
StoreOnce Catalyst stores screens and properties
Cloud Bank stores
Viewing Cloud Bank stores
Cloud Bank stores service providers and properties
Tips for working with Cloud Bank stores
Cloud Bank bandwidth limiting windows
Creating Cloud Bank stores
Connecting Cloud Bank stores
Deleting Cloud Bank stores
Detaching Cloud Bank stores
Disconnecting Cloud Bank stores
Editing Cloud Bank stores
Exporting encryption keys for Cloud Bank stores
Importing encryption keys for Cloud Bank stores
Cloud Bank stores screens and properties
Clients
Integrating backup applications with StoreOnce Catalyst clients overview
Adding StoreOnce Catalyst clients to StoreOnce Systems
Adding StoreOnce Catalyst client access for StoreOnce Catalyst stores
Deleting StoreOnce Catalyst clients for StoreOnce Systems
Editing StoreOnce Catalyst clients for StoreOnce Systems
Editing client access for StoreOnce Catalyst stores
Editing client public access for StoreOnce Catalyst stores
Items
Viewing StoreOnce Catalyst items
Viewing StoreOnce Catalyst items related-sessions
Deleting StoreOnce Catalyst items
Backup/restore and copy sessions
Viewing StoreOnce Catalyst backup/restore sessions
StoreOnce Catalyst stores backup/restore properties
Viewing Catalyst copy sessions
Catalyst stores copy properties
Comparing StoreOnce Catalyst backup/restore sessions
Canceling StoreOnce Catalyst copy sessions
Comparing StoreOnce Catalyst copy sessions
Pausing and resuming outbound copy sessions
StoreOnce Catalyst over Fibre Channel
Viewing StoreOnce Catalyst Fibre Channel device settings
StoreOnce Catalyst over Fibre Channel client considerations
StoreOnce Catalyst over Fibre Channel zoning considerations
Configuring StoreOnce Catalyst over Fibre Channel
Editing StoreOnce Catalyst Fibre Channel settings
StoreOnce Catalyst Fibre Channel number of devices per login
Editing StoreOnce Catalyst Fibre Channel device login settings
Editing StoreOnce Catalyst Fibre Channel target device settings
StoreOnce Catalyst Fibre Channel settings and properties
StoreOnce Catalyst settings
Viewing StoreOnce Catalyst settings
Viewing StoreOnce Catalyst Fibre Channel device settings
Bandwidth limits (StoreOnce Catalyst)
Viewing Catalyst bandwidth limits
Bandwidth limit properties (Catalyst)
Editing Catalyst general bandwidth limits
Editing Catalyst bandwidth limiting windows
Adding StoreOnce Catalyst clients to StoreOnce Systems
Configuring StoreOnce Catalyst proxy server settings
Editing StoreOnce Catalyst Fibre Channel settings
Editing StoreOnce Catalyst Fibre Channel target device settings
Pausing and resuming outbound copy sessions
VT library data services
VT libraries and multiple Fibre Channel ports
VT libraries
Viewing VT libraries
Viewing VT library details
VT library interface device properties
Requirements and best practices for creating VT libraries
Creating VT libraries
Editing VT libraries
Tips for editing VT libraries
Deleting VT libraries
VT library emulation types
VT Libraries screens and properties
Viewing VT libraries interface information
VT library tape drives
Changing the number of VT library tape drives
VT library cartridges
Viewing VT libraries cartridge information
VT library cartridge properties
Viewing VT libraries slot mappings detail
Changing the number of VT library cartridge slots
Creating VT library cartridges
Editing VT library barcodes
Tips for editing VT library barcodes
Deleting VT library cartridges
Editing VT library cartridges
Erasing VT library cartridges
Moving VT library cartridges
Unloading VT library cartridges
VT replication
VT libraries replication overview
Viewing VT replication mappings
Viewing VT replication slot mappings
Adding replication permissions for target VT libraries
Creating replication mappings for source VT libraries
Editing replication mappings for source VT libraries
Editing replication permissions for target VT libraries
Editing replication public access for target VT libraries
Editing replication slot mappings for source VT libraries
Deleting replication mappings for source VT libraries
Making replication target VT libraries visible to hosts
VT replication screens and properties
NAS data services
NAS shares
Viewing NAS shares
Viewing NAS shares detail
Creating NAS shares
Editing NAS shares
Tips for editing NAS shares
Deleting NAS shares
NAS CIFS shares
NAS CIFS authentication modes
Selecting NAS CIFS authentication modes
NAS CIFS server user authentication mode
Adding NAS CIFS local users
Changing NAS CIFS local user passwords
Deleting NAS CIFS local users
Editing NAS CIFS shares user access
Active Directory authentication mode
NAS CIFS Active Directory authentication overview
Adding StoreOnce Systems to Active Directory domains
Granting Active Directory domain users access to NAS CIFS shares
Adding Active Directory users as local administrators to the StoreOnce CIFS server
Adding Active Directory groups as local administrators to the StoreOnce CIFS server
Deleting Active Directory users or groups as local administrators of the StoreOnce CIFS server
Leaving Active Directory domains
NFS shares
Adding NAS NFS server hosts
Editing NAS NFS settings (browsability)
Editing NAS NFS shares host access
Replicating NAS shares
NAS shares screens and properties
NAS replication
NAS shares replication overview
Viewing NAS replication mappings
Viewing NAS replication file information
Adding replication permissions for target NAS shares
Adding replication target systems
Creating replication mappings for source NAS shares
Editing replication mappings for source NAS shares
Editing replication permissions for target NAS shares
Editing replication public access for target NAS shares
Deleting replication mappings for source NAS shares
Recovering replicating NAS shares over a WAN
NAS replication screens and properties
NAS settings
Viewing NAS settings
Adding and deleting NAS CIFS Active Directory users and groups
Adding, editing, and deleting NAS CIFS users
Adding, editing, and deleting NAS NFS hosts
Editing NAS CIFS settings
Editing NAS NFS settings (browsability)
Joining and leaving NAS CIFS Active Directories
Replication data services
Viewing replication settings
Bandwidth limits (replication)
Viewing replication bandwidth limits
Bandwidth limit properties (replication)
Editing replication general bandwidth limit settings
Editing replication bandwidth limiting windows settings
Editing replication maximum concurrent job settings
Blackout windows (replication)
Viewing replication blackout windows
Blackout window properties
Editing replication blackout window settings
Event history (replication)
Viewing replication event history
Event history properties
Clearing replication events
Editing replication out of sync notification
Partner systems (replication)
Viewing replication partner systems
Partner system properties
Adding replication target systems
Editing and deleting replication target systems
Locating replication serial numbers
Pausing replication
Permissions (replication)
Replication permission tab
Adding replication permissions for target systems
Removing replication permissions for target systems
Resuming replication
Reports
Reports overview
Report content categories
Viewing online reports
Working with Custom reports
Working with Scheduled reports
Dual Authorization
Dual Authorization workflow
Dual Authorization requests
Dual authorization request states
Dual authorization audit/event entries
Operations prohibited in Dual Authorization
Event log
Viewing event logs
Manually deleting events
Managing automatic event deletion
Restart, shutdown, and upgrade
Restarting and shutting down StoreOnce systems
Upgrade overview
Upgrading StoreOnce Systems
System settings
Viewing the StoreOnce software version
Viewing warranty serial numbers
StoreOnce licensing
Obtaining licenses from HPE My License Portal
Viewing StoreOnce licenses
License Management screen and properties
Adding standalone licenses to StoreOnce
Deleting StoreOnce Standalone licenses
Configure system date and time
Editing system date and time
Editing system information
Editing user preferences
Capacity units
Using the StoreOnce First Time Setup wizard
Removing optional hardware cards
Updating StoreOnce system information
Hardware settings
Storage
Viewing storage
Configuring storage
Rescanning storage
Unconfiguring storage
Editing storage capacity thresholds
Networking
StoreOnce networking features overview
Networking concepts
Initial configuration
Viewing the active network configuration
Editing the active network configuration
Activating network configurations
Adding, editing, and deleting port sets
Identifying physical ports
Adding, editing, and deleting subnets
Adding, editing, deleting static routes
Adding and deleting encryption links
Editing DNS servers
Restoring factory network settings
Pinging systems
Using traceroute
Integrated Lights Out (iLO)
Viewing iLO configurations
Editing the iLO network configuration
Editing the iLO security state
Launching the iLO web interface
Fibre Channel
Viewing Fibre Channel port settings and properties
Editing Fibre Channel port settings
Fibre Channel settings and properties
Hardware and firmware
Viewing hardware components (hardware monitoring)
Locating the StoreOnce system components
Locating StoreOnce Systems
Updating hardware component firmware
User management settings
User roles and types
Adding, editing, and deleting users and groups
Prerequisites for adding directory servers
Distinguished names
Adding directory servers
Removing directory servers
Adding directory users and groups
Editing active directory users and groups
Deleting Active Directory users and groups
Logging in to StoreOnce system as a domain user
Configuring password policies
Security settings
Certificates
Certificate Authority (CA)
Viewing security certificates
Replacing default certificates - overview
Generating certificate signing requests (CSR)
Importing security certificates
Removing CA security certificates
Importing client CA certificate (License server or SMTP server)
Viewing client CA certificates
Removing Client CA security certificates
Key Manager
Viewing the Key Manager mode
Backing up Key Manager configurations
Restoring Key Manager configurations
Enrolling with an External Key Manager
Generating External Key Manager certificate signing requests
Renewing External Key Manager certificates
Withdrawing from an External Key Manager
EKM enrollment common errors
Data in Flight encryption guidelines
Login Banner
Enabling and disabling StoreOnce login banners
Sessions
Viewing sessions
Configuring session timeout policy
Initialisation Console credentials
Initialisation Console user name and password
Changing the Initialisation Console user password
Data at Rest encryption guidelines
Support settings
Remote Support
Configuring remote support
Sending test events
Hardware Events Filter
Filtered Hardware Events
Software events
Log Collection
Viewing log collections
Generating, downloading, and removing log collections
Temporary support passwords
Viewing the temporary support password mode
Changing the temporary support password mode
Exporting temporary support password ciphertext
Changing temporary support password ciphertext
Notification settings
Notifications
Viewing email alerts
Editing SMTP settings
Importing a CA certificate into a StoreOnce client trust store (SMTP)
Adding SMTP subscriptions
Editing and deleting SMTP subscriptions
Sending test email
SNMP
Viewing and configuring SNMP
Editing SNMP agent setups
Adding SNMP trapsinks
Editing SNMP trapsinks
Removing SNMP trapsinks
Adding SNMP users
Editing SNMP users
Removing SNMP users
Testing SNMP agents
Remote Logging Server
Adding remote logging servers
Editing and deleting remote logging servers
Best practices
Redundant hardware connectivity guidelines
Capacity upgrade planning considerations
3-2-1 strategy
Data services best practices
Housekeeping best practices
StoreOnce Catalyst over Fibre Channel best practices
StoreOnce Catalyst best practices
StoreOnce Catalyst via Micro Focus Data Protector best practices
Troubleshooting
All member systems in a federation are unreachable
Backup application connection issues
Cannot re-add StoreOnce System to federation after changing IP address
CIFS share cannot be accessed from Windows with Authentication mode set to none
NAS CIFS timeout issues
NAS NFS stale handle error
Obtaining log collections
Password issues
Reported capacity shows an unexpected drop
Restarting data services
StoreOnce Catalyst Cloud Bank store status is not Online
When editing Client Access Description details on a Catalyst Store, Password Details are cleared
Unable to create Catalyst Stores or VT libraries using localized characters
When adding multiple additional encryption links, the network activation does not complete
Connectivity is lost when static routes are used but "Allow Management Traffic" is disabled
StoreOnce websites
Support and other resources
Accessing Hewlett Packard Enterprise Support
Accessing updates
Remote support
Customer self repair
Warranty information
Regulatory information
Documentation feedback
Getting started
Subtopics
What's new in StoreOnce Systems 4.3.5
FAQ
Logging in to the StoreOnce Management Console
User interface quick tour
Selecting a system to view and manage (federation)
StoreOnce Management Console supported browsers
Using the StoreOnce First Time Setup wizard
What's new in StoreOnce Systems 4.3.5
HPE StoreOnce software 4.3.5 supports the following:
StoreOnce 4.3.5 fixes an issue where event payloads generated for HPE Service Tools and Technical Support (STaTS) are
incorrectly generated, causing the application to fail to process events and take appropriate action.
FAQ
General
Can I upgrade older versions of HPE StoreOnce Systems to software version 4.x.x?
No. StoreOnce Systems running version 3.x software cannot be upgraded to version 4.x.
Replication
Is StoreOnce Gen4 replication compatible with StoreOnce Gen3 replication?
Yes.
Is StoreOnce Gen4 replication compatible with StoreOnce Gen2 replication?
No.
Does StoreOnce Gen4 Management Console support creating new replication target devices (NAS share or VT library) from a source
StoreOnce System ?
No. You must first create a new target device on the target StoreOnce System, and then grant permission to source StoreOnce
Systems to replicate to the target device. Learn more: NAS shares replication overview and VT libraries replication overview.
Licensing
Is StoreOnce Gen4 licensing different than StoreOnce Gen3 licensing?
Yes. For example:
StoreOnce Gen4 Catalyst and replication do not require licenses to use
StoreOnce Gen4 Secure Erase does not require a license to use
Do StoreOnce Gen4 Systems support HPE StoreOnce all-inclusive licensing?
Yes.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
15
Are HPE Cloud Bank Storage licensing and Encryption licensing part of all-inclusive licensing?
No. Cloud Bank storage licenses are capacity-based and must be purchased separately. Encryption licenses may also be purchased
to enable data at rest and data in flight encryption.
Logging in to the StoreOnce Management Console
Procedure
1. Browse to the StoreOnce system. You can use the IP Address or Fully Qualified Domain Name, https://<IP address or FQDN> . The
StoreOnce Management Console Log In screen opens.
2. Enter your user name and password and click Log In.
If you log in to a StoreOnce System that is a federation lead, the Federation Dashboard is displayed. Learn more: Federations.
If you log in to a StoreOnce System that is not a federation lead, the System Dashboard is displayed.
User interface quick tour
The HPE StoreOnce Management Console user interface includes the following key features:
Main menu icon (1). Clicking the main menu icon exposes and hides the main menu. When the main menu is hidden, more of the viewing
area is available for screens, menus, and dialogs.
Main menu (2). The main menu provides quick access to the major areas and features in the user interface. The main menu is exposed
by default. If you do not see the main menu, click the main menu icon (1) to expose it.
System selector (3). Clicking the change-system icon (
) opens the System Management screen where you can choose the system
whose information is displayed in the screens and dialogs. The name of the selected system (3a) is displayed under the screen names.
TIP: The System Management screen displays multiple systems only when you are logged in to the lead system of a
StoreOnce federation. Learn more: Federations.
Screens (4). The screen area displays tabular and graphic information. Many screens include menu icons (
). Clicking menu icons
opens Actions menus on the right side of the screen. Some screens include Filters ( ), Search ( ), clickable graphics, and Information
icons ( ) that link to more detailed information.
Flyout menus and dialogs (5). The right side of screens is the flyouts area. The flyout area is where you can display menus and dialogs
that are normally hidden. This quick tour shows that on the Settings screen you can display an Actions menu (5a) and the System Date
& Time dialog (5b) in the flyout area. Many flyouts include Learn more links.
Panels (6). Several screens include clickable panels that provide quick access for viewing information and using action dialogs.
User icon (7). Clicking the user icon shows your login user name and enables you to log out.
Selecting a system to view and manage (federation)
About this task
If you are logged in to a StoreOnce federation lead system, you can select any member system to view and manage. The name of the
system that is being viewed and managed appears under the screen names. Learn more: User interface quick tour.
TIP: StoreOnce federations are user-specified configurations that allow multiple StoreOnce Systems to be managed
from a single system. Learn more: Federations.
Procedure
1. While viewing a screen, click the change-system icon (
). The System Management screen opens.
2. On the System Management screen, click the system that you want to view and manage. The screen that you were viewing changes
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
16
to show that the system you selected is now being managed.
Example
Example
While viewing the Settings screen for System A, you want to view and change the settings for System B.
1. On the Settings screen, click the change-system icon (
). The System Management screen opens.
2. On the System Management screen, click System B. The Settings screen changes to show that you are now viewing and managing
System B.
StoreOnce Management Console supported browsers
For the most current compatibility information including browser versions, see the HPE StoreOnce Support Matrix. See StoreOnce
websites for the link to this resource.
Internet Explorer
Mozilla Firefox
Google Chrome
Using the StoreOnce First Time Setup wizard
About this task
The StoreOnce First Time Setup wizard guides you through the steps to set up a recently installed StoreOnce System.
Procedure
1. Browse to the recently installed StoreOnce System. The First Time Setup wizard is automatically displayed.
TIP: If a StoreOnce System has already been set up, the First Time Setup wizard is not displayed.
2. The setup steps include:
Setting the Administrator Password.
Setting the Console Password.
Setting basic System Information such as the system name (host name), location, and contact information.
Setting the System Date & Time . You can set the date and time manually, or synchronize the date and time with a network time
server.
Configuring Storage. The wizard also enables you to configure additional storage capacity that you might have installed. The
wizard also reports issues with additional storage, for example, when additional storage is not installed in the correct location.
Configuring Remote Support.
Configuring Dual Authorization.
About StoreOnce Systems
Subtopics
StoreOnce hardware models
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
17
Key capacity parameters
Optional hardware
Security features
StoreOnce hardware models
StoreOnce Gen 4 systems
The StoreOnce Gen 4 hardware platform includes the following hardware models. The 3620, 3640, 5200, 5250 and 5650 models
support StoreOnce software version 4.1 and later.
3620
Consists of a server with six 4 TB hard disks. Upgrade the capacity by purchasing the capacity upgrade kit which contains
another set of six 4 TB hard disks.
3640
Consists of a server with twelve 4 TB hard disks. Upgrade the capacity by purchasing up to two capacity upgrade enclosure kits.
Each kit contains twelve 4 TB hard disks.
5200
Consists of a server (without data storage) and a storage enclosure containing twelve 4 TB hard disks. Upgrade the capacity by
purchasing up to five capacity upgrade enclosure kits. Each kit contains twelve 4 TB hard disks.
5250
Consists of a server (without data storage) and a storage enclosure containing fifteen 4 TB or 8 TB hard disks. Upgrade by
purchasing up to five disk capacity upgrade kits with the same capacity to fill the original enclosure.
Once you have filled all the bays in the original enclosure using the disk expansion kits, you can add capacity upgrade enclosures
to your system. Use the disk capacity upgrade kits to completely fill a capacity upgrade enclosure before adding another
enclosure. You can add three capacity upgrade enclosures to your system.
5650
Consists of a server (without data storage) and a storage enclosure containing fifteen 4 TB or 8 TB hard disks. Upgrade by
purchasing up to five disk capacity upgrade kits with the same capacity to fill the original enclosure.
Once you have filled all the bays in the original enclosure using the disk expansion kits, you can add capacity upgrade enclosures
to your system. Use the disk capacity upgrade kits to completely fill a capacity upgrade enclosure before adding another
enclosure. You can add three capacity upgrade enclosures to your system.
StoreOnce Gen4+ systems
The StoreOnce Gen4+ hardware platform includes the following hardware models. These models only support StoreOnce software
version 4.3 and later.
3660
Consists of a server with two 4TB Hard Disks (for OS) and ten 8TB hard disks. Upgrade the capacity by purchasing up to two
capacity upgrade enclosure kits. Each kit containing twelve 8TB hard disks.
5260
Consists of a server (without data storage) with two 1.9TB SSDs (for OS) and eight 3.2TB SSDs (for the data cache) in the head,
and a storage enclosure containing twelve 16TB hard disks. Upgrade the capacity by purchasing up to four capacity upgrade
enclosure kits. Each kit containing twelve 16TB hard disks.
5660
Consists of a server (without data storage) with two 1.9TB SSDs (For OS) and eight 6.4TB SSDs (For the data cache) in the head,
and a storage enclosure containing twelve 16TB hard disks. Upgrade by purchasing up to eight disk capacity upgrade enclosure
kits. Each kit containing twelve 16TB hard disks.
Key capacity parameters
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
18
HPE StoreOnce 3660 System
HPE StoreOnce 5260 System
HPE StoreOnce 5660 System
Minimum raw storage capacity
(TB)
80
192
192
Maximum raw storage capacity
(TB)
272
768
1.5PB
Minimum usable (after RAID)
capacity (TB)
56
144
144
Maximum usable (after RAID)
capacity (TB)
200
576
1.1PB
36
64
128
Maximum concurrent inbound
256
data streams (VTL, NAS,
Catalyst, Replication combined)
512
1024
Maximum IPv4 and IPv6 VLAN
takes subnets (each)
128
128
128
Maximum drive per appliance
256
512
1024
Maximum VTL concurrent
streams
256
512
1024
Maximum cartridges per library 4096
16384
16384
Maximum cartridges per
appliance
147456
1048576
3145728
Maximum cartridge size (GB)
3200
3200
3200
254
254
Maximum files per NAS Share - 1 million
V2 Shares (an item can be a file
or directory)
1 million
1 million
Maximum files per NAS Share - 25000
V1 Shares (an item can be a file
or directory)
25000
25000
Maximum concurrent NAS
backup or replication streams
512
1024
Maximum concurrent outbound 48
copy jobs (per appliance)
128
256
Maximum concurrent data and
inbound copy jobs (per
appliance) *
512
1024
Maximum replication appliances 24
fan - in
32
50
Maximum replication appliances 4
fan - out
4
8
Capacity
System Limits
Maximum number of libraries,
shares, and StoreOnce Catalyst
Stores combined
VTL
Maximum support devices
254
(drives and loaders) per FC port
(NPIV)
NAS
256
StoreOnce Catalyst
256
Replication
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
19
HPE StoreOnce 3660 System
HPE StoreOnce 5260 System
HPE StoreOnce 5660 System
Maximum replication fan - in per 8
library/device
8
8
Maximum replication fan - out
per library/device
1
1
Maximum concurrent replication 32
jobs as source
48
96
Maximum concurrent replication 64
jobs as target
128
192
1
Optional hardware
You can add the following optional hardware to any of the StoreOnce Gen4 hardware models. The optional hardware can be installed
either in the factory when you purchase the system, or at a later date. A License Entitlement certificate comes with the hardware
purchase. If you purchase the hardware after the initial system installation, you must obtain and install the license before using the
optional hardware.
HPE StoreOnce Gen4+ 10G Base-T 2p Adapter
HPE StoreOnce Gen4+ 10/25Gb 2p SFP Adapter
HPE StoreOnce Gen4 16Gb FC Network Card
HPE StoreOnce Gen4 32Gb FC Network Card
For more information, see the HPE StoreOnce Optional Hardware Installation and Configuration Guide .
Security features
The StoreOnce System offers the security features of Data at Rest Encryption, Data in Flight Encryption, and Secure Erase. Data at Rest
and Data in Flight Encryption can be applied using a Security license. Secure Erase is available without a license.
The IPsec feature includes security. An encryption license is required to enable the encryption feature.
Data at Rest Encryption
When enabled, Data at Rest Encryption protects data at rest on a stolen, discarded, or replaced disk from forensic attack.
If the Security license is already applied, you can enable Data at Rest Encryption when creating a StoreOnce Catalyst store, VT library,
and NAS share. Once enabled, encryption is automatically performed on the data before it gets written to disk. Encryption cannot be
disabled once it is configured.
IMPORTANT:
When encrypting Catalyst stores, NAS shares, or VT libraries, Hewlett Packard Enterprise recommends backing up
internal and external encryption key stores. For information on backing up external keys, see Backing up Key Manager
configurations.
Data in Flight Encryption
Data in Flight Encryption is used to secure network links between data centers for low-bandwidth Catalyst Copy or VT library and NAS
replication. StoreOnce does not support Data In Flight Encryption for direct backup to StoreOnce Systems over a local network, due to
performance impacts.
When enabled, Data in Flight Encryption protects in-transit data from attack using the IPsec protocol. The data can be moving between
two StoreOnce Systems over a WAN. Or, moving between a StoreOnce System and a backup server over a LAN or WAN.
Data in Flight Encryption encrypts the data traffic to all the Catalyst stores using that IP connection. Therefore, it may have an impact
on performance.
IMPORTANT:
Data in Flight Encryption is not supported for IPv6 subnets.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
20
Key Managers
The StoreOnce System can use a local or an external key manager to manage keys for Data at Rest and Data in Flight Encryption. The
local key manager is used unless the system has been configured to use an external key manager. Two external key manager products
are supported: Micro Focus Enterprise Secure Key Manager and Gemalto SafeNet KeySecure. At any time, you can configure the
StoreOnce System to use the local or external key manager. You cannot use both key manager types at the same time.
When using the local key manager, the local key store contains the encryption keys used for Data at Rest Encryption or Data in Flight
Encryption. Hewlett Packard Enterprise recommends backing up the local key store and saving it securely offsite in case the original
key store becomes corrupted. Keep only the latest version of the key store.
When using an external key manager, the local key store contains only the credentials required to authenticate the external key
manager. Hewlett Packard Enterprise recommends backing up the local key store after a StoreOnce System has been successfully
configured to use the external key manager. The external key manager stores and manages all the encryption keys used for Data in
Flight Encryption and Data at Rest Encryption.
Secure Erase
You can enable Secure Erase for all store types except Cloud Bank stores. This feature allows secure erasure of data that was backed up
as part of a regular backup job. For example, you may have unintentionally backed up confidential data and want to ensure that it has
been securely erased.
IMPORTANT:
Secure Erase increases system overhead and reduces performance. Hewlett Packard Enterprise recommends
enabling Secure Erase immediately prior to expiring a backup from the backup application. And disabling Secure
Erase it immediately afterward. Do not leave Secure Erase enabled for long periods of time.
To remove data immediately, be sure that the backup application is configured correctly. You may need to revise
rotation and retention policies to ensure that the data is expired.
Hewlett Packard Enterprise recommends using the backup application to delete data when using Secure Erase.
Secure Erase can only be enabled after the StoreOnce Catalyst store, VT library, or NAS share is created. Enable Secure Erase by editing
the store, VT library, or NAS share. Once you enable Secure Erase, all data written to disk will be securely erased upon data deletion.
The Secure Erase overwrites data to be deleted with a sequence of 0, 1 or pseudo random data. The sequence depends on the number
of overwrite passes. You can configure Secure Erase to overwrite the data to be deleted with either one, three, five, or seven passes.
The amount of time required to complete the Secure Erase increases with the number of overwrite passes.
When Secure Erase is enabled (for Catalyst stores, VT libraries, or NAS shares), data is securely deleted. Work with the backup
application to trigger the Secure Erase, for example by forcing the format of a VT library cartridge. The backup application sends the
request to delete the data and the deletion is carried out as part of the Housekeeping function. You can trigger Secure Erase manually
by deleting:
A StoreOnce Catalyst object or whole store
VT library cartridge, or whole VT library
NAS share
Only data chunks (processed portions of user data) that are not referenced by any other items can be securely erased. If an item
references a data chunk that is not marked for Secure Erase, the referenced data chunk will not be erased.
Configure Linux and Unix on StoreOnce Systems
Procedures for configuring supported versions of Linux and Unix on StoreOnce Systems.
Subtopics
Linux (x86, x64, and IA64)
HP-UX 11i v2/v3 (IA64)
Solaris (x86 and SPARC)
AIX
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
21
Linux (x86, x64, and IA64)
Subtopics
Supported versions of Linux
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS
The StoreOnce System and iSCSI
Configuring the StoreOnce System for iSCSI
Configuring the StoreOnce System for Fibre Channel
Supported versions of Linux
Refer to HPE StoreOnce Support Matrix for up-to-date details on supported applications. See StoreOnce websites for the link to this
resource.
NAS and the NFS protocol
The StoreOnce System supports NFSv3 protocol. The NFS protocol can be configured for synchronous or asynchronous mode when the
file system is mounted on the client.
Asynchronous mode allows the server to respond to the client when the I/O request is processed, before the data is written to the
server. While asynchronous mode can save time for I/O requests and improve performance, it does not ensure data safety.
Synchronous mode ensures that data is written to storage before responding to the client. While this mode may impact performance, it
ensures data safety and integrity.
When using NFS with the StoreOnce System, you must configure synchronous data transfer to ensure safe data transmission.
Configuring synchronous data transmission ensures data protection if the NFS server goes down or network connectivity is lost.
Configuring the StoreOnce System for NAS and NFS
Prerequisites
The backup application block size should be configured to at least twice (2x) the size of the NFS mount
wsize and rsize buffers.
About this task
Configure the StoreOnce System NAS interface to use NFS as the Access Protocol.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
22
Procedure
1. Using Linux, mount the NFS device using NFSv3 and forcing synchronous transfer using the following options, where x.x.x.x is
the IP address of the StoreOnce appliance:
mount –t nfs –o nfsvers=3,sync,wsize=<size in bytes>,rsize=<size in bytes>
x.x.x.x:/nas/<name of remote share> <local mount point>
For optimum performance, use the wsize and rsize mount options to specify NFS mount size. The recommended buffer size
is 65536 for both parameters.
In this example, set the backup application block size to 128K or more.
2. Verify the mount point:
localhost:~ $ mount -v
The output shows the following:
The local mount
The remote mount
The parameters with which the target device is mounted
An example of what the output looks like:
10.20.30.100:/nas/Share_1 on /mnt/nfs type nfs
(rw,sync,nfsvers=3,wsize=65536,rsize=65536,addr=10.20.30.100)
The StoreOnce System and iSCSI
Install and configure the iSCSI software for either SUSE Linux Enterprise Server or RedHat Linux Enterprise Server.
The command-line tool for configuring the Open-iSCSI package is the open-iscsi administration utility, known as iscsiadm. Detailed
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
23
instructions for the iscsiadm can be found in the Linux Man Pages, Session 8, iscsiadm (8).
Subtopics
Installing the Open-iSCSI module for SUSE Linux Enterprise Server
Installing the Open-iSCSI module for RedHat Enterprise Linux
Installing the Open-iSCSI module for SUSE Linux Enterprise Server
Procedure
1. Launch YaST.
2. Select Network Services > iSCSI Initiator
3. At the prompt to install the open-iscsi package, click Install.
Installing the Open-iSCSI module for RedHat Enterprise Linux
Procedure
1. Open RPM, the Package Manager tool.
2. Select and install the iscsi-initiator-utils package.
Configuring the StoreOnce System for iSCSI
Subtopics
Configuring the Open-iSCSI module manually
Configuring the Open-iSCSI module manually
Prerequisites
Ensure that port 3260 is open in any running firewalls.
Procedure
1. Using the Linux command line, discover available iSCSI target devices on a StoreOnce System, entering the following command,
where x.x.x.x is the IP address of the StoreOnce System:
localhost:~ $ iscsiadm --mode discovery --type sendtargets --portal
x.x.x.x | grep x.x.x.x
The response from the StoreOnce System is two iSCSI Qualified Names (IQN) for each available iSCSI target. For example:
[7db5cb] x.x.x.x:3260,1 iqn.198603.com.hp:storage.d2d.cr204c84d5.500110aa76f68fcb.library1.robotics
[ebf06d] x.x.x.x:3260,1 iqn.198603.com.hp:storage.d2d.cr204c84d5.500110a05ed5497b.library1.drive1
2. Write down the IQN values to use in the remainder of this configuration procedure.
3. Optional: To configure CHAP authentication, perform the following steps:
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
24
a. Using the StoreOnce Management Console, update the iSCSI Authentication details.
b. Using the Linux command line, modify the operating system for each available target discovered in step 1:
localhost:~ $ iscsiadm --mode node --targetname <iqn...>
--portal x.x.x.x:3260 --op update –-name node.session.auth.authmethod
--value CHAP
localhost:~ $ iscsiadm --mode node --targetname <iqn...>
--portal x.x.x.x:3260 --op update –-name node.session.auth.username
--value <chap_username>
localhost:~ $ iscsiadm --mode node --targetname <iqn...>
--portal x.x.x.x:3260 --op update –-name node.session.auth.password
--value <chap_password>
c. If the target is required to log on to the Initiator for two-way CHAP, use the following two commands:
localhost:~ $ iscsiadm --mode node --targetname <iqn...>
--portal x.x.x.x:3260 --op update –-name node.session.auth.username_in
--value <chap_username>
localhost:~ $ iscsiadm --mode node --targetname <iqn...>
--portal x.x.x.x:3260 --op update –-name node.session.auth.password_in
--value <chap_password>
d. Log in the Linux host to each iSCSI target device:
localhost:~ $ iscsiadm --mode node --targetname <iqn...>
--portal x.x.x.x:3260 --login
4. Configure the iSCSI nodes to log in automatically on system startup by modifying the configuration settings for each available
target:
localhost:~ $ iscsiadm --mode node --targetname <iqn...> --portal x.x.x.x:3260 --op
update –-name node.conn[0].startup --value automatic
5. Enable the iSCSI target devices to remain persistent across system reboots by configuring the open-iscsi service to run at system
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
25
startup:
SUSE Linux Enterprise Server
localhost:~ $ chkconfig open-iscsi on
Red Hat Enterprise Linux
localhost:~ $ chkconfig iscsi on
6. Verify that this configuration change has been accepted:
SUSE Linux Enterprise Server
localhost:~ $ chkconfig –-list open-iscsi
open-iscsi
0:off
1:off
2:off
3:on
4:off
5:on
6:off
Red Hat Enterprise Linux
localhost:~ $ chkconfig –-list iscsi
iscsi
0:off
1:off
2:off
3:on
4:off
5:on
6:off
7. Verify that the Linux system now has access to the target device:
localhost:~ $ cat /proc/scsi/scsi
The output of this command is a list of all the configured SCSI devices on the system, including the StoreOnce System. An example
output is:
Attached devices: Host: scsi4 Channel: 00 Id: 00 Lun: 00 Vendor: HP Model: MSL G3
Series Rev: pc81 Type: Medium Changer ANSI SCSI revision: 03 Host: scsi5 Channel: 00
Id: 00 Lun: 00 Vendor: HP Model: Ultrium 3-SCSI Rev: pc81 Type: Sequential-Access ANSI
SCSI revision: 03
Configuring the StoreOnce System for Fibre Channel
About this task
This procedure is for a Switched Fabric Configuration.
Procedure
1. Zone the individual devices to the host using the virtual device WWNs shown on the StoreOnce Management Console, as shown in
the example.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
26
2. Using Linux, verify that the Linux machine now has access to the target device:
localhost:~ $ cat /proc/scsi/scsi
The output of this command is a list of all the configured SCSI devices on the system, including the StoreOnce System. An example
output:
Attached devices:
Host: scsi4
Channel: 00
Id: 00
Lun: 00
Vendor: HP
Model: MSL G3 Series
Rev: pc81
Type:
Medium Changer
ANSI SCSI revision: 03
Host: scsi5 Channel: 00
Id: 00
Lun: 00
Vendor: HP
Model: Ultrium 3-SCSI
Rev: pc81
Type:
Sequential-Access
ANSI SCSI revision: 03
HP-UX 11i v2/v3 (IA64)
Subtopics
Supported versions of HP-UX
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS in UNIX
Configuring the StoreOnce System for iSCSI
Configuring the StoreOnce System for Fibre Channel
Changing the HP-UX buffer size
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
27
Supported versions of HP-UX
Refer to HPE StoreOnce Support Matrix for up-to-date details on supported applications. See StoreOnce websites for the link to this
resource.
A block size no larger than 256 KB is recommended when working with HP-UX 11i v2.
NAS and the NFS protocol
The StoreOnce System supports NFSv3 protocol. The NFS protocol can be configured for synchronous or asynchronous mode when the
file system is mounted on the client.
Asynchronous mode allows the server to respond to the client when the I/O request is processed, before the data is written to the
server. While asynchronous mode can save time for I/O requests and improve performance, it does not ensure data safety.
Synchronous mode ensures that data is written to storage before responding to the client. While this mode may impact performance, it
ensures data safety and integrity.
When using NFS with the StoreOnce System, you must configure synchronous data transfer to ensure safe data transmission.
Configuring synchronous data transmission ensures data protection if the NFS server goes down or network connectivity is lost.
Configuring the StoreOnce System for NAS and NFS in UNIX
Prerequisites
The backup application block size should be configured to at least twice (2x) the size of the NFS mount
wsize and rsize buffers.
About this task
In the StoreOnce Management Console, configure the StoreOnce System NAS interface to use NFS as the Access Protocol.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
28
Procedure
1. In HP-UX, mount the NFS device using NFSv3 and forcing synchronous transfer using the following options, where x.x.x.x is
the IP address of the StoreOnce appliance:
mount -F nfs -o forcedirectio,vers=3,wsize=<size in bytes>,rsize=<size in bytes>
x.x.x.x:/nas/<name of remote share> <local mount>
2. Using the wsize and rsize mount options, specify the NFS mount size:
mount <remote NFS share> <local mount point> -o "forcedirectio,wsize=65536
rsize=65536"
For optimum performance, set the mount options to the recommended buffer size of 65536 for both parameters.
In this example, set the backup application block size to 128K or more.
3. In the StoreOnce Management Console, set the Write Delay option to Off for NFS shares to avoid low throughput performance
issues.
a. On the main menu, select Data Services.
b. On the Data Services screen, click the title NAS Shares above the graphic.
c. On the NAS Shares screen, select the NAS NFS share.
d. On the NAS Shares screen for the selected NAS NFS share, click the Permissions tab.
e. On the Host List panel, click the host, and then click the edit icon (
).
The Edit Host Access dialog opens.
f. Toggle off the Write Delay button.
g. Close the Edit Host Access dialog.
4. In HP-UX, verify the mount point:
localhost:~ $ mount -v
An example of what the output looks like:
10.20.30.100:/nas/Share_1 on /mnt/nfs type nfs
forcedirectio,wsize=65536,rsize=65536,NFSv3,dev=4000004 on Day/Month/Date/Time/Year
Configuring the StoreOnce System for iSCSI
Subtopics
Installing the iSCSI software initiator
Configuring the iSCSI software initiator manually using the command line
Installing the iSCSI software initiator
About this task
The iSCSI Software Initiator is at the HPE Software Depot.
Procedure
1. Go to http://www.hpe.com/support/softwaredepot.
2. Enter iSCSI software initiator in the search box.
3. When the Product Category page displays the HP-UX iSCSI Software Initiator (iSCSI-00) , click Select.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
29
4. Complete the information on the order page that opens and click Next.
5. On the Software Downloads and Licenses page:
a. Confirm the order information at the top of the page.
b. In the Software section, select either Use Standard Download or Use HPE Download Manager.
c. Click Download next to the HP-UX version on which you plan to install the initiator.
d. In the Documentation section, select the download method for the installation instructions and click Download.
6. Using the documentation that you downloaded, follow the instructions to install the software for your version of HP-UX.
7. Find the recommended documentation for the next steps at the Hewlett Packard Support Center website,
http://www.hpe.com/support/hpesc.
Search for the following documents:
The HP-UX iSCSI Software Initiator Release Notes for patch dependencies
The HP-UX iSCSI Software Initiator Support Guide for instructions on configuring the iSCSI Subsystem
Configuring the iSCSI software initiator manually using the command line
About this task
The command-line tool for configuring the HP-UX iSCSI software initiator is iscsiutil . Detailed instructions for iscsiutil
can be found in the iscsiutil(1M) man documents. The following instructions provide the minimum steps required to connect an HP-UX
host to a StoreOnce System.
Procedure
1. Add the path for iscsiutil and other iSCSI executables to the root path:
# PATH=$PATH:/opt/iscsi/bin
2. Find the iSCSI initiator node for the HP-UX host:
# iscsiutil -l
Initiator Name
: iqn.1986-03.com.hp:mantis.ef28ceae-7203-11dc-82a4
-bf88291ef301
The StoreOnce System Management Console requires the initiator node name when manually configuring library devices.
3. Discover available iSCSI target devices on a StoreOnce System and then add them to iSCSI persistent information by entering the
following command, where x.x.x.x is the IP address of the StoreOnce System:
# iscsiutil –aI x.x.x.x
The command returns the following:
Target address “x.x.x.x:3260,1” has been successfully added.
4. Display the discovery target that has been configured:
# iscsiutil –pD
The output will be similar to the following:
Discovery Target Information
---------------------------Target # 1
----------IP Address
: x.x.x.x
iSCSI TCP Port
: 3260
iSCSI Portal Group Tag : 1
User Configured:
----------------
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
30
Authenticaton Method
CHAP Method
Initiator CHAP Name
:
: CHAP_UNI
:
CHAP Secret
Header Digest
Data Digest
:
: None,CRC32C (default)
: None,CRC32C (default)
5. Discover operational target devices:
# ioscan -H 255
The output will be similar to the following:
H/W Path
Class
Description
==================================================
255/0
iscsi
iSCSI Virtual Node
255/0/0.0
ext_bus
iSCSI-SCSI Protocol Interface
255/0/0.0.0
target
255/0/0.0.0.0
255/0/2.0
255/0/2.0.0
255/0/2.0.0.0
tape
ext_bus
target
autoch
HP
Ultrium 3-SCSI
iSCSI-SCSI Protocol Interface
HP
MSL G3 Series
6. Display operational target devices:
# iscsiutil –pO
The output will be similar to the following:
Operational Target Information
-----------------------------Target # 1
----------Target Name
: iqn.198603.com.hp:storage.d2d.cr209107ff.500110a6656e596f.library1
.drive1
Target Alias
No. of Target Addresses
Target Address # 1
------------------IP Address
:
: 1
iSCSI TCP Port
iSCSI Portal Group Tag
User Configured:
---------------Authenticaton Method
: 3260
: 1
CHAP Method
Initiator CHAP Name
CHAP Secret
Header Digest
: x.x.x.x
:
: CHAP_UNI
:
:
: None,CRC32C (default)
Data Digest
: None,CRC32C (default)
Target # 2
----------Target Name
: iqn.198603.com.hp:storage.d2d.cr209107ff.500110ad6bd1034b.library
1 .robotics
Target Alias
:
No. of Target Addresses : 1
Target Address # 1
------------------IP Address
iSCSI TCP Port
iSCSI Portal Group Tag
User Configured:
: x.x.x.x
: 3260
: 1
----------------
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
31
Authenticaton Method
CHAP Method
Initiator CHAP Name
CHAP Secret
:
: CHAP_UNI
:
:
Header Digest
Data Digest
: None,CRC32C (default)
: None,CRC32C (default)
7. Optional: In the StoreOnce Management Console, configure uni-directional CHAP authentication by updating the iSCSI
Authentication details.
8. In HP-UX, modify the operating system:
a.
# iscsiutil –t authmethod CHAP None
b.
# iscsiutil –u –H CHAP_UNI
c.
# iscsiutil –u –N <chap_username> –T <iqn...> –I x.x.x.x
d.
# iscsiutil –u –W <chap_password> –T <iqn...> –I x.x.x.x
9. Optional: If CHAP authentication has been enabled, rediscover operational target devices:
# ioscan -H 255
The output will be similar to the following:
H/W Path
Class
Description
==================================================
255/0
iscsi
iSCSI Virtual Node
255/0/0.0
255/0/0.0.0
255/0/0.0.0.0
255/0/2.0
255/0/2.0.0
255/0/2.0.0.0
ext_bus
target
tape
ext_bus
target
autoch
iSCSI-SCSI Protocol Interface
HP
Ultrium 3-SCSI
iSCSI-SCSI Protocol Interface
HP
MSL G3 Series
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
32
10. If the device type shown in the preceding step is UNKNOWN instead of TAPE or AUTOCH , then you must configure the
stape and schgr modules for the HP-UX kernel:
HP-UX 11i v2
# kcmodule –B stape=static schgr=static
* The automatic 'backup' configuration has been updated.
Module
State
Cause
schgr
(now)
static
best
(next boot)
static
explicit
stape
(now)
(next boot)
static
static
best
explicit
HP-UX 11i v3
# kcmodule –h –B stape=static estape=static schgr=static eschgr=static
* The automatic 'backup' configuration has been updated.
Module
State
Cause
schgr
(now)
static
best
(next boot)
static
explicit
stape
eschgr
estape
(now)
(next boot)
(now)
(next boot)
(now)
static
static
static
static
static
best
explicit
best
explicit
best
(next boot)
static
explicit
11. Create device files for the target devices:
# insf –H 255
12. Display the device files associated with the operational target devices:
# ioscan –fnH 255
The output will be similar to the following:
Class I H/W Path Driver S/W State H/W Type Description
========================================================================== iscsi 0
255/0 iscsi CLAIMED VIRTBUS iSCSI Virtual Node ext_bus 8 255/0/0.0 iscsial CLAIMED
INTERFACE iSCSI-SCSI Protocol Interface target 10 255/0/0.0.0 tgt CLAIMED DEVICE tape
1 255/0/0.0.0.0 stape CLAIMED DEVICE HP Ultrium 3-SCSI /dev/rmt/1m /dev/rmt/1mn
/dev/rmt/c8t0d0BEST /dev/rmt/c8t0d0BESTn /dev/rmt/1mb /dev/rmt/1mnb
/dev/rmt/c8t0d0BESTb /dev/rmt/c8t0d0BESTnb ext_bus 9 255/0/2.0 iscsial CLAIMED
INTERFACE iSCSI-SCSI Protocol Interface target 11 255/0/2.0.0 tgt CLAIMED DEVICE
autoch 0 255/0/2.0.0.0 schgr CLAIMED DEVICE HP MSL G3 Series /dev/rac/c9t0d0
In this example the tape drives device files are the following:
/dev/rmt/1m
AT&T, best density available
/dev/rmt/1mb
Berkeley, best density available
/dev/rmt/1mn
AT&T, no rewind, best density available
/dev/rmt/1mnb
Berkeley, no rewind, best density available
/dev/rmt/c8t0d0BEST
AT&T, best density available
/dev/rmt/c8t0d0BESTb
Berkeley, best density available
/dev/rmt/c8t0d0BESTn
AT&T, best density available
/dev/rmt/c8t0d0BESTnb Berkeley, no rewind, best density available
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
33
And the autochanger device file is the following:
/dev/rac/c9t0d0
Configuring the StoreOnce System for Fibre Channel
About this task
This procedure is for a Switched Fabric Configuration.
Procedure
1. Zone the individual devices to the host using the virtual device WWNs shown on the StoreOnce Management Console, as shown in
the example.
2. Using HP-UX, discover operational target devices:
# ioscan
The output will be similar to the following:
H/W Path
Class
Description
================================================================
0/5
ba
Local PCI-X Bus Adapter (783)
0/5/1/0
fc
HP AB379-60001 4Gb Dual Port
PCI/PCI-X Fibre Channel Adapter (FC Port 1)
0/5/1/0.166
fcp
FCP Domain
0/5/1/0.166.0.255.0
0/5/1/0.166.0.255.0.1
0/5/1/0.166.0.255.0.1.0
0/5/1/0.166.0.255.0.2
0/5/1/0.166.0.255.0.2.0
t_bus
FCP Device Interface
target
autoch
target
tape
HP
MSL G3 Series
HP
Ultrium 3-SCSI
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
34
3. If the device type shown in the preceding step is UNKNOWN instead of TAPE or AUTOCH , then you must configure the
stape and schgr modules for the HP-UX kernel as follows:
HP-UX 11i v2
# kcmodule –B stape=static schgr=static
* The automatic 'backup' configuration has been updated.
Module
State
Cause
schgr
stape
(now)
(next boot)
(now)
(next boot)
static
static
static
static
best
explicit
best
explicit
HP-UX 11i v3
# kcmodule –h –B stape=static estape=static schgr=static eschgr=static
* The automatic 'backup' configuration has been updated.
Module
State
Cause
schgr
stape
eschgr
estape
(now)
(next boot)
(now)
(next boot)
static
static
static
static
best
explicit
best
explicit
(now)
(next boot)
(now)
(next boot)
static
static
static
static
best
explicit
best
explicit
4. Create device files for the target devices:
# insf
5. Display the device files associated with the operational target devices:
# ioscan –fn
The output will be similar to the following:
Class I H/W Path Driver S/W State H/W Type Description
========================================================================== ba 4 0/5
lba CLAIMED BUS_NEXUS Local PCI-X Bus Adapter (783) fc 5 0/5/1/0 fcd CLAIMED INTERFACE
HP AB379-60001 4Gb Dual Port PCI/PCI-X Fibre Channel Adapter (FC Port 1) /dev/fcd5 fcp
11 0/5/1/0.166 fcd_fcp CLAIMED INTERFACE FCP Domain ext_bus 33 0/5/1/0.166.0.255.0
fcd_vbus CLAIMED INTERFACE FCP Device Interface target 8 0/5/1/0.166.0.255.0.1 tgt
CLAIMED DEVICE autoch 1 0/5/1/0.166.0.255.0.1.0 schgr CLAIMED DEVICE HP MSL G3 Series
/dev/rac/c33t1d0 target 9 0/5/1/0.166.0.255.0.2 tgt CLAIMED DEVICE tape 23
0/5/1/0.166.0.255.0.2.0 stape CLAIMED DEVICE HP Ultrium 3-SCSI /dev/rmt/1m
/dev/rmt/1mn /dev/rmt/c33t2d0BEST /dev/rmt/c33t2d0BESTn /dev/rmt/1mb /dev/rmt/1mnb
/dev/rmt/c33t2d0BESTb /dev/rmt/c33t2d0BESTnb
In this example the tape drives device files are the following:
/dev/rmt/1m
AT&T, best density available
/dev/rmt/1mb
Berkeley, best density available
/dev/rmt/1mn
AT&T, no rewind, best density available
/dev/rmt/1mnb
Berkeley, no rewind, best density available
/dev/rmt/c33t2d0BEST
AT&T, best density available
/dev/rmt/c33t2d0BESTb
Berkeley, best density available
/dev/rmt/c33t2d0BESTn
AT&T, best density available
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
35
/dev/rmt/c33t2d0BESTnb Berkeley, no rewind, best density available
And the autochanger device file is:
/dev/rac/c33t1d0
Changing the HP-UX buffer size
Procedure
1. At the command prompt, enter:
# sam
2. Select the kernel configuration.
3. Select Tunables .
4. To modify this option, use the arrow keys to scroll down to nfs3_bsize , and then use the arrow keys to select m .
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
36
5. Use the arrow keys to navigate to New setting [Expression/Value] , and enter the new value for the buffer size.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
37
6. Move the cursor to Do you want to hold the change until next reboot? Select No .
7. Move the cursor to Reason for change and select Modify . Click Enter .
8. If your command worked, the command successful screen displays.
9. To exit sam , press Enter and then x .
Solaris (x86 and SPARC)
Subtopics
Supported versions of Solaris
NAS and the NFS protocol
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
38
Configuring the StoreOnce System for NAS and NFS in Solaris
Configuring the StoreOnce System for iSCSI
Supported versions of Solaris
Refer to HPE StoreOnce Support Matrix for up-to-date details on supported applications. See StoreOnce websites for the link to this
resource.
NAS and the NFS protocol
The StoreOnce System supports NFSv3 protocol. The NFS protocol can be configured for synchronous or asynchronous mode when the
file system is mounted on the client.
Asynchronous mode allows the server to respond to the client when the I/O request is processed, before the data is written to the
server. While asynchronous mode can save time for I/O requests and improve performance, it does not ensure data safety.
Synchronous mode ensures that data is written to storage before responding to the client. While this mode may impact performance, it
ensures data safety and integrity.
When using NFS with the StoreOnce System, you must configure synchronous data transfer to ensure safe data transmission.
Configuring synchronous data transmission ensures data protection if the NFS server goes down or network connectivity is lost.
Configuring the StoreOnce System for NAS and NFS in Solaris
Prerequisites
The backup application block size should be configured to at least twice (2x) the size of the NFS mount wsize and rsize buffers.
About this task
In the StoreOnce Management Console, configure the StoreOnce System NAS interface to use NFS as the Access Protocol.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
39
Procedure
1. In Solaris, mount the NFS device using NFSv3 and forcing synchronous transfer using the following options, where x.x.x.x is
the IP address of the StoreOnce appliance:
mount -F nfs -o forcedirectio,vers=3,wsize=<size in bytes>,rsize=<size in bytes>
x.x.x.x:/nas/<name of remote share> <local mount>
For optimum performance, use the wsize and rsize mount options to specify NFS mount size. The recommended buffer size
is 65536 for both parameters.
mount <remote nfs share> <local mount point> -o "forcedirectio,wsize=65536
rsize=65536"
2. In the StoreOnce Management Console, set the Write Delay option to Off for NFS shares to avoid low throughput performance
issues.
a. On the main menu, select Data Services.
b. On the Data Services screen, click the title NAS Shares above the graphic.
c. On the NAS Shares screen, select the NAS NFS share.
d. On the NAS Shares screen for the selected NAS NFS share, click the Permissions tab.
e. On the Host List panel, click the host, and then click the edit icon (
).
The Edit Host Access dialog opens.
f. Toggle off the Write Delay button.
g. Close the Edit Host Access dialog.
3. In Solaris, verify the mount point:
localhost:~ $ mount -v
The output shows the following:
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
40
The local mount
The remote mount
The parameters with which the target device is mounted
An example of what the output looks like:
10.20.30.100:/nas/Share_1 on /mnt/nfs type nfs
remote/read/write/setuid/devices/rstchown/forcedirectio/vers=3/wsize=65536/rsize=65536/xattr/dev
=8c00005 on Day/Month/Date/Time/Year
Configuring the StoreOnce System for iSCSI
Subtopics
How to enable the iSCSI software initiator
How to manually configure the iSCSI software initiator using the command line
How to enable the iSCSI software initiator
Procedure
1. Using Solaris, enable the iSCSI services using the following command:
# svcadm –v enable iscsi_initiator
svc:/network/iscsi_initiator:default enabled
2. Verify that the iSCSI services are running:
# svcs –a | grep iscsi_initiator
Online
10:10:28 svc: /network/iscsi_initiator:default
How to manually configure the iSCSI software initiator using the command line
About this task
The command-line tool for configuring the iSCSI is iscsiadm . Detailed instructions for iscsiadm can be found in the
iscsiadm man documents. The following instructions provide the minimum steps to connect a Solaris host to a StoreOnce System.
Procedure
1. Find the iSCSI initiator node for the Solaris host:
# iscsiadm list initiator-node Initiator node name: iqn.198603.com.sun:01:00144f1d9196.4715d8a3 Initiator node alias: - Login Parameters
(Default/Configured): Header Digest: NONE/- Data Digest: NONE/- Authentication Type:
NONE RADIUS Server: NONE RADIUS access: unknown Configured Sessions: 1
In this example, the initiator node name is iqn.1986-03.com.sun:01:00144f1d9196.4715d8a3 . This initiator node
name is required by the StoreOnce System web management interface when manually configuring library devices.
2. Configure the Solaris host to discover available iSCSI targets as follows, where x.x.x.x is the IP address of the StoreOnce
System:
# iscsiadm add discovery-address x.x.x.x:3260
# iscsiadm list discovery-address
Discovery Address: x.x.x.x:3260
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
41
# iscsiadm modify discovery -t enable
# iscsiadm list discovery
Discovery:
Static: disabled
Send Targets: enabled
iSNS: disabled
3. List the configured iSCSI target devices:
# iscsiadm list target
Target: iqn.198603.com.hp:storage.d2d.cr203f18f4.01a9754150ae013a.library1.robotics
Alias: D2D.CR203F18F4.Library1.Robotics
TPGT: 1
ISID: 4000002a0000
Connections: 1
Target: iqn.1986-03.com.hp:storage.d2d.cr203f18f4.7e0cdac23ab4eab1
.library1.drive1
Alias: D2D.CR203F18F4.Library1.Drive1
TPGT: 1
ISID: 4000002a0000
Connections: 1
In this example, the two target iSCSI Qualified Names are:
iqn.1986-03.com.hp:storage.d2d.cr203f18f4.01a9754150ae013a
.library1.robotics
iqn.1986-03.com.hp:storage.d2d.cr203f18f4.7e0cdac23ab4eab1
.library1.drive1
NOTE:
In the following commands, items in parentheses are user-defined strings. Substitute the appropriate information
for
<iqn...>
,
<chap_password>
and
<chap_username>
.
4. Optional: In the StoreOnce Management Console, configure uni-directional CHAP authentication by updating the iSCSI
Authentication details.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
42
5. Using Solaris, modify the operating system:
# iscsiadm modify initiator-node --authentication CHAP
# iscsiadm modify initiator-node --CHAP-name <chap_username>
# iscsiadm modify initiator-node --CHAP-secret
6. Enter the CHAP password when prompted.
7. Optional: If bidirectional CHAP authentication is required, use the following steps:
# iscsiadm modify target-param --bi-directional-authentication enable
<iqn...>
# iscsiadm modify target-param --authentication CHAP <iqn...>
# iscsiadm modify target-param --CHAP-name <chap_username>
# iscsiadm modify target-param --CHAP-secret <iqn...>
8. Enter the CHAP password when prompted.
9. Configure the iSCSI target devices as static devices:
# iscsiadm add static-config <iqn...>,x.x.x.x
# iscsiadm modify discovery -s enable
# iscsiadm list discovery
Discovery:
Static: enabled
Send Targets: enabled
iSNS: disabled
10. Verify the static configuration:
# iscsiadm list static-config
Static Configuration Target: iqn.198603.com.hp:storage.d2d.cr203f18f4.01a9754150ae013a.library1
.robotics,x.x.x.x:3260
Static Configuration Target: iqn.198603.com.hp:storage.d2d.cr203f18f4.7e0cdac23ab4eab1.library1
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
43
.drive,x.x.x.x:3260
# iscsiadm list target
Target: iqn.1986-03.com.hp:storage.d2d.cr203f18f4.7e0cdac23ab4eab1
.library1.drive1
Alias: ISID: 4000002a0000
Connections: 1
Target: iqn.198603.com.hp:storage.d2d.cr203f18f4.01a9754150ae013a.library1.robotics
Alias: ISID: 4000002a0000
Connections: 1
11. Create generic devices drivers for the iSCSI target devices:
# update_drv -ai '"scsiclass,08"' sgen # devfsadm -i iscsi
12. Verify that devices files for the iSCSI target device have been created:
# ls –l /dev/scsi/changer
lrwxrwxrwx
1 root
root
139 Jan
2 09:51 c3t1d0 ->
../../../devices/iscsi/medium-changer@0000iqn.198603.com.hp%3Astorage.d2d.cr203f18f4.19f71d0c4c694ca8.library1
.robotics0001,0:changer
Here you can see device file c3t1d0 has been created for the changer element:
# ls -l /dev/rmt/*cb
lrwxrwxrwx
1 root
root
116 Apr 18 14:51
/dev/rmt/2cb -> ../../devices/iscsi/tape@0000iqn.1986-03.com.hp%3Astorage
.d2d.cr203f18f4.01a9754150ae013a.library1.drive10001,0:cb
AIX
Subtopics
Supported versions of AIX
NAS and the NFS protocol
Configuring the StoreOnce System for NAS and NFS in AIX
Configuring the StoreOnce System for Fibre Channel
Supported versions of AIX
Refer to HPE StoreOnce Support Matrix for up-to-date details on supported applications. See StoreOnce websites for the link to this
resource.
NAS and the NFS protocol
The StoreOnce System supports NFSv3 protocol. The NFS protocol can be configured for synchronous or asynchronous mode when the
file system is mounted on the client.
Asynchronous mode allows the server to respond to the client when the I/O request is processed, before the data is written to the
server. While asynchronous mode can save time for I/O requests and improve performance, it does not ensure data safety.
Synchronous mode ensures that data is written to storage before responding to the client. While this mode may impact performance, it
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
44
ensures data safety and integrity.
When using NFS with the StoreOnce System, you must configure synchronous data transfer to ensure safe data transmission.
Configuring synchronous data transmission ensures data protection in case the NFS server goes down or network connectivity is lost.
Configuring the StoreOnce System for NAS and NFS in AIX
Prerequisites
The backup application block size should be configured to at least twice (2x) the size of the NFS mount wsize and rsize buffers.
About this task
In the StoreOnce Management Console, configure the StoreOnce System NAS interface to use NFS as the Access Protocol.
Procedure
In AIX, mount the NFS device using NFSv3 and forcing synchronous transfer using the following options, where
address of the StoreOnce appliance:
x.x.x.x is the IP
mount -o rw,bg,rsize=32768,wsize=32768,llock,proto=tcp,noac,vers=3,timeo=600
x.x.x.x:/nas/share name /mount folder on AIX box
For optimum performance, use the wsize and rsize mount options to specify NFS mount size. The recommended buffer size is
65536 for both parameters.
IMPORTANT:
The noac parameter is required to force synchronous transfer, but will incur a performance penalty.
Configuring the StoreOnce System for Fibre Channel
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
45
About this task
This procedure is for a Switched Fabric Configuration.
Procedure
1. Zone the individual devices to the host using the virtual device WWNs shown on the StoreOnce Management Console, as shown in
the example.
2. In AIX, check the Atape driver installation:
# lslpp -l Atape*
If the Atape driver is installed, output similar to the following displays:
Fileset
Level
State
Description
---------------------------------------------------------------------------Path: /usr/lib/objrepos
Atape.driver
12.6.2.0
COMMITTED
IBM AIX Enhanced Tape and
Medium Changer Device Driver
3. Using the StoreOnce Management Console, create a tape library.
AIX requires the IBM medium changer emulation type.
4. In AIX, configure the tape library: .
smit tape
Federations
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
46
StoreOnce Federations allow you to manage multiple StoreOnce Systems from a single system. The managing system in a federation is
called the federation lead system, and the other systems in the federation are called member systems.
Lead systems
When logged in to a lead system, you can manage the lead system and any member systems in the federation. For example, from the
lead system you can create StoreOnce Catalyst stores on any member systems in the federation.
The Federation Dashboard screen on a lead system displays the following aggregated information about the federation:
Total number of StoreOnce Systems in the federation
Software version of the StoreOnce Systems
StoreOnce Catalyst stores created
The overall storage utilization
Member systems
When logged in to a member system, you can manage the system as usual. However, you cannot manage other systems in the
federation from a member system.
The Federation Dashboard on a member system indicates that the system is part of federation and displays the IP address of the
federation lead. The dashboard does not display aggregated information about the federation.
Subtopics
Federation guidelines
Standalone federation example
Overlapping federations example
Viewing federation health
Viewing federation members
Creating federations
Adding systems to federations
Removing systems from federations
Selecting a system to view and manage (federation)
Federation guidelines
General guidelines
A federation can include up to 40 systems. The maximum includes the member systems and the lead system.
A federation can have only one lead system.
A system can be member in more than one federation.
A system can be a member in one system and also be the lead system in another federation.
Each member system in a federation must be able to communicate with the lead system. Member systems in a federation do not
need to be able to communicate with other member systems.
Networking guidelines
Hewlett Packard Enterprise strongly recommends using static IP addresses, rather than DHCP. If DHCP is used, and IP addresses
change, the trust relationships between systems will fail.
WARNING: If the IP address of the lead system in a federation is changed, access to all member systems in
federation will be lost. To re-establish access, each member system must be removed and re-added to the
federation.
If the IP address of a that is a member of the federation changes, you must remove the federation lead from the
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
47
federation member using the Federation Dashboard, before re-adding it to the federation.
It is not a requirement that member systems and the lead system in a federation reside on the same network. However, the network
route between federation lead and members must be robust.
Hewlett Packard Enterprise recommends setting up a federation as a separate network. The network can be a VLAN network, a
physical-port network, or mixed.
To add a StoreOnce System to a federation, you must enter its properly formatted IPv4 or IPv6 address. You cannot use a Fully
Qualified Domain Name (FQDN).
Standalone federation example
Scenario
Your organization has three StoreOnce Gen4 Systems: System1, System2, and System3. There is a need to create a federation that
includes the three StoreOnce systems. System1 is chosen to be the lead system for managing the federation.
The following are high-level step descriptions. For detail steps, see Adding systems to federations.
1. Browse to System1, the intended lead system, and log in.
2. Add System2
(To create the federation, you can add any intended member system. In this example System2 is added.)
a. On the Federation Dashboard for System1, open the Add dialog.
b. On the Add dialog, enter the system address and administrator credentials for System2.
c. When System2 is added, the federation is created. System1 is the lead and System2 is a member, reporting to System1.
3. Add System3
a. On the Federation Dashboard for System1, open the Add dialog.
b. On the Add dialog, enter the system address and administrator credentials for System3.
c. System3 is added to the federation, reporting to System1.
Overlapping federations example
Scenario
Your organization has 15 StoreOnce Gen4 Systems. There is a need to have two federations for managing systems and viewing
aggregated information. One federation will include all 15 StoreOnce Systems. A second federation is an overlapping federation that
will include six regional group StoreOnce Systems.
System1 is chosen to be the lead system for the federation of all 15 StoreOnce systems. System11 is chosen to be the lead system for
the federation of six regional group StoreOnce Systems.
The two federations can be created in any order. In this example, the federation of all 15 systems is created first. The following are highlevel step descriptions for creating the two federations.
Create the federation of all 15 StoreOnce Systems
1. Browse to System1, the intended lead system for the federation of all 15 StoreOnce Systems, and log in.
2. To add the 14 other StoreOnce Systems, repeat the following substeps:
a. On the Federation Dashboard for System1, open the Add dialog.
b. On the Add dialog, enter the system address and administrator credentials for the StoreOnce System to be added.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
48
Create the federation of six regional group StoreOnce Systems
1. Browse to System11, the intended lead system for the federation of the six regional group systems, and log in.
2. To add the five other StoreOnce Systems in the regional group, repeat the following substeps:
a. On the Federation Dashboard for System11, open the Add dialog.
b. On the Add dialog, enter the system address and administrator credentials for the StoreOnce System to be added.
Viewing federation health
Procedure
1. Browse to a lead system in the federation and log in.
The StoreOnce Management Console opens to the Federation Dashboard. The federation health is summarized in the Health Status
panel.
2. On the Federation Dashboard, do one of the following:
To view the health of all reachable federation members, click the title Health Status above the graphic. The System (All
Systems) screen displays a list of all reachable systems in the federation and their health.
To view the health of federation systems that have a specific status, click the status on the graphic or legend. For example,
clicking the Warning status on the graphic opens the System (All Systems) screen and displays the reachable federation
systems that have a Warning status.
There are three status options that are specific to federation members:
Unreachable : There is an issue with the member system, and it cannot send status updates to the lead. For example, there is a
network problem or the system is powered off.
Address Inconsistent: The IP address that the member uses for the federation connection has changed since it became a
federation member. While the member can talk to the lead, the lead cannot talk to the member. Hewlett Packard Enterprise
recommends removing the member and adding it back with the new, correct IP address.
Synchronizing: Shown only during lead initialization. The member is reachable but the lead has not yet received system data
from it. Once the lead receives the member data, the status will change.
Viewing federation members
Procedure
Log in to the lead system in the federation.
1. To see a list of systems in the federation, click the change-system icon (
Management screen displays the list of systems in the federation.
) in the upper left corner of the screen. The System
2. To see a list of only the member systems, or to add and remove member systems from the federation, click the manage-federation
icon ( ) in the upper right corner of the screen. The Federation Management screen has tabs for Members and Leads.
Creating federations
Prerequisites
HPE strongly recommends using static IP addresses, rather than DHCP. Learn more: Federation guidelines.
HPE recommends that you follow the network guidelines for federations. Learn more: Federation guidelines.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
49
Before you create a federation, determine the StoreOnce System that will be the lead system and the systems that will be members.
Procedure
1. Browse to the system that will be the lead system and log in.
2. On the main menu, select Federation Dashboard, and then do one of the following:
Click the plus icon (+).
Click the federation management edit icon (
) in the upper right corner of the screen. On the Federation Management screen,
Members tab, expand the Actions menu and select Add.
3. On the Add system to federation dialog, enter the required information for one of the member systems and click OK.
The dialog will close and a federation will be created. At that point, the federation will consist of a lead system and the one member
system.
You can continue to use the Add system to federation dialog to add systems as members. Or, you can add systems later. Learn
more: Adding systems to federations
Adding systems to federations
About this task
You can add systems to an existing StoreOnce federation. Learn more: Federations.
Hewlett Packard Enterprise strongly recommends using static IP addresses, rather than DHCP. If DHCP is used, and IP addresses
change, the trust relationships between systems will fail.
WARNING: If the IP address of the lead system in a federation is changed, access to all member systems in federation
will be lost. To re-establish access, each member system must be removed and re-added to the federation.
Procedure
1. Browse to the lead system in the federation and log in.
2. On the main menu, select Federation Dashboard, and then do one of the following:
Click the plus icon (+).
Click the federation management edit icon (
) in the upper right corner of the screen. On the Federation Management screen,
Members tab, expand the Actions menu and select Add.
The Add system to federation dialog opens.
Removing systems from federations
Prerequisites
IMPORTANT: If you plan to decommission the lead system in a federation, you must remove all the member systems
first. You cannot remove the lead system from a federation from a member system.
Procedure
1. Browse to a system in the federation and log in.
2. On the main menu, select Federation Dashboard, and then click the manage-federation icon (
screen.
) in the upper right corner of the
3. To remove a member system, do the following:
a. On the Federation Management screen, Members tab, select the system.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
50
b. Expand the Actions menu and select Remove.
c. On the Remove dialog, select the check box to acknowledge that you want to remove the system.
d. Click Remove to complete the action.
4. To remove a lead system, do the following:
a. On the Federation Management screen, Lead tab, select the system.
b. Expand the Actions menu and select Remove.
c. On the Remove dialog, select the check box to acknowledge that you want to remove the system.
d. Click Force Remove to complete the action.
Selecting a system to view and manage (federation)
About this task
If you are logged in to a StoreOnce federation lead system, you can select any member system to view and manage. The name of the
system that is being viewed and managed appears under the screen names. Learn more: User interface quick tour.
TIP: StoreOnce federations are user-specified configurations that allow multiple StoreOnce Systems to be managed
from a single system. Learn more: Federations.
Procedure
1. While viewing a screen, click the change-system icon (
). The System Management screen opens.
2. On the System Management screen, click the system that you want to view and manage. The screen that you were viewing changes
to show that the system you selected is now being managed.
Example
Example
While viewing the Settings screen for System A, you want to view and change the settings for System B.
1. On the Settings screen, click the change-system icon (
). The System Management screen opens.
2. On the System Management screen, click System B. The Settings screen changes to show that you are now viewing and managing
System B.
Dashboards
Subtopics
Viewing system dashboards
Viewing federation dashboards
Capacity efficiency terms
Editing system information
Viewing system dashboards
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
51
1. On the main menu, select System Dashboard.
TIP: If you are logged in to a federation lead system, system dashboard will display information about the lead
system. You can then select any member system to view their information. To select a different system dashboard,
click the change-system icon (
).
2. The System Dashboard screen summarizes the system properties on panels for Health Status, System Information, Data Services,
Storage Utilisation, and Resources. It displays a banner mentioning dual authorization feature is disabled, or provides details about
the number of pending requests, if dual authorization feature is enabled. If a user chooses to close the banner, it will disappear until
next login.
You can click the hyperlinked panel titles to display more information. For example, clicking the title Data Services opens the
Data Services screen.
You can also click some graphic titles and graphic elements to display more information. For example, clicking the Catalyst
Stores title above the graphic opens the Catalyst Stores screen and displays all stores. Or, clicking the Warning status on the
graphic opens the Catalyst Stores screen and displays only stores that have a Warning status.
To update system information, click the edit icon (
information.
) on the System Information panel. Learn more: Editing system
To customize which tiles are displayed on the dashboard, click the view options icon (
).
Viewing federation dashboards
About this task
TIP: The Federation Dashboard screen displays the aggregated properties of a federation only when you are logged in
to a federation lead system.
Learn more: Federations.
Procedure
1. Log in to the lead system in the federation and log in.
2. On the main menu, select Federation Dashboard.
3. The Federation Dashboard screen summarizes the properties of the StoreOnce Systems in the federation.
You can click the panel titles to display more information. For example, clicking Data Services opens the Data Services screen.
You can also click some graphic titles and graphic elements to display more information. For example, clicking the Catalyst
Stores title above the graphic opens the Catalyst Stores screen and displays all stores. Or, clicking the Warning status on the
graphic opens the Catalyst Stores screen and displays only stores that have a Warning status.
To customize which tiles are displayed in the dashboard, click the view options icon (
).
To add a system to the federation, click the plus icon (+). The Add system to federation dialog opens.
4. To open the System Management screen, click the change-system icon (
) in the upper left corner of the screen. The System
Management screen displays a list of systems in the federation and their connection status.
5. To open the Federation Management screen, click the manage-federation icon (
) in the upper right corner of the screen. The
Federation Management screen includes tabs for federation Members and Leads. Each tab shows a list of systems and their
connection status. The screen also enables you to add or remove systems from the federation.
Capacity efficiency terms
Capacity Savings : The amount of capacity saved (as a percentage) by deduplicating the data.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
52
Deduplication Ratio : The total amount of data written by the backup application (before deduplication) divided by the actual
capacity used after deduplication.
Size on Disk : The amount of disk space used to store all the deduplicated data.
User Data Stored : The amount of data written by the backup application before the data was deduplicated.
Editing system information
About this task
You can edit the system name. You can also view and edit optional information such as a contact name, phone number, and email
address.
Procedure
Do one of the following:
On the main menu, select System Dashboard, and then click the edit icon (
) on the System Information panel.
On the main menu, select Settings, and then click the System Information panel.
Data services overview
Subtopics
Viewing data services
Housekeeping function
Viewing data services
Procedure
1. On the main menu, select Data Services. The Data Services screen summarizes the data service categories.
Learn more:
Viewing StoreOnce Catalyst stores
Viewing Cloud Bank stores
Viewing VT libraries
Viewing NAS shares
Viewing VT replication mappings
Viewing NAS replication mappings
2. You can use the Settings menu to view and change data services settings.
Learn more:
Viewing StoreOnce Catalyst settings
Viewing NAS settings
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
53
Housekeeping function
Housekeeping statistics are presented as graphics on the Capacity page of the StoreOnce Management Console Reports section. The
Housekeeping statistics show the following:
How much data is in the Housekeeping queue
How much data has been processed by Housekeeping
How much space has been reclaimed by Housekeeping
NOTE:
Housekeeping will not run on any StoreOnce Catalyst Cloud Bank stores showing the status Cloud storage
offline and might result in warnings and alerts. See StoreOnce Catalyst Cloud Bank store status is not Online for
more information.
See Housekeeping best practices.
Subtopics
Housekeeping statistics
Housekeeping statistics
To display current and historical housekeeping activity, select Capacity under Reports in the StoreOnce Management Console.
The following graphs are displayed on the Capacity reporting page:
Pending Housekeeping
Processed Housekeeping
Housekeeping space reclaimed
Similar statistics are shown on the individual tabs for the different types of target devices. All tables are updated every five minutes.
Housekeeping graphs
Use the housekeeping graphs to view historical housekeeping activity. You can choose the time interval for all the graphs.
The graphics can be filtered by:
Bytes
Secure Erase Bytes
Pending Housekeeping —The graph represents a snapshot of the size of the housekeeping queue (the amount of data deleted or
overwritten but not yet processed) for the time period selected. This graph may not show any data if all housekeeping is processed
promptly. However, if the amount of data shown is increasing and housekeeping never completes, consider scheduling backups more
appropriately.
Processed Housekeeping—The graph displays statistics for how much deleted data was processed by Housekeeping during the
selected time period.
Housekeeping Space Reclaimed —The graph displays statistics for how much space recovery (secure and nonsecure) was realized by the
processed data during the selected time period.
NOTE:
After a power cycle, the start of housekeeping is delayed for 15 minutes. The graphs will not recalculate during that
time. As housekeeping resumes, the housekeeping queue is recalculated. The queue will show the number of jobs
increasing even if new jobs are not being created.
StoreOnce Catalyst data services
Licensing requirements
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
54
The security features of Data at Rest Encryption and Data in Flight Encryption require a Security license.
Cloud Bank Storage is a licensed feature. Licensing is based on capacity in 1 TB increments. Licenses are required for the capacity of
data written to the Cloud Bank Storage stores. If you use the Cloud Bank Storage Detach feature, additional licenses are needed for
the capacity of the detached Stores.
Subtopics
About StoreOnce Catalyst
Stores
Cloud Bank stores
Clients
Items
Backup/restore and copy sessions
StoreOnce Catalyst over Fibre Channel
StoreOnce Catalyst settings
About StoreOnce Catalyst
StoreOnce Catalyst is a StoreOnce function that allows StoreOnce supported backup applications to:
Back up data to a target store on the StoreOnce System. Deduplication may occur on the media server, backup/database server, or
StoreOnce System to ensure efficient use of the available bandwidth.
Copy jobs between StoreOnce Systems. Configuration occurs within the StoreOnce supported backup application, making StoreOnce
Catalyst an attractive alternative to using the replication function on the StoreOnce System. Copy jobs are initiated from the
StoreOnce supported application and have none of the complexities of replication mapping.
IMPORTANT:
If StoreOnce Catalyst operations pass through a firewall, the network administrator must open (TCP) ports 9387
(Command protocol) and 9388 (Data protocol). Opening these ports allows the StoreOnce Catalyst traffic to pass to
and from the StoreOnce Systems.
StoreOnce supported backup applications
StoreOnce Catalyst is a backup application-integrated solution. For a list of StoreOnce supported backup applications, see the HPE
StoreOnce Support Matrix https://www.hpe.com/Storage/StoreOnceSupportMatrix.
Benefits of StoreOnce Catalyst
The StoreOnce supported backup application is in full control of data for the full life cycle of the backup data.
The StoreOnce supported backup application has full visibility of all items and jobs on the StoreOnce System.
Deduplication can occur on either the media server or StoreOnce System which ensures efficient use of the available bandwidth.
There is no enforced limit on the number of StoreOnce Catalyst items within a store.
Copy jobs are initiated from the StoreOnce supported application and have none of the complexities of replication mapping.
If StoreOnce Catalyst device types are used, space reclamation is more automated and easier to implement from within the
StoreOnce supported backup application.
Stores
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
55
Subtopics
Viewing StoreOnce Catalyst stores
Creating StoreOnce Catalyst stores
Editing StoreOnce Catalyst stores
Deleting StoreOnce Catalyst stores
StoreOnce Catalyst stores screens and properties
Viewing StoreOnce Catalyst stores
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, do one of the following:
To view all stores, click the title Catalyst Stores above the graphic.
To view stores that have a specific status, click the status on the graphic. For example, clicking the Warning status on the
graphic opens the Catalyst Stores screen and displays only stores that have a Warning status.
3. On the Catalyst Stores screen, click the StoreOnce Catalyst store.
The screen for an individual StoreOnce Catalyst store includes tabs for Overview, Details, Permissions, Items, Backup/Restore,
Outbound Copy, and Inbound Copy.
To filter the objects in the Items tab, click the filter icon (
). For filter options, see The StoreOnce Catalyst Item filter.
Subtopics
The StoreOnce Catalyst Item filter
The StoreOnce Catalyst Item filter
To filter objects, enter conditions in the appropriate fields and then click Apply.
To clear an active filter, click Clear.
Filter conditions
NOTE:
Wild cards and Boolean logic (AND/OR) are not supported.
The filter condition is case sensitive.
Providing more filter conditions narrows the search results.
Item Name: The item name is a unique identifier that is always defined on the backup application.
You can filter for a substring. For example, the object with item name
StoreOnceCatalystDiagnostic_Transfer_1491601 will be found with the Cat filter condition.
Tag List: Matches whole words only. When supplying multiple words, all objects matching any of the provided words will be
returned.
TIP:
Provide only the most significant word in the tag list to optimize the filtered results.
Created and Modified: Enter a date and optionally a time to filter for a range of dates.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
56
Creating StoreOnce Catalyst stores
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, expand the Actions menu and select Create.
The Create dialog enables you to specify the following:
Catalyst store name
Security Settings
Advanced Settings
Editing StoreOnce Catalyst stores
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, click the store.
4. On the screen for the Catalyst store, expand the Actions menu and select Edit.
The Edit dialog allows you to specify the following:
Security Settings
Advanced Settings
Deleting StoreOnce Catalyst stores
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, click the store.
4. On the screen for the Catalyst store, expand the Actions menu and select Delete.
StoreOnce Catalyst stores screens and properties
Catalyst Stores screen (all stores)
TIP: In the list view, columns for the most often viewed properties are shown by default. To add or remove columns,
click the column selector icon (
).
Property
Description
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
57
Property
Description
Store Name
The name of the store on the source StoreOnce System. The name
can include the following characters: 0-9 a-z A-Z _ . + [ ] ^ | ? * ( ) # :
; = @ { }. The name cannot include spaces.
Status
The status of the Catalyst store. OK, Warning, Critical.
User Data Stored
The amount of data that you have backed up, reconciled with the
logical data recorded on the StoreOnce supported backup
application.
Size On Disk
The physical disk space consumed on disk (actual size after
deduplication).
Dedupe Ratio
The ratio of duplicate data against new data identified in the data
job.
More properties
Number Of Items
The number of items in the Catalyst store.
Physical Storage Quota
The quota for the amount of data written to disk after
deduplication. If the quota is enabled, and the quota limit is
reached, backups will fail to prevent the quota from being
exceeded. The quota allows you to partition the physical capacity
of the StoreOnce System between various users. Applications with
a better deduplication ratio can store more data.
TIP:
If you need capacity management, Hewlett Packard
Enterprise recommends configuring StoreOnce supported
backup applications that have quotas to reroute to
another device or to postpone backups. Rerouting will
prevent backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the
store changes to “Online - Critical.” The Catalyst store
status will change to “Fault.” Restores from that store are
permitted, but new backups will fail. To remedy, increase
the quota or expire backups.
When the quota is no longer met, the Catalyst store
status and the overall Catalyst status will return to the
“Running” state.
Using quotas and client permissions to control client
access to the Catalyst store defines how much space a
particular user can use on the StoreOnce System.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
58
Property
Description
Logical Storage Quota
The quota for the amount of data sent to the disk before
deduplication. If the quota is enabled and the quota limit is reached,
backups will fail to prevent the quota from being exceeded. A quota
allows you to provide a service to back up a particular amount of
user data.
The logical data size of a Catalyst item is updated at every 1 GB of
physical data stored or when a Catalyst item is closed.
In backups with high deduplication ratios, a logical data size quota
can be exceeded before the Catalyst store prevents further
backups. The physical data size quota, which updates more
frequently, is not affected. For example, if a logical data quota size
is set to 1 TB and the backup has a deduplication ratio of 10:1, the
logical data size quota can be exceeded by 10 GB.
TIP:
If you need capacity management, Hewlett Packard
Enterprise recommends configuring backup applications
that have quotas to reroute to another device or to
postpone backups. Rerouting prevents backups from
failing unexpectedly.
When a Catalyst store reaches its quota, the status of the
store changes to “Online - Critical.” The Catalyst store
status changes to “Fault.” Restores from that store are
permitted, but new backups will fail. To remedy, increase
the quota or expire backups.
When the quota is no longer met, the Catalyst store
status and the overall Catalyst status returns to the
“Running” state. Using quotas and client permissions to
control client access to Catalyst stores defines how much
space a particular user can use on the StoreOnce System.
Encryption
Indicates whether the Catalyst store data is encrypted. Shows as
Not Licensed if there is no encryption license on the StoreOnce
System. If encryption is licensed, shows as Enabled or Disabled.
Secure Erase Mode
The availability of HPE Secure Erase. Shows as None or the number
of Secure Erase passes.
Catalyst Stores screen (individual store), Overview tab
Property
Description
Status bar
The status of the Catalyst store. Shows as Online, Down, or Error.
Store Dedupe Ratio
The deduplication ratio achieved on the data on the Catalyst store.
User Data Stored
The amount of user data stored on the Catalyst store.
Size on Disk
The actual size used on disk after deduplication.
Items
The number of items in the Catalyst store.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
59
Property
Description
Logical Storage Quota
The quota for the amount of data sent to the disk before deduplication. If the quota is
enabled and the quota limit is reached, backups will fail to prevent the quota from being
exceeded. A quota allows you to provide a service to back up a particular amount of user
data.
The logical data size of a Catalyst item is updated at every 1 GB of physical data stored, or
when a Catalyst item is closed.
In backups with high deduplication ratios, a logical data size quota can be exceeded before
the Catalyst store prevents further backups. The physical data size quota, which updates
more frequently, is not affected. For example, if a logical data quota size is set to 1 TB and
the backup has a deduplication ratio of 10:1, the logical data size quota can be exceeded by
10 GB.
TIP:
If you need capacity management, Hewlett Packard Enterprise recommends
configuring backup applications that have quotas to reroute to another device or
to postpone backups. Rerouting prevents backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to “Online
- Critical.” The Catalyst store status changes to “Fault.” Restores from that store
are permitted, but new backups will fail. To remedy, increase the quota or expire
backups.
When the quota is no longer met, the Catalyst store status and the overall
Catalyst status returns to the “Running” state. Using quotas and client
permissions to control client access to Catalyst stores defines how much space a
particular user can use on the StoreOnce System.
Physical Storage Quota
The quota for the amount of data written to disk after deduplication. If the quota is enabled,
and the quota limit is reached, backups will fail to prevent the quota from being exceeded.
The quota allows you to partition the physical capacity of the StoreOnce System between
various users. Applications with a better deduplication ratio can store more data.
TIP:
If you need capacity management, Hewlett Packard Enterprise recommends
configuring StoreOnce supported backup applications that have quotas to reroute
to another device or to postpone backups. Rerouting prevents backups from
failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to “Online
- Critical.” The Catalyst store status changes to “Fault.” Restores from that store
are permitted, but new backups will fail. To remedy, increase the quota or expire
backups.
When the quota is no longer met, the Catalyst store status and the overall
Catalyst status returns to the “Running” state.
Using quotas and client permissions to control client access to the Catalyst store
defines how much space a particular user can use on the StoreOnce System.
Catalyst Stores screen (individual store), Details tab
Property
Description
Store Name
Name of the Catalyst store.
Description
A text description of the store (optional).
System Serial Number
The unique serial number generated automatically by the StoreOnce System.
System Name
Name of the StoreOnce System.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
60
Property
Description
Created
The date and time that the Catalyst store was created.
Number of Catalyst Items
The number of items in the Catalyst store.
Security
Store Encryption
Indicates whether the Catalyst store data is encrypted. Shows as Not Licensed if there is no
encryption license on the StoreOnce System. If encryption is licensed, shows as Enabled or
Disabled.
Secure Erase Mode
The availability of HPE Secure Erase. Shows as None or the number of Secure Erase passes.
Server Controlled Data Immutability
Retention
The selected Immutable Period, or "No Limit" if the feature is disabled. The Server
Controlled Data Immutability feature prevents backup applications from modifying or
deleting Catalyst items during the immutable period.
The Server Controlled Data Immutability feature prevents the backup application from
modifying or deleting StoreOnce Catalyst items during the Immutable Period. However,
StoreOnce administrators can still delete the store through the StoreOnce System. When
using Server Controlled Data Immutability, it is essential that the backup application
administrator is not also a StoreOnce administrator. Server Controlled Data Immutability is
often used on a secondary or tertiary StoreOnce System where you can more easily
implement administrator separation.
The Immutable Period includes a one hour grace period. For the first hour after a backup
completes, you can delete a Catalyst item. After the grace period ends, the Immutable
Period begins.
When you enable the Server Controlled Data Immutability feature, you specify the number of
days for the Immutable Period. The default is 30. The Immutable Period begins when the
item is tagged as Complete by the backup application. This feature is intended to be used
with Dual Authorization enabled.
Maximum ISV-Controlled Data
Immutability Retention (Days)
IMPORTANT:
ISV-Controlled Data Immutability applies to all new and existing Catalyst stores
when upgrading to software versions 4.3.2 and above.
ISV-Controlled Data Immutability enables the ISV to control data immutability on a per item
basis. When you configure the ISV Controlled Data Immutability feature, define the
maximum retention period permitted by the ISV. The default for new Catalyst stores is 90
days.
NOTE:
You can configure the maximum retention period, however the actual retention
period will be defined by the ISV backup policy.
If an ISV attempts to make an item immutable longer than the maximum retention period, an
error is presented to the ISV stating the operation is not supported. If the maximum
retention period is reduced at a later date, update the ISV backup policy to reflect the new
retention period. Existing Catalyst items will not be affected.
ISV-Controlled Data Immutability offers the same protection as Server Controlled Data
Immutability, but offers flexibility in defining the immutable period for each item. Server
Controlled Data Immutability maintains the same immutability period for all items.
ISV-Controlled Data Immutability items remain read-only forever, but Server Controlled
Data Immutability items revert to being writable after the immutability period.
This feature is intended to be used with Dual Authorization enabled.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
61
Property
Description
Client Password Policy
The client password policy can be either SHA-1 or SHA-256. The policy relates to how the
client password is transferred between a Catalyst client and a StoreOnce System, or an
origin StoreOnce system to a destination StoreOnce system. When Catalyst copy jobs are
used, the origin and target stores should have a matching client password policy. Not all
Catalyst supported backup applications support SHA-256 mode. For a list of StoreOnce
supported backup applications, see the HPE StoreOnce Support Matrix at
https://www.hpe.com/Storage/StoreOnceSupportMatrix.
Storage Quotas
Physical Storage Quota
The quota for the amount of data written to disk after deduplication. If the quota is enabled,
and the quota limit is reached, backups will fail to prevent the quota from being exceeded.
The quota allows you to partition the physical capacity of the StoreOnce System between
various users. Applications with a better deduplication ratio can store more data.
TIP:
If you need capacity management, Hewlett Packard Enterprise recommends
configuring StoreOnce supported backup applications that have quotas to reroute
to another device or to postpone backups. Rerouting prevents backups from
failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to
“Online - Critical.” The Catalyst store status changes to “Fault.” Restores from
that store are permitted, but new backups will fail. To remedy, increase the quota
or expire backups.
When the quota is no longer met, the Catalyst store status and the overall
Catalyst status returns to the “Running” state.
Using quotas and client permissions to control client access to the Catalyst store
defines how much space a particular user can use on the StoreOnce System.
Logical Storage Quota
The quota for the amount of data sent to the disk before deduplication. If the quota is
enabled and the quota limit is reached, backups will fail to prevent the quota from being
exceeded. A quota allows you to provide a service to back up a particular amount of user
data.
The logical data size of a Catalyst item is updated at every 1 GB of physical data stored or
when a Catalyst item is closed.
In backups with high deduplication ratios, a logical data size quota can be exceeded before
the Catalyst store prevents further backups. The physical data size quota, which updates
more frequently, is not affected. For example, if a logical data quota size is set to 1 TB and
the backup has a deduplication ratio of 10:1, the logical data size quota can be exceeded by
10 GB.
TIP:
If you need capacity management, Hewlett Packard Enterprise recommends
configuring backup applications that have quotas to reroute to another device or
to postpone backups. Rerouting prevents backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to
“Online - Critical.” The Catalyst store status changes to “Fault.” Restores from
that store are permitted, but new backups will fail. To remedy, increase the quota
or expire backups.
When the quota is no longer met, the Catalyst store status and the overall
Catalyst status returns to the “Running” state. Using quotas and client
permissions to control client access to Catalyst stores defines how much space a
particular user can use on the StoreOnce System.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
62
Property
Description
Veeam Aligned Data Performance
Optimization
Improves the performance of Veeam Virtual Machine backup workloads.
This setting is only available upon store creation. Existing Catalyst stores cannot be
modified.
Enable "Align backup file data blocks" on the Veeam Backup Repository before using this
feature.
IMPORTANT:
This feature is enabled for StoreOnce systems running 4.3.2 software and above,
but is not yet supported within Veeam. Do not allow this feature on production
systems until this time. For more information, refer to HPE SPOCK at:
http://www.hpe.com/storage/spock
Transfer Policies
Primary (Default) Transfer Policy
The default transfer policy for the server. Media servers can be configured individually to
use the most efficient transfer policy. As long as the two transfer policies have different
values, the media server determines which is the most bandwidth efficient transfer policy to
use.
High: all data is sent from the media server and deduplicated on the StoreOnce System.
Also called target-side deduplication.
Low: the media server deduplicates the data and sends only unique data. Also called
source-side deduplication.
Secondary Transfer Policy
Generally, the opposite of the primary transfer policy so the media server can determine
which policy is most appropriate. However, you can enforce the transfer policy used by the
media servers by setting both the primary and secondary transfer policies to the same value.
Session History
Backup/Restore History
The number of days that the history of the backup/restore jobs is saved.
Copy History
The number of days that the history of the copy jobs is saved.
Catalyst Stores screen (individual store), Permissions tab
Property
Description
Public Access
Public Access (state of)
Enabled or disabled. If enabled, all clients have unrestricted access to all Catalyst stores.
TIP: The more secure approach is to disable Public Access and instead assign
individual client identifier access.
Client Access
Client Name
The Catalyst client name that is provided to the StoreOnce supported backup applications
when connecting to StoreOnce Catalyst. The client name and password are used to
authenticate access to Catalyst stores.
Description
A description of the Catalyst client (optional).
Client Access (state)
Enabled or disabled. If enabled, you assign permissions when configuring clients and stores.
Hewlett Packard Enterprise recommends enabling client access for increased data security.
Catalyst Stores screen (individual store), Items tab
TIP:
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
63
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display all item properties in a Details flyout, click the information icon (
) for the item.
IMPORTANT:
Users with the Administrator role can delete individual items. However, Hewlett Packard Enterprise recommends that
you use the StoreOnce supported backup application remove items. Using the backup application ensures integrity with
the backup application catalog. Deleting items using the StoreOnce Management Console should only be done as a last
resort.
Property
Description
Modified
The date and time that the item in the Catalyst store was modified.
Item
The name of the item within the data job. The name is created by the StoreOnce supported
backup application. Each data job can have multiple items.
Tag List
A list of tags or marks defined by the backup application that are used to filter items.
Logical Data Size
The amount of data sent to the device before deduplication.
More properties
Created
The date and time that the item in the Catalyst store was created.
Catalyst Stores screen (individual store), Backup/Restore tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
Property
Description
Status
Status of the data job item, which may be:
Running: In progress
).
Completed: The item has completed successfully. This status does not mean that the
entire data job has completed, only the item. It does not reconcile with the backup
application job completion status.
Cancelled: The Status Information provides more details. For example, the data
connection has been lost between the StoreOnce System and the media server. (This
situation is unlikely to occur).
Unexpected error: The StoreOnce System experienced a problem while processing the
item.
Insufficient disk space: Clear some disk space or add storage.
Link failure: IP connectivity has been lost and the backup application must retry the job.
System shutdown: The backup application system has been shut down.
IMPORTANT:
Hewlett Packard Enterprise recommends that you use the backup application
to clean up incomplete or orphaned items before retrying the job.
Started
Date and time that the data job started.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
64
Property
Description
Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Logical Data Written
The amount of user data that was written. This amount reconciles with information in the
backup application log. A backup job can span multiple items.
Logical Data Read
The amount of user data that was read.
More properties
Status Information
Information which explains the reason for the status that is reported.
Ended
Date and time that the data job ended.
Write Duration
The length of time that data was written.
Read Duration
The length of time that data was read.
Clone Duration
The length of time that data was being cloned.
Backup Application
The StoreOnce supported backup application that created the item.
Client Name
Name that identifies the client application that created the item.
Client Address
The IP address of the server that created the item.
Deduplication Ratio
The deduplication ratio achieved on the data on the Catalyst store.
Logical Data Cloned
The amount of data that was cloned.
Logical Write Throughput
The rate that at which data was actually written. This rate is typically less than the write
bandwidth.
Logical Read Throughput
The rate at which data was actually read. This rate is typically less that the read bandwidth
rating.
Logical Clone Throughput
The rate at which data was cloned.
Write Bandwidth
The theoretical maximum rate that data could be written, without regard to practical
considerations.
Read Bandwidth
The theoretical maximum rate that data could be read, without regard to practical
considerations.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal network.
Total Data Transferred
The total amount of data transferred in the job.
Catalyst Stores screen (individual store), Outbound Copy tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
Property
).
Description
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
65
Property
Description
Status
The status of the outbound copy job, which may be Queued, Paused, Running , Cancelled, or
Completed.
Queued
The date and time the job was put in the queue.
Source Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Source Item Size
The size of the source item.
Percentage Completed
The percentage of the copy job that has been completed.
More properties
Status Information
Information which explains the reason for the status that is reported.
Backup Application
The StoreOnce supported backup application that created the item.
Started
Date and time that the data job started.
Ended
Date and time that the data job ended.
Duration
The amount of time taken to copy the data.
Estimated Completion
The estimated completion time, if the copy job is still running.
Client Address
The IP address of the server that created the item.
Client Name
The client that initiated the outbound copy job. The client name is defined in the StoreOnce
supported backup application.
Source Item Last Modified
The date and time that the source item was last modified.
TIP: Use this information to check whether the source item might have been
modified during the copy attempt. An error message is also generated if the
source item is modified while copying.
Source Item Copy Offset
This value identifies where the data to be copied occurs within the source item.
Source Item Copy Size
This value identifies the size of the data to be copied within the source item.
Target Address
The IP address of the target server. The target is the other StoreOnce System to which the
job is being copied from this StoreOnce System. All target details are specified by the
backup application when the outbound copy job is created.
Target Store Name
The name of the target Catalyst store on the StoreOnce System to which the data is being
copied.
Target Item
The name of the target item on the StoreOnce System to which the dat is being copied. All
item names are defined by the StoreOnce supported backup application.
Target Item Copy Offset
This value identifies where the data to be copied occurs within the target item.
Copy Throughput
The rate that at which data was actually copied. This rate is typically less than the
theoretical maximum bandwidth.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal network.
Data Copied
The amount of data copied. This value matches the source item data size.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
66
Property
Description
Total Bandwidth
The theoretical maximum rate that data could be copied without regard to practical
considerations.
Total Bandwidth Saving
The percentage of bandwidth saved. The % bandwidth saving depends on whether the
Catalyst store has been configured for source-side deduplication with a low-bandwidth
transfer policy, or target-side deduplication with a high-bandwidth transfer policy.
Unsuccessful Retry Attempts
The number of retry attempts that were unsuccessful.
TIP: If there are multiple unsuccessful attempts, a network link may be down or a
blackout window may be scheduled.
Next Copy Attempt Time
The date and time for the next copy attempt.
Copy Marked for Cancellation
Indicates whether the user has cancelled the copy job.
Catalyst Stores screen (individual store), Inbound Copy tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
).
Property
Description
Status
The status of the outbound copy job, which may be Queued, Paused, Running ,Cancelled, or
Completed.
Queued
The date and time the job was put in the queue.
Source Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Source Item Size
The size of the source item.
Percentage Completed
The percentage of the copy job that has been completed.
More properties
Status Information
Information which explains the reason for the status that is reported.
Backup Application
The StoreOnce supported backup application that created the item.
Started
Date and time that the data job started.
Ended
Date and time that the data job ended.
Duration
The amount of time taken to copy the data.
Estimated Completion
The estimated completion time, if the copy job is still running.
Client Address
The IP address of the server that created the item.
Client Name
The client that initiated the inbound copy job. The client name is defined in the StoreOnce
supported backup application.
Source Address
The IP address of the source server. The source is the StoreOnce System from which the
data is being copied to this StoreOnce System.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
67
Property
Description
Source Store Name
The name of the source Catalyst store on the StoreOnce System from which the data is
being copied.
Source Item Last Modified
The date and time that the source item was last modified.
TIP: Use this information to check whether the source item might have been
modified during the copy attempt. An error message is also generated if the
source item is modified while copying.
Source Item Copy Offset
This value identifies where the data to be copied occurs within the source item.
Source Item Copy Size
This value identifies the size of the data to be copied within the source item.
Target Item
The name of the target item on the StoreOnce System to which the data is being copied. All
item names are defined by the StoreOnce supported backup application.
Target Item Copy Offset
This value identifies where the data to be copied occurs within the target item.
Copy Throughput
The rate that at which data was actually copied. This rate is typically less than the
theoretical maximum bandwidth.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal network.
Data Copied
The amount of data copied. This value matches the source item data size.
Total Bandwidth
The theoretical maximum rate that data could be copied without regard to practical
considerations.
Total Bandwidth Saving
The percentage of bandwidth saved. The % bandwidth saving depends on whether the
Catalyst store has been configured for source-side deduplication with a low-bandwidth
transfer policy, or target-side deduplication with a high-bandwidth transfer policy.
Copy Marked for Cancellation
Indicates whether the user has cancelled the copy job.
Cloud Bank stores
Subtopics
Viewing Cloud Bank stores
Cloud Bank stores service providers and properties
Tips for working with Cloud Bank stores
Cloud Bank bandwidth limiting windows
Creating Cloud Bank stores
Connecting Cloud Bank stores
Deleting Cloud Bank stores
Detaching Cloud Bank stores
Disconnecting Cloud Bank stores
Editing Cloud Bank stores
Exporting encryption keys for Cloud Bank stores
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
68
Importing encryption keys for Cloud Bank stores
Cloud Bank stores screens and properties
Viewing Cloud Bank stores
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, do one of the following:
To view all Cloud Bank stores, click the title Cloud Bank Stores above the graphic.
To view Cloud Bank stores for a specific status, click the status on the graphic. For example, clicking the Warning status on the
graphic opens the Cloud Bank Stores screen and displays only Cloud Bank stores that have a Warning status.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
The screen for an individual Cloud Bank store includes tabs for Overview, Details, Permissions, Items, Backup/Restore, Outbound
Copy, and Inbound Copy.
Cloud Bank stores service providers and properties
StoreOnce Cloud Bank store supported cloud service providers are Azure, AWS (Amazon Web Services), Scality, and S3 Compatible.
The following information is required to use StoreOnce Cloud Bank store actions with the supported cloud service providers.
Azure Cloud Services
Property
Description
Storage Account Name
The storage account name can be found on the Azure account portal.
Access Key
The access key is used to authenticate the storage account name. The key can be found on the
Azure account portal.
Container Name
Name of the container on Azure that contains the Cloud Bank store objects.
Proxy
Option which determines whether connection to the service provider is routed through an HTTP
proxy or not.
AWS (Amazon Web Services)
Property
Description
Access Key
The access key can be found on the AWS account portal.
Secret Key
The secret key is used to authenticate the access key. It can be found on the AWS account portal.
Bucket Name
Name of the bucket on AWS that contains the Cloud Bank store objects.
Proxy
Option which determines whether connection to Azure is routed through an HTTP proxy or not.
Scality and S3 Compatible
Property
Description
Host
Host address of the service provider. For example, s3server.domain.net .
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
69
Property
Description
Port
The host port for the service provider. Typically 443.
SSL
Option that specifies whether communication with the service provider is encrypted or not. HPE
recommends enabling SSL.
Signature Version
Method of authentication to use. HPE recommends v4 for most situations. In some cases, it may be
necessary to use v2 for compatibility.
Access Key
Similar to a user name. It can be found on the service provider account portal.
Secret Key
Similar to a password. It is used to authenticate the access key. It can be found on the service
provider account portal.
Bucket Name
Name of the bucket on the service provider that contains the Cloud Bank store objects.
Proxy
Option which determines whether connection to the service provider is routed through an HTTP
proxy or not.
Addressing Style
Option to determine whether Path mode addressing (e.g. http://server.example.com/bucket) or
Virtual mode addressing (e.g. http://bucket.server.example.com) should be used when connecting to
the service provider. Applies only to S3 Compatible.
Tips for working with Cloud Bank stores
Creating Cloud Bank stores
StoreOnce Secure Erase Mode is not supported on Cloud Bank stores.
When you create a Cloud Bank store with the Create Store dialog, the StoreOnce System verifies that:
The StoreOnce System can connect to your selected cloud service provider.
The cloud service provider account and credentials information that you provide are valid.
The bucket or container that you want to use exists.
The SSL certificate can be authenticated.
The Cloud Bank stores do not work with object-versioned buckets.
NOTE: Cross-region replication/Geo-replication is not supported, please check the supportability matrix for
supported replication options by the cloud vendor.
All AWS encryption options (Server and Client) are not supported.
Azure lifecycle management policies (automatically moving blobs to cooler tiers) are not supported.
Connecting Read/Write to Cloud Bank stores
IMPORTANT:
Connecting read/write can only be done 24 hours after disconnecting or detaching the Cloud Bank store.
It is only possible to connect a Cloud Bank store to a StoreOnce System which is running a StoreOnce version
equal or newer than the StoreOnce version used to last write to the Cloud Bank store.
You must have sufficient Cloud Bank storage read/write capacity licensed on the StoreOnce System.
Only one StoreOnce System at a time can connect read/write to a particular Cloud Bank store.
When connected read/write, changes in a Cloud Bank store (such as new, changed, or deleted items) can take time to become
consistent in the cloud.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
70
Connecting Read-Only to Cloud Bank stores
IMPORTANT:
When connected read-only to a Cloud Bank store that is connected read/write to another StoreOnce System, be
sure that enough time has passed before attempting to use new backups.
It is only possible to connect a Cloud Bank store to a StoreOnce System which is running a StoreOnce version
equal or newer than the StoreOnce version used to last write to the Cloud Bank store.
Connecting read-only allows a Cloud Bank store to be read by multiple StoreOnce Systems. After connection, the Cloud Bank store
remains read-only on the StoreOnce System. If the Cloud Bank store is connected read/write to another StoreOnce System, the
read-only connection will refresh from the cloud periodically.
To connect read-only, the Cloud Bank store must have been detached by a StoreOnce System, or connected read/write, within the
past 60 days.
Disconnecting Cloud Bank stores
Disconnecting a Cloud Bank store removes the store from a StoreOnce System and leaves the data in the cloud in a read/write
state. This state allows a Cloud Bank store to be migrated between StoreOnce Systems or used to test cloud connection
functionality.
WARNING: If a Cloud Bank store is encrypted, be sure that you have exported and saved the encryption key before
disconnecting. The encryption key is required to connect to another StoreOnce System.
To disconnect, the StoreOnce System must be connected read/write to the Cloud Bank store.
WARNING: If you do not reconnect a StoreOnce System read/write to the Cloud Bank store within 60 days, the
Cloud Bank store cannot be connected to any StoreOnce System. Thus, the data can no longer be recovered.
After disconnecting, for the first 24 hours, you can only connect a StoreOnce System read-only to the Cloud Bank store.
Editing Cloud Bank stores
If modifying cloud service provider settings for a Cloud Bank store, the StoreOnce System will verify the connectivity and
credentials. If any of the connectivity tests fail, the Cloud Bank store is not changed.
Detaching Cloud Bank stores
Detaching removes a Cloud Bank store from a StoreOnce System and leaves detached Cloud Bank store in a read-only state.
WARNING: If a Cloud Bank store is encrypted, be sure that you have exported and saved the encryption key before
detaching. The encryption key is required to connect to another StoreOnce System.
Detaching is only possible if there is enough Detach Capacity licensed on the StoreOnce System.
IMPORTANT: Once detached, connect read/write is no longer possible. No further data can be written to this store
from a StoreOnce System. However, the bucket or container permissions in the cloud service provider remain
unchanged.
Detaching requires a StoreOnce Cloud Bank Storage Detach license. Once detach is complete, the StoreOnce Cloud Bank Storage
Detach license is reduced by the store size in the cloud. The equivalent value of detach capacity that is used is released from the
Cloud Bank storage read/write capacity. The newly available read/write capacity is available for new or existing Cloud Bank stores.
A detached store can be reattached read-only anytime, with no time limits.
Cloud Bank Detach licensing is not refunded if the detached Cloud Bank store is deleted.
Deleting Cloud Bank stores
If the Cloud Bank store is connected read/write:
WARNING: The data in the cloud service provider storage is marked as deleted. The data can no longer be
recovered to any StoreOnce System.
The Cloud Bank store is removed from the StoreOnce System, but the bucket or container in the cloud service provider remains. You
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
71
can delete the bucket or container using the management interface of the cloud service provider.
If the Cloud Bank store is connected read-only:
Any other StoreOnce Systems connected to this Cloud Bank store will continue to operate.
If you want to delete the Cloud Bank store from the cloud, Hewlett Packard Enterprise recommends first removing the Cloud Bank
store from all connected StoreOnce Systems. Then deleting the bucket or container using the management interface of the cloud
service provider.
This table has been referenced in two Reference Architecture Whitepaper documents, and outlines the usecases for disconnect,
detach and delete:
Table 1. Cloud Bank
Disconnect
Detach
Delete
Cloud data state after
executing
Read-write
Read-only
Inaccessible
Removes objects from cloud
storage
No
No
No
Removes store from the HPE
StoreOnce appliance
Yes
Yes
Yes
Options after executing
Connect (read-write) after 24 Connect (read-only) any time
hours and up to 60 days after after disconnect
disconnect
No time limit on data recovery
Connect (read-only) any time
within 60 days after disconnect
None-Data contained in the
Cloud Bank store in no longer
accessible
If not connected within 60
days, data can only be
recovered with assistance from
HPE Pointnext
Configuring firewalls for Cloud Bank
Cloud Bank connections require connectivity between the StoreOnce and the Cloud Service Provider. In some cases users might need to
alter their firewall configurations to allow traffic to flow through their firewall to the end points. If using an S3 Compatible service
provider, or Scality, this might be the Host address specified when configuring the Cloud Bank store, for instance. For AWS and Azure
service providers, they use a range of addresses depending on the regions used. Further details of the IP address ranges for AWS can be
found here: https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html. Further details of the Azure Datacenter IP ranges can
be found here: https://www.microsoft.com/en-us/download/details.aspx?id=41653 . Depending on the configuration, it is also likely that
ports 80 or 443 would need to be configured on the firewall.
S3 Compatible Cloud Bank stores
For a list of supported S3 Compatible service providers see the StoreOnce Support Matrix. See StoreOnce websites for the link to this
resource.
When using self-signed SSL certificates for S3 Compatible service provider Dell EMC ECS, the SSL certificate provided must be in the
StoreOnce Cloud Bank required format. Cloud Bank expects a Common Name field in the Subject field of an SSL certificate to be present
and match the DNS. The default certificate which ships with ECS is incompatible with Cloud Bank. For details of working with ECS
certificates refer to the “Certificates” section of the ECS Administration guide:
https://www.emc.com/collateral/TechnicalDocument/docu86293.pdf.
Cloud Bank bandwidth limiting windows
Bandwidth limiting can be performed on Cloud Bank traffic to avoid saturating the WAN or Internet link to free up bandwidth for other
processes and applications. A minimum of 2 Mbps per concurrent job is recommended. At least 512 Kbps per concurrent job is required
for reliable operation. Separate limits can be specified for upload and download Cloud Bank traffic.
The Cloud Bank tab includes Bandwidth Limiting information. The Bandwidth Limiting Windows section contains the following
information that relates to bandwidth limiting on Cloud Bank copy jobs:
General bandwidth upload and download limit—Administrator users may enable and apply a general bandwidth limit for upload and
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
72
download traffic.
List of scheduled bandwidth limiting windows —Administrators can specify certain times when different bandwidth limits may
apply. Any bandwidth limiting window entered will overwrite the general bandwidth limit.
You can configure up to two windows for each day and can configure upload and download limits separately. All settings are applied to
the StoreOnce System and not for individual jobs. The Bandwidth Limit windows override the General Limit when the time specified for
the window is active.
Bandwidth Limit Subnets —When connecting to AWS / Azure / Scality / S3 Compatible through a proxy, provide the subnet of the proxy
server. When connecting directly to Scality / S3 Compatible, provide the subnet of the Scality / S3 Compatible server. The subnets
should be in CIDR block notation with no host bits set (For example 192.168.1.0/24). If connecting to AWS or Azure without a proxy no
action is required.
Only network traffic which goes through the StoreOnce network default route will be throttled. If the StoreOnce network configuration
is modified to change the default route to another interface, throttling will only take place after disabling and re-enabling both the
General Bandwidth Limit and any Bandwidth Limiting Windows.
If you are using any specific IP that is not part of the common AWS or Azure public cloud, you can add the IP address as a subnet.
Creating Cloud Bank stores
Prerequisites
You need the following to create a Cloud Bank store:
A connection that allows the StoreOnce System to contact the cloud service provider.
Account name and credentials to access the cloud service provider.
Name of the bucket or container on the cloud to connect to the Catalyst store.
About this task
Only users with the Administrator role can create and manage Cloud Bank stores. See also Tips for working with Cloud Bank stores . For
service provider information, see Cloud Bank stores service providers and properties .
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, expand the Actions menu and select Create.
The Create dialog enables you to specify the following:
Service Provider Settings
Security Settings
Advanced Settings
Connecting Cloud Bank stores
About this task
Only users with the Administrator role can create and manage Cloud Bank stores. See also Tips for working with Cloud Bank stores .
IMPORTANT:
Connecting read/write can only be done 24 hours after disconnecting or detaching the Cloud Bank store.
It is only possible to connect a Cloud Bank store to a StoreOnce System that is running a StoreOnce version equal
or newer than the StoreOnce version used to last write to the CloudBank store.
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
73
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
4. On the screen for the Cloud Bank store, expand the Actions menu and select Connect.
5. On the Connect dialog, provide the required information for the cloud service provider and click Connect.
If the cloud service provider is configured with a self-signed SSL certificate, details about the connection are displayed. To
continue, confirm the trust for the service provider. Or, cancel the connection.
6. After the connecting:
Details of the Cloud Bank store are displayed. The store name, description, number of items, last access date, and other details
are displayed.
IMPORTANT: Before proceeding, review the details to verify that the Cloud Bank store is the correct store to
attach to the StoreOnce System.
If the Cloud Bank Store is encrypted, and the StoreOnce System does not have the encryption key, an encryption key request is
displayed. To continue, the encryption key file must be uploaded.
7. If the Cloud Bank store is not the correct store, cancel the connect action. Otherwise, select Connect Read Only or Connect Read
Write.
Deleting Cloud Bank stores
About this task
Only users with the Administrator role can create and manage Cloud Bank stores. See also Tips for working with Cloud Bank stores .
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
4. On the screen for the Cloud Bank store, expand the Actions menu and select Delete.
Detaching Cloud Bank stores
About this task
Only users with the Administrator role can create and manage Cloud Bank stores. See also Tips for working with Cloud Bank stores .
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
4. On the screen for the Cloud Bank store, expand the Actions menu and select Detach.
Disconnecting Cloud Bank stores
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
74
About this task
Only users with the Administrator role can create and manage Cloud Bank stores. See also Tips for working with Cloud Bank stores .
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
4. On the screen for the Cloud Bank store, expand the Actions menu and select Disconnect.
Editing Cloud Bank stores
About this task
Only users with the Administrator role can create and manage Cloud Bank stores. See also Tips for working with Cloud Bank stores .
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
4. On the screen for the Cloud Bank store, expand the Actions menu and select Edit.
The Edit dialog enables you to specify the following:
Service Provider Settings
Security Settings
Advanced Settings
Exporting encryption keys for Cloud Bank stores
About this task
IMPORTANT: To allow an encrypted Cloud Bank store to be accessed by a different StoreOnce System, its encryption
key is required. HPE recommends that you export the encryption key and securely store it.
The encryption key password must comply with the following criteria:
A minimum of 15 characters, and a maximum of 32 characters.
A minimum of 1 uppercase character, and 1 lowercase character.
A minimum of 1 numeric character, and 1 special character.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Cloud Bank Stores above the graphic.
3. On the Cloud Bank Stores screen, click the Cloud Bank store.
4. On the screen for the Cloud Bank store, expand the Actions menu and select Export Key.
5. Enter a password for encrypting the exported key.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
75
Importing encryption keys for Cloud Bank stores
Prerequisites
An encryption key and password for the Cloud Bank store to connect
To connect read/write, 24 hours must pass after the Cloud Bank store was disconnected
To connect read-only, the Cloud Bank store can remain connected to another StoreOnce System, or can be connected read-only
immediately after disconnecting from a StoreOnce System
About this task
Importing an encryption key applies when moving a Cloud Bank store from one StoreOnce System to a different StoreOnce System. Or,
connect read-only to a Cloud Bank store on a different StoreOnce system to use the data from the store for analysis.
Procedure
1. Log in to the StoreOnce System on which you are importing the encryption key.
2. On the main menu, select Data Services.
3. Navigate to the Cloud Bank Stores screen.
4. From the Actions menu, select Connect to Store.
5. On the Connect to Store screen, select the Service Provider.
6. On the Service Provider dialog, complete the required fields according to your Cloud Bank provider configuration, and click OK.
Cloud Bank stores screens and properties
Cloud Bank Stores screen (all stores)
TIP: In the list view, columns for the most often viewed properties are shown by default. To add or remove columns,
click the column selector icon (
).
Property
Description
Store Name
The name of the Cloud Bank store on the source StoreOnce system.
Status
The status of the Cloud Bank store. OK, Warning, Critical.
User Data Stored
The amount of data that you have backed up, reconciled with the logical data recorded on
the StoreOnce supported backup application.
Size In Cloud
The size of the Catalyst store on the Cloud Bank service provider. This is the space
consumed after deduplication.
Dedupe Ratio
The ratio of duplicate data against new data identified in the Cloud Bank store.
More properties
Size on Disk
The actual size used on disk after deduplication.
Number Of Items
The number of items in the Catalyst store.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
76
Property
Description
Physical Storage Quota
The quota for the amount of data written to disk after deduplication. If the quota is enabled,
and the quota limit is reached, backups will fail to prevent the quota from being exceeded.
The quota allows you to partition the physical capacity of the StoreOnce System between
various users. Applications with a better deduplication ratio can store more data.
TIP:
If you need capacity management, HPE recommends configuring StoreOnce
supported backup applications that have quotas to reroute to another device or
to postpone backups. Rerouting will prevent backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to “Online
- Critical.” The Catalyst store status will change to “Fault.” Restores from that
store are permitted, but new backups will fail. To remedy, increase the quota or
expire backups.
When the quota is no longer met, the Catalyst store status and the overall
Catalyst status will return to the “Running” state.
Using quotas and client permissions to control client access to the Catalyst store
defines how much space a particular user can use on the StoreOnce System.
Logical Storage Quota
The quota for the amount of data sent to the disk before deduplication. If the quota is
enabled and the quota limit is reached, backups will fail to prevent the quota from being
exceeded. A quota allows you to provide a service to back up a particular amount of user
data.
The logical data size of a Catalyst item is updated at every 1 GB of physical data stored or
when a Catalyst item is closed.
In backups with high deduplication ratios, a logical data size quota can be exceeded before
the Catalyst store prevents further backups. The physical data size quota, which updates
more frequently, is not affected. For example, if a logical data quota size is set to 1 TB and
the backup has a deduplication ratio of 10:1, the logical data size quota can be exceeded by
10 GB.
TIP:
If you need capacity management, HPE recommends configuring backup
applications that have quotas to reroute to another device or to postpone
backups. Rerouting will prevent backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to “Online
- Critical.” The Catalyst store status will change to “Fault.” Restores from that
store are permitted, but new backups will fail. To remedy, increase the quota or
expire backups.
When the quota is no longer met, the Catalyst store status and the overall
Catalyst status will return to the “Running” state. Using quotas and client
permissions to control client access to Catalyst stores defines how much space a
particular user can use on the StoreOnce System.
Encryption
Indicates whether the Catalyst store data is encrypted. Shows as Not Licensed if there is no
encryption license on the StoreOnce System. If encryption is licensed, shows as Enabled or
Disabled.
Estimated Time
After a Connect action is started, this property shows the estimated time until the Cloud
Bank store will be reconnected.
Cloud Bank Stores screen (individual store), Overview tab
Property
Description
Status bar
The status of the Catalyst store. Shows as Online, Down, or Error.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
77
Property
Description
Store Dedupe Ratio
The deduplication ratio achieved on the data on the Catalyst store.
User Data Stored
The amount of user data stored on the Catalyst store.
Size in Cloud
The size of the Catalyst store on the Cloud Bank service provider. This is the space consumed after
deduplication.
Size on Disk
The size of the Catalyst store on the StoreOnce System. This is the space consumed after
deduplication.
Items
The number of items in the Catalyst store.
Logical Storage Quota
The quota for the amount of data sent to the disk before deduplication. If the quota is enabled and
the quota limit is reached, backups will fail to prevent the quota from being exceeded. A quota
allows you to provide a service to back up a particular amount of user data.
The logical data size of a Catalyst item is updated at every 1 GB of physical data stored or when a
Catalyst item is closed.
In backups with high deduplication ratios, a logical data size quota can be exceeded before the
Catalyst store prevents further backups. The physical data size quota, which updates more
frequently, is not affected. For example, if a logical data quota size is set to 1 TB and the backup
has a deduplication ratio of 10:1, the logical data size quota can be exceeded by 10 GB.
TIP:
If you need capacity management, HPE recommends configuring backup applications
that have quotas to reroute to another device or to postpone backups. Rerouting will
prevent backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to “Online Critical.” The Catalyst store status will change to “Fault.” Restores from that store are
permitted, but new backups will fail. To remedy, increase the quota or expire backups.
When the quota is no longer met, the Catalyst store status and the overall Catalyst
status will return to the “Running” state. Using quotas and client permissions to control
client access to Catalyst stores defines how much space a particular user can use on the
StoreOnce System.
Physical Storage Quota
The quota for the amount of data written to disk after deduplication. If the quota is enabled, and
the quota limit is reached, backups will fail to prevent the quota from being exceeded. The quota
allows you to partition the physical capacity of the StoreOnce System between various users.
Applications with a better deduplication ratio can store more data.
TIP:
If you need capacity management, HPE recommends configuring StoreOnce supported
backup applications that have quotas to reroute to another device or to postpone
backups. Rerouting will prevent backups from failing unexpectedly.
When a Catalyst store reaches its quota, the status of the store changes to “Online Critical.” The Catalyst store status will change to “Fault.” Restores from that store are
permitted, but new backups will fail. To remedy, increase the quota or expire backups.
When the quota is no longer met, the Catalyst store status and the overall Catalyst
status will return to the “Running” state.
Using quotas and client permissions to control client access to the Catalyst store defines
how much space a particular user can use on the StoreOnce System.
Cloud Bank Stores screen (individual store), Details tab
Property
Description
Store Name
Name of the Catalyst store.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
78
Property
Description
Description
A text description of the store (optional).
System Serial Number
The unique serial number generated automatically by the StoreOnce System.
System Name
Name of the StoreOnce System.
Created
The date and time that the Catalyst store was created.
Number of Catalyst Items
The number of items in the Catalyst store.
Security
Store Encryption
Indicates whether the Catalyst store data is encrypted. Shows as Not Licensed if there is
no encryption license on the StoreOnce System. If encryption is licensed, shows as Enabled
or Disabled.
Secure Erase Mode
The availability of HPE Secure Erase. Shows as None or the number of Secure Erase
passes.
Cloud Bank Storage
Cloud Service Provider
Name of the Cloud Bank service provider.
Access Key
The access key (user name) of the cloud storage.
Host
The host IP address of the cloud storage.
Proxy
Option which determines whether connection to Azure is routed through an HTTP proxy
or not.
SSL
Indicates whether encrypted communication with the Cloud Bank service provider is used.
Self-signed SSL Certificate
Indicates whether a self-signed SSL certificate is used.
Signature Version
Select either v2 or v4 signature authentication with S3 connections. HPE recommends v4.
Bucket Name
The bucket name of the cloud storage.
Transfer Policies
Primary (Default) Transfer Policy
The default transfer policy for the server. Media servers can be configured individually to
use the most efficient transfer policy. As long as the two transfer policies have different
values, the media server will determine which is the most bandwidth efficient transfer
policy to use.
High: all data is sent from the media server and deduplicated on the StoreOnce
System. Also called target-side deduplication.
Low: the media server deduplicates the data and sends only unique data. Also called
source-side deduplication.
Secondary Transfer Policy
Generally, the opposite of the primary transfer policy so the media server can determine
which policy is most appropriate. However, you can enforce the transfer policy used by the
media servers by setting both the primary and secondary transfer policies to the same
value.
Session History
Backup/Restore History
The number of days that the history of the backup/restore job is saved.
Copy History
The number of days that the history of the copy job is saved.
Cloud Bank Stores screen (individual store), Permissions tab
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
79
Property
Description
Public Access
Public Access (state of)
Enabled or disabled. If enabled, all clients have unrestricted access to all Catalyst stores.
TIP: The more secure approach is to disable Public Access and instead assign
individual client identifier access.
Client Access
Client Name
The Catalyst client name that is provided to the StoreOnce supported backup applications
when connecting to StoreOnce Catalyst. The client name and password are used to
authenticate access to Catalyst stores.
Description
A description of the Catalyst client (optional).
Client Access (state)
Enabled or disabled. If enabled, you assign permissions when configuring clients and stores.
HPE recommends enabling client access for increased data security.
Cloud Bank Stores screen (individual store), Items tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
).
IMPORTANT:
Users with the Administrator role can delete individual items. However, HPE recommends that you use the StoreOnce
supported backup application remove items. Using the backup application will ensure integrity with the backup
application catalog. Deleting items using the StoreOnce Management Console should only be done as a last resort.
Property
Description
Modified
The date and time that the item in the Catalyst store was modified.
Item
The name of the item within the data job. The name is created by the StoreOnce supported backup
application. Each data job can have multiple items.
Tag List
A list of tags or marks defined by the backup application that are used to filter items.
Logical Data Size
The amount of data sent to the device before deduplication.
More properties
Created
The date and time that the item in the Catalyst store was created.
Cloud Bank Stores screen (individual store), Backup/Restore tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
Property
).
Description
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
80
Property
Description
Status
Status of the data job item, which may be:
Running: In progress
Completed: The item has completed successfully, this status does not mean the entire data
job has completed, only the item, and does not reconcile with the backup application job
completion status.
Cancelled: The Status Information provides more details. For example, the data connection
has been lost between the StoreOnce System and the media server. (This situation is
unlikely to occur).
Unexpected error: The StoreOnce System experienced a problem while processing the item.
Insufficient disk space: It will be necessary to clear some disk space or add storage.
Link failure: IP connectivity has been lost and the backup application must retry the job.
System shutdown: The backup application system has been shut down.
IMPORTANT:
HPE recommends that you use the backup application to clean up incomplete or
orphaned items before retrying the job.
Started
Date and time that the data job started.
Item
The name of the item within the data job. This name is created by the backup application. Each
data job may have multiple items.
Logical Data Written
The amount of user data that was written. This amount reconciles with information in the
backup application log. A backup job can span multiple items.
Logical Data Read
The amount of user data that was read.
More properties
Status Information
Information which explains the reason for the status that is reported.
Ended
Date and time that the data job ended.
Write Duration
The length of time that data was written.
Read Duration
The length of time that data was read.
Clone Duration
The length of time that data was being cloned.
Backup Application
The StoreOnce supported backup application that created the item.
Client Name
Name that identifies the client application that created the item.
Client Address
The IP address of the server that created the item.
Deduplication Ratio
The deduplication ratio achieved on the data on the Catalyst store.
Logical Data Cloned
The amount of data that was cloned.
Logical Write Throughput
The rate that at which data was actually written. This rate is typically less than the write
bandwidth.
Logical Read Throughput
The rate at which data was actually read. This rate is typically less that the read bandwidth
rating.
Logical Clone Throughput
The rate at which data was cloned.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
81
Property
Description
Write Bandwidth
The theoretical maximum rate that data could be written, without regard to practical
considerations.
Read Bandwidth
The theoretical maximum rate that data could be read, without regard to practical
considerations.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal Network.
Total Data Transferred
The total amount of data transferred in the job.
Cloud Bank Stores screen (individual store), Outbound Copy tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
).
Property
Description
Status
The status of the outbound copy job, which may be Queued, Paused, Running , Cancelled, or
Completed.
Queued
The date and time the job was put in the queue.
Source Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Source Item Size
The size of the source item.
Percentage Completed
The percentage of the copy job that has been completed.
More properties
Status Information
Information which explains the reason for the status that is reported.
Backup Application
The StoreOnce supported backup application that created the item.
Started
Date and time that the data job started.
Ended
Date and time that the data job ended.
Duration
The amount of time taken to copy the data.
Estimated Completion
The estimated completion time, if the copy job is still running.
Client Address
The IP address of the server that created the item.
Client Name
The client that initiated the outbound copy job. The client name is defined in the StoreOnce
supported backup application.
Source Item Last Modified
The date and time that the source item was last modified.
TIP: This information is useful if you need to check whether the source item might
have been modified during the copy attempt. An error message is also generated
if the source item is modified while copying.
Source Item Copy Offset
This value identifies where the data to be copied occurs within the source item.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
82
Property
Description
Source Item Copy Size
This value identifies the size of the data to be copied within the source item.
Target Address
The IP address of the target server. The target is the other StoreOnce System to which the
job is being copied from this StoreOnce System. All target details are specified by the
backup application when the outbound copy job is created.
Target Store Name
The name of the target Catalyst store on the StoreOnce System to which the data is being
copied.
Target Item
The name of the target item on the StoreOnce System to which the dat is being copied. All
item names are defined by the StoreOnce supported backup application.
Target Item Copy Offset
This value identifies where the data to be copied occurs within the target item.
Copy Throughput
The rate that at which data was actually copied. This rate is typically less than the
theoretical maximum bandwidth.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal Network.
Data Copied
The amount of data copied. This value matches the source item data size.
Total Bandwidth
The theoretical maximum rate that data could be copied without regard to practical
considerations.
Total Bandwidth Saving
The percentage of bandwidth saved. The % bandwidth saving depends on whether the
Catalyst store has been configured for source-side deduplication with a low-bandwidth
transfer policy, or target-side deduplication with a high-bandwidth transfer policy.
Unsuccessful Retry Attempts
The number of retry attempts that were unsuccessful.
TIP: If there are multiple unsuccessful attempts, a network link may be down or a
blackout window may be scheduled.
Next Copy Attempt Time
The date and time for the next copy attempt.
Copy Marked for Cancellation
Indicates whether the user has cancelled the copy job.
Cloud Bank Stores screen (individual store), Inbound Copy tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
).
Property
Description
Status
The status of the outbound copy job, which may be Queued, Paused, Running ,Cancelled, or
Completed.
Queued
The date and time the job was put in the queue.
Source Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Source Item Size
The size of the source item.
Percentage Completed
The percentage of the copy job that has been completed.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
83
Property
Description
More properties
Status Information
Information which explains the reason for the status that is reported.
Backup Application
The StoreOnce supported backup application that created the item.
Started
Date and time that the data job started.
Ended
Date and time that the data job ended.
Duration
The amount of time taken to copy the data.
Estimated Completion
The estimated completion time, if the copy job is still running.
Client Address
The IP address of the server that created the item.
Client Name
The client that initiated the inbound copy job. The client name is defined in the StoreOnce
supported backup application.
Source Address
The IP address of the source server. The source is the StoreOnce System from which the
data is being copied to this StoreOnce System.
Source Store Name
The name of the source Catalyst store on the StoreOnce System from which the data is
being copied.
Source Item Last Modified
The date and time that the source item was last modified.
TIP: This information is useful if you need to check whether the source item might
have been modified during the copy attempt. An error message is also generated
if the source item is modified while copying.
Source Item Copy Offset
This value identifies where the data to be copied occurs within the source item.
Source Item Copy Size
This value identifies the size of the data to be copied within the source item.
Target Item
The name of the target item on the StoreOnce System to which the dat is being copied. All
item names are defined by the StoreOnce supported backup application.
Target Item Copy Offset
This value identifies where the data to be copied occurs within the target item.
Copy Throughput
The rate that at which data was actually copied. This rate is typically less than the
theoretical maximum bandwidth.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal Network.
Data Copied
The amount of data copied. This value matches the source item data size.
Total Bandwidth
The theoretical maximum rate that data could be copied without regard to practical
considerations.
Total Bandwidth Saving
The percentage of bandwidth saved. The % bandwidth saving depends on whether the
Catalyst store has been configured for source-side deduplication with a low-bandwidth
transfer policy, or target-side deduplication with a high-bandwidth transfer policy.
Copy Marked for Cancellation
Indicates whether the user has cancelled the copy job.
Clients
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
84
Subtopics
Integrating backup applications with StoreOnce Catalyst clients overview
Adding StoreOnce Catalyst clients to StoreOnce Systems
Adding StoreOnce Catalyst client access for StoreOnce Catalyst stores
Deleting StoreOnce Catalyst clients for StoreOnce Systems
Editing StoreOnce Catalyst clients for StoreOnce Systems
Editing client access for StoreOnce Catalyst stores
Editing client public access for StoreOnce Catalyst stores
Integrating backup applications with StoreOnce Catalyst clients overview
Prerequisites
This overview assumes that the StoreOnce Catalyst stores that will be used with backup applications exist. If you have not created the
stores, see Creating StoreOnce Catalyst stores.
About this task
Many backup applications include features that integrate with StoreOnce Catalyst. The integration allows users of supported backup
applications to perform StoreOnce Catalyst backup/restore and copy operations from the backup application user interface. StoreOnce
Catalyst clients are key components of the integration. StoreOnce Catalyst clients are permissions-centric clients on StoreOnce Systems
that allow you to control the access that backup applications have with StoreOnce Catalyst stores.
This overview outlines how to create StoreOnce Catalyst clients, and how to use the clients to control backup application access to
StoreOnce Catalyst stores.
Procedure
Create StoreOnce Catalyst clients for use with backup applications
1. Create named StoreOnce Catalyst clients for controlling backup application access to StoreOnce Catalyst stores. Lean more: Adding
StoreOnce Catalyst clients to StoreOnce Systems.
For example, you might create StoreOnce Catalyst clients on a StoreOnce System that have the names west division and east
division. Your backup applications could then be configured to associate their backup/restore and copy actions with those
StoreOnce Catalyst clients.
Add the StoreOnce Catalyst clients to individual StoreOnce Catalyst stores
2. Add the named StoreOnce Catalyst clients to specific StoreOnce Catalyst stores. Adding named StoreOnce Catalyst clients to
individual StoreOnce Catalyst stores enables you to control the backup applications that have permission to interact with the
StoreOnce Catalyst stores. Learn more: Adding StoreOnce Catalyst client access for StoreOnce Catalyst stores.
For example, you might add the StoreOnce Catalyst client west division to several StoreOnce Catalyst stores, and add the
StoreOnce Catalyst client east division to other StoreOnce Catalyst stores.
Alternately, if you want less specific control, you can allow Public Access for a StoreOnce Catalyst store. Public Access allows any
named StoreOnce Catalyst client to access the StoreOnce Catalyst store. Learn more: Editing client public access for StoreOnce
Catalyst stores.
Configure your backup applications
3. After you have created StoreOnce Catalyst clients and added them to StoreOnce Catalyst stores, you can configure supported
backup applications to interact with the stores.
TIP: To configure supported backup applications, you will need the IP address of the StoreOnce System, and the
names and passwords for the StoreOnce Catalyst clients.
Adding StoreOnce Catalyst clients to StoreOnce Systems
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
85
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Permissions tab.
3. Expand the Actions menu and select Add.
Adding StoreOnce Catalyst client access for StoreOnce Catalyst stores
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Permissions tab.
5. On the Client Access panel, expand the Actions menu and select Add.
Deleting StoreOnce Catalyst clients for StoreOnce Systems
About this task
WARNING: If you delete a StoreOnce Catalyst client for a StoreOnce System, data protection software that uses the
client will no longer have access to StoreOnce Catalyst stores on the system.
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Permissions tab.
3. Click the StoreOnce Catalyst client, and then expand the Actions menu and select Remove.
Editing StoreOnce Catalyst clients for StoreOnce Systems
About this task
You can edit StoreOnce Catalyst client descriptions and passwords. You cannot change the names of StoreOnce Catalyst clients.
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Permissions tab.
3. Click the StoreOnce Catalyst client, and then expand the Actions menu and select Edit.
Editing client access for StoreOnce Catalyst stores
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
86
About this task
StoreOnce Catalyst client access to a StoreOnce Catalyst store is enabled when the client is added to the store. You can later disable
and enable access by editing the client permissions for the store.
TIP: If Public Access to a StoreOnce Catalyst store is enabled, then individual StoreOnce Catalyst client access cannot
be edited.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Permissions tab.
5. Click the StoreOnce Catalyst client, and then expand the Actions menu and select Edit.
Editing client public access for StoreOnce Catalyst stores
About this task
When Public Access to a StoreOnce Catalyst store is enabled, any named StoreOnce Catalyst client on the StoreOnce system can be
used by a supported backup application to access the store.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Permissions tab.
5. On the Public Access panel, click the edit icon (
).
Items
Subtopics
Viewing StoreOnce Catalyst items
Viewing StoreOnce Catalyst items related-sessions
Deleting StoreOnce Catalyst items
Viewing StoreOnce Catalyst items
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Items tab. A list of items in the store is shown.
5. To view details of an item, click its information icon (
).
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
87
Viewing StoreOnce Catalyst items related-sessions
About this task
You can view the sessions that are related to an item in a StoreOnce Catalyst store.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, click the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Items tab.
5. Select the item and then expand the Actions menu and select Show Backup/Restore Sessions, Show Outbound Copy Sessions, or
Show Inbound Copy Sessions .
Deleting StoreOnce Catalyst items
About this task
WARNING: Deleting items from the StoreOnce Catalyst store will permanently delete the data. HPE recommends using
the backup application to delete items. Using the backup application will ensure that the backup application catalog is
updated.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store, and then click the Items tab.
4. Select the item, and then expand the Actions menu and select Delete .
Backup/restore and copy sessions
About Job types
Different backup applications can use different terminology for data transfers.
From a StoreOnce Catalyst perspective, if data is being moved between the StoreOnce System and a media server or application server,
it is a data job. If the transfer is between two StoreOnce Systems, it is a StoreOnce Catalyst copy job.
Data jobs
For data jobs, the backup application is responsible for the data movement.
If the number of data jobs starts getting high, the StoreOnce System can be loaded heavily. You can see jobs failing to start, or running
slowly (although the aggregate performance across the many jobs will still be high) due to insufficient resources being available.
Copy jobs
For copy jobs, the StoreOnce System is responsible for all data movement (although the process is initiated by the backup application
software).
If the number of copy jobs gets high (close to the maximum concurrent jobs), copies will not fail. Copy activities happen under the
control of the StoreOnce System and it will optimize the queuing and running of jobs based on the resources available.
TIP:
The Maximum Concurent Jobs value is not guaranteed in all cases.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
88
Subtopics
Viewing StoreOnce Catalyst backup/restore sessions
StoreOnce Catalyst stores backup/restore properties
Viewing Catalyst copy sessions
Catalyst stores copy properties
Comparing StoreOnce Catalyst backup/restore sessions
Canceling StoreOnce Catalyst copy sessions
Comparing StoreOnce Catalyst copy sessions
Pausing and resuming outbound copy sessions
Viewing StoreOnce Catalyst backup/restore sessions
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store, and then click the Backup/Restore tab.
4. To view the details for a backup/restore session, click its information icon (
).
StoreOnce Catalyst stores backup/restore properties
Catalyst Stores screen (individual store), Backup/Restore tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
Property
).
Description
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
89
Property
Description
Status
Status of the data job item, which may be:
Running: In progress
Completed: The item has completed successfully, this status does not mean the entire data
job has completed, only the item, and does not reconcile with the backup application job
completion status.
Cancelled: The Status Information provides more details. For example, the data connection
has been lost between the StoreOnce System and the media server. (This situation is
unlikely to occur).
Unexpected error: The StoreOnce System experienced a problem while processing the item.
Insufficient disk space: It will be necessary to clear some disk space or add storage.
Link failure: IP connectivity has been lost and the backup application must retry the job.
System shutdown: The backup application system has been shut down.
IMPORTANT:
HPE recommends that you use the backup application to clean up incomplete or
orphaned items before retrying the job.
Started
Date and time that the data job started.
Item
The name of the item within the data job. This name is created by the backup application. Each
data job may have multiple items.
Logical Data Written
The amount of user data that was written. This amount reconciles with information in the
backup application log. A backup job can span multiple items.
Logical Data Read
The amount of user data that was read.
More properties
Status Information
Information which explains the reason for the status that is reported.
Ended
Date and time that the data job ended.
Write Duration
The length of time that data was written.
Read Duration
The length of time that data was read.
Clone Duration
The length of time that data was being cloned.
Backup Application
The StoreOnce supported backup application that created the item.
Client Name
Name that identifies the client application that created the item.
Client Address
The IP address of the server that created the item.
Deduplication Ratio
The deduplication ratio achieved on the data on the Catalyst store.
Logical Data Cloned
The amount of data that was cloned.
Logical Write Throughput
The rate that at which data was actually written. This rate is typically less than the write
bandwidth.
Logical Read Throughput
The rate at which data was actually read. This rate is typically less that the read bandwidth
rating.
Logical Clone Throughput
The rate at which data was cloned.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
90
Property
Description
Write Bandwidth
The theoretical maximum rate that data could be written, without regard to practical
considerations.
Read Bandwidth
The theoretical maximum rate that data could be read, without regard to practical
considerations.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal Network.
Total Data Transferred
The total amount of data transferred in the job.
Viewing Catalyst copy sessions
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the Catalyst store, and then click the Outbound Copy, or Inbound Copy tab.
Each tab shows the appropriate list of copy sessions.
4. To view the details for a copy session, click its information icon (
).
Catalyst stores copy properties
Catalyst Stores screen (individual store), Outbound Copy tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
).
Property
Description
Status
The status of the outbound copy job, which may be Queued, Paused, Running , Cancelled, or
Completed.
Queued
The date and time the job was put in the queue.
Source Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Source Item Size
The size of the source item.
Percentage Completed
The percentage of the copy job that has been completed.
More properties
Status Information
Information which explains the reason for the status that is reported.
Backup Application
The StoreOnce supported backup application that created the item.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
91
Property
Description
Started
Date and time that the data job started.
Ended
Date and time that the data job ended.
Duration
The amount of time taken to copy the data.
Estimated Completion
The estimated completion time, if the copy job is still running.
Client Address
The IP address of the server that created the item.
Client Name
The client that initiated the outbound copy job. The client name is defined in the StoreOnce
supported backup application.
Source Item Last Modified
The date and time that the source item was last modified.
TIP: This information is useful if you need to check whether the source item might
have been modified during the copy attempt. An error message is also generated
if the source item is modified while copying.
Source Item Copy Offset
This value identifies where the data to be copied occurs within the source item.
Source Item Copy Size
This value identifies the size of the data to be copied within the source item.
Target Address
The IP address of the target server. The target is the other StoreOnce System to which the
job is being copied from this StoreOnce System. All target details are specified by the
backup application when the outbound copy job is created.
Target Store Name
The name of the target Catalyst store on the StoreOnce System to which the data is being
copied.
Target Item
The name of the target item on the StoreOnce System to which the dat is being copied. All
item names are defined by the StoreOnce supported backup application.
Target Item Copy Offset
This value identifies where the data to be copied occurs within the target item.
Copy Throughput
The rate that at which data was actually copied. This rate is typically less than the
theoretical maximum bandwidth.
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal Network.
Data Copied
The amount of data copied. This value matches the source item data size.
Total Bandwidth
The theoretical maximum rate that data could be copied without regard to practical
considerations.
Total Bandwidth Saving
The percentage of bandwidth saved. The % bandwidth saving depends on whether the
Catalyst store has been configured for source-side deduplication with a low-bandwidth
transfer policy, or target-side deduplication with a high-bandwidth transfer policy.
Unsuccessful Retry Attempts
The number of retry attempts that were unsuccessful.
TIP: If there are multiple unsuccessful attempts, a network link may be down or a
blackout window may be scheduled.
Next Copy Attempt Time
The date and time for the next copy attempt.
Copy Marked for Cancellation
Indicates whether the user has cancelled the copy job.
Catalyst Stores screen (individual store), Inbound Copy tab
TIP:
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
92
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display the properties in a Details flyout, click the information icon (
).
Property
Description
Status
The status of the outbound copy job, which may be Queued, Paused, Running ,Cancelled, or
Completed.
Queued
The date and time the job was put in the queue.
Source Item
The name of the item within the data job. This name is created by the backup application.
Each data job may have multiple items.
Source Item Size
The size of the source item.
Percentage Completed
The percentage of the copy job that has been completed.
More properties
Status Information
Information which explains the reason for the status that is reported.
Backup Application
The StoreOnce supported backup application that created the item.
Started
Date and time that the data job started.
Ended
Date and time that the data job ended.
Duration
The amount of time taken to copy the data.
Estimated Completion
The estimated completion time, if the copy job is still running.
Client Address
The IP address of the server that created the item.
Client Name
The client that initiated the inbound copy job. The client name is defined in the StoreOnce
supported backup application.
Source Address
The IP address of the source server. The source is the StoreOnce System from which the
data is being copied to this StoreOnce System.
Source Store Name
The name of the source Catalyst store on the StoreOnce System from which the data is
being copied.
Source Item Last Modified
The date and time that the source item was last modified.
TIP: This information is useful if you need to check whether the source item might
have been modified during the copy attempt. An error message is also generated
if the source item is modified while copying.
Source Item Copy Offset
This value identifies where the data to be copied occurs within the source item.
Source Item Copy Size
This value identifies the size of the data to be copied within the source item.
Target Item
The name of the target item on the StoreOnce System to which the dat is being copied. All
item names are defined by the StoreOnce supported backup application.
Target Item Copy Offset
This value identifies where the data to be copied occurs within the target item.
Copy Throughput
The rate that at which data was actually copied. This rate is typically less than the
theoretical maximum bandwidth.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
93
Property
Description
Transport Protocol
Indicates whether the copy was performed using Fibre Channel, TCP-IP, or the StoreOnce
Internal Network.
Data Copied
The amount of data copied. This value matches the source item data size.
Total Bandwidth
The theoretical maximum rate that data could be copied without regard to practical
considerations.
Total Bandwidth Saving
The percentage of bandwidth saved. The % bandwidth saving depends on whether the
Catalyst store has been configured for source-side deduplication with a low-bandwidth
transfer policy, or target-side deduplication with a high-bandwidth transfer policy.
Copy Marked for Cancellation
Indicates whether the user has cancelled the copy job.
Comparing StoreOnce Catalyst backup/restore sessions
About this task
You can compare backup/restore sessions for a StoreOnce Catalyst store.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, select the StoreOnce Catalyst store, and then click the Backup/Restore tab.
4. Select two backup/restore sessions, and then click the compare icon (
).
Canceling StoreOnce Catalyst copy sessions
About this task
Users are recommended to cancel copy sessions from the backup application. However, from the StoreOnce Management Console, you
can cancel active outbound and inbound copy sessions for a StoreOnce Catalyst store.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, click the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Outbound Copy tab or Inbound Copy tab, as appropriate.
5. Click the check box for the copy session, and then expand the Actions menu and select Cancel.
Comparing StoreOnce Catalyst copy sessions
About this task
You can compare outbound and inbound copy sessions for a StoreOnce Catalyst store.
Procedure
1. On the main menu, select Data Services.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
94
2. On the Data Services screen, click the title Catalyst Stores above the graphic.
3. On the Catalyst Stores screen, click the StoreOnce Catalyst store.
4. On the screen for the StoreOnce Catalyst store, click the Outbound Copy tab or Inbound Copy tab, and then expand the Actions
menu and select Compare.
Pausing and resuming outbound copy sessions
About this task
You can pause and resume outbound copy sessions on a StoreOnce System.
WARNING: All outbound copy sessions on a StoreOnce System are paused. No further data is copied until outbound
copy sessions are resumed.
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Bandwidth Limits tab.
3. On the Outbound Copy Sessions Bandwidth Limiting Windows panel, expand the Actions menu and select Pause Copy Sessions or
Resume Copy Sessions, as appropriate.
StoreOnce Catalyst over Fibre Channel
TIP:
The Fibre Channel Settings are only relevant to certain StoreOnce System models and are only available if the
StoreOnce System supports Fibre Channel.
If StoreOnce Catalyst over Fibre Channel is supported on the StoreOnce System, the Fibre Channel settings are available. StoreOnce
Catalyst over Fibre Channel functions in the same way as StoreOnce Catalyst over Ethernet. StoreOnce supported backup applications
do not perceive a difference.
However, some configuration is required to set up the backup and restore connections between the ports on the StoreOnce System and
the ports on the client servers. The configuration is done using the Fibre Channel settings screen and actions.
When using StoreOnce Catalyst over Fibre Channel:
Backups are supported on StoreOnce Catalyst over a Fibre Channel interface and over Ethernet networks.
StoreOnce System to StoreOnce System connectivity through optimized StoreOnce Catalyst copy jobs is supported over both
Ethernet and Fibre Channel.
Administrator client privileges are required to run StoreOnce Catalyst over Fibre Channel because it accesses OS-specific device
files associated with StoreOnce Catalyst over Fibre Channel devices.
Subtopics
Viewing StoreOnce Catalyst Fibre Channel device settings
StoreOnce Catalyst over Fibre Channel client considerations
StoreOnce Catalyst over Fibre Channel zoning considerations
Configuring StoreOnce Catalyst over Fibre Channel
Editing StoreOnce Catalyst Fibre Channel settings
StoreOnce Catalyst Fibre Channel number of devices per login
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
95
Editing StoreOnce Catalyst Fibre Channel device login settings
Editing StoreOnce Catalyst Fibre Channel target device settings
StoreOnce Catalyst Fibre Channel settings and properties
Viewing StoreOnce Catalyst Fibre Channel device settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
The Fibre Channel tab shows identifier information and a list of target devices and initiator devices.
3. To view details of a Fibre Channel target or initiator device, click its information icon (
).
StoreOnce Catalyst over Fibre Channel client considerations
Windows clients
Administrator permissions are required to run StoreOnce Catalyst over Fibre Channel backups.
StoreOnce Catalyst over Fibre Channel presents a device type of “Processor.” In Windows Device Manager, these devices are shown as
“Other Devices.” After zoning the devices or changing the Number of Devices per Initiator Port, right-click “Other Devices.” Then select
“Scan for hardware changes” to detect the new devices.
Linux clients
StoreOnce Catalyst over Fibre Channel presents a device type of “Processor.” On Linux, these devices files are created in /dev/sg* .
By default, /dev/sg* devices are accessible by root users only. If backups are run as a nonroot user, first grant the backup user
permissions to access these device files using a Linux udev rule.
The lsscsi --generic command can be used to determine which /dev/sg* device files belong to StoreOnce Catalyst over
Fibre Channel.
To create a udev rule:
1. On every backup server, create a udev file in this location:
/etc/udev/rules.d/70-cofc.rules
2. Add this rule to the file:
KERNEL=="sg[0-9]*", ATTRS{vendor}=="HP*", ATTRS{model}=="StoreOnceCoFC*",
ATTRS{rev}=="CAT1", GROUP="##CORRECT_USER_GROUP##"
where ##CORRECT_USER_GROUP## is replaced by the Linux user group that will perform backups and restores. For example,
dbaororacleorsapsys .
3. Rescan for Linux devicefile changes to update the permissions.
AIX clients
StoreOnce Catalyst over Fibre Channel presents a device type of “Sequential” on AIX. These device files are created in
/dev/rmt* . After zoning the devices, or changing the Number of Devices per Initiator Port, you must scan for device file
changes. You can scan by executing the cfgmgr command on AIX as a root user.
By default, /dev/rmt* device files are accessible by root users only. Running backups as a nonroot user requires an additional
one-time configuration step of running storeonce-cofc-passthrough-install.sh . This installation script must be
run as root and can be found in the backup application installation bin directory. This step is only required when backups will not
be run as a root user.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
96
When using StoreOnce Catalyst over Fibre Channel on AIX, an additional configuration step is required in the StoreOnce
Management Console. Find the WWPN of the client AIX Fibre Channel port. On the Fibre Channel Settings tab, set the Emulation
Mode to AIX. After changing the emulation, you must scan for device file changes by executing the cfgmgr command on AIX as a
root user.
Hewlett Packard Enterprise recommends setting Delayed I/O Failure ( fc_err_recov=delayed_fail ) and Disabled
Dynamic Tracking ( dyntrk=no ) on StoreOnce Catalyst over Fibre Channel AIX media/backup servers. These options are not
compatible with IBM Spectrum Protect. Be sure that StoreOnce Catalyst over Fibre Channel and IBM Spectrum Protect do not use
the same media/backup server.
HP-UX clients
StoreOnce Catalyst over Fibre Channel presents a device type of “Processor.” On HP-UX, these devices files are created in
/dev/pt/ptX . After zoning the devices or changing the Number of Devices per Initiator Port, scan for device file changes. Execute
the ioscan -fnC /dev/pt command as a root user. By default, /dev/pt/ptX devices are accessible by root users only. If
backups are run as a nonroot user, first grant the backup user permissions to access these device files using chmod o+rwx
/dev/pt/pt* .
For finer grained permissions, determine which /dev/pt/ptX device files relate to StoreOnce Catalyst over Fibre Channel using:
/usr/sbin/scsimgr -p get_attr all_lun -a device_file -a dev_type -a pid | grep StoreOnce
Then use chmod o+rwx on the appropriate devices.
Solaris clients
StoreOnce Catalyst over Fibre Channel presents a device type of “Processor.” On Solaris, these devices files are created in
/dev/scsi/processor/* . After zoning the devices or changing the Number of Devices per Initiator Port, scan for device file
changes. Execute the following commands as a root user. These operations will not affect Fibre Channel devices already configured on
the Solaris system.
add_drv -vi scsiclass,03 sgen
update_drv -vai scsiclass,03 sgen
By default, /dev/scsi/processor/* devices are accessible by root users only. If backups are run as a nonroot user, first grant
the backup user permissions to access these device files using chmod -R o+rwx /dev/scsi/processor/* .
For finer grained permissions, determine which /dev/scsi/processor/* device files relate to Catalyst over Fibre Channel
using:
for i in /dev/scsi/processor/*; do echo $i; ls $i; luxadm inq $i | egrep
"Vendor|Product"; echo; done
Then use chmod -R o+rwx on the appropriate devices.
StoreOnce Catalyst over Fibre Channel zoning considerations
Important: Nonoptimal Fibre Channel SAN zoning can lead to a lack of Fibre Channel connectivity. Hewlett Packard Enterprise
recommends the following:
Zone every backup/media server with at least two Fibre Channel ports, and at least two StoreOnce node Fibre Channel ports across
different Fibre Channel cards. Ideally, they are also zoned across different SANs. Multiple connections allow for higher availability. If
a connection is broken, StoreOnce Catalyst over Fibre Channel will automatically attempt to connect on a different path without
failing the backup. The backup will fail from a lack of connection only if no paths are available from the media/backup server or to
the StoreOnce. Zone StoreOnce Catalyst Copy over Fibre Channel source and destination copy devices the same way.
StoreOnce Catalyst Copy over Fibre Channel is a two-way protocol. Zone the source Initiator WWN with the destination target
WWN, and zone the destination Initiator WWN with the source target WWN. The source and destination must be able to
communicate with each other over Fibre Channel.
Use small Fibre Channel zones limiting the number of Fibre Channel ports in each zone.
StoreOnce Catalyst over Fibre Channel does not use or rely on any external multipath drivers. Connections are balanced using
StoreOnce Catalyst over Fibre Channel internal algorithms. Catalyst over Fibre Channel ignores installed multipath drivers.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
97
Configuring StoreOnce Catalyst over Fibre Channel
Prerequisites
Client HBAs, switches, Fibre Channel driver, and firmware versions are supported. See the HPE StoreOnce Support Matrix
https://www.hpe.com/Storage/StoreOnceSupportMatrix.
Media/database servers can communicate with the StoreOnce System over a Fibre Channel network.
Any network segregation, such as zoning, is set up to handle required connectivity between the StoreOnce System and servers.
About this task
For an overview, see StoreOnce Catalyst over Fibre Channel.
IMPORTANT: Running StoreOnce Catalyst over Fibre Channel requires Administrator privileges to access OS-specific
device files associated with StoreOnce Catalyst over Fibre Channel devices.
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
Editing StoreOnce Catalyst Fibre Channel settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
3. On the Fibre Channel panel, click the edit icon (
).
StoreOnce Catalyst Fibre Channel number of devices per login
The Number of Devices per Login determines the number of concurrent backup/restore and copy connections allowed from:
A single client Fibre Channel port to a single StoreOnce Fibre Channel port.
A source StoreOnce Fibre Channel port to a destination StoreOnce Fibre Channel port.
The Number of Devices per Login does not relate to how many total sessions can be established over a StoreOnce port. Each client port
to StoreOnce port relationship will present the Number of Devices per Login. The setting applies to all StoreOnce Catalyst supported
client operating systems and to StoreOnce Catalyst Copy over Fibre Channel.
The default number is 20. If you need multiple concurrent backup/copy streams, increase the Number of Devices per Login. The
maximum allowed is 256 devices per client Fibre Channel port login. After increasing, you must run a device file rescan on the client for
the change to be recognized. If you decrease the number, client operating systems will not delete StoreOnce Catalyst over Fibre
Channel device files after a rescan. Operating systems only clear outdated device files on a reboot.
Calculate the number of paths available from one particular client or source StoreOnce node to a destination StoreOnce System using
this formula:
number of a client's ports zoned to a StoreOnce System * number of StoreOnce System
ports zoned to that client * devices per initiator count
Table 1. Example relationships between Device per Login and Number of Connections
Per Client
StoreOnce System Devices per Initiator Port Number
of concurrent backup/restore/copy sessions
1
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
98
Per Client
1
StoreOnce System Devices per Initiator Port Number of concurrent backup/restore/copy sessions
1 port zoned to 4 ports
1
4
2 ports zoned to 4 ports
1
8
2 ports zoned to 2 ports
4
16
2 ports zoned to 4 ports
8
64
Per client Fibre Channel port to StoreOnce port relationship, and source StoreOnce port to destination StoreOnce port for
StoreOnce Catalyst copy.
Editing StoreOnce Catalyst Fibre Channel device login settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
3. On the Target Devices panel, click the target device, and then click the edit icon (
).
4. On the Edit Devices dialog, use the Number of Devices per Login selector to change the setting.
Editing StoreOnce Catalyst Fibre Channel target device settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
3. On the Target Devices panel, click the target device, and then click the edit icon (
).
StoreOnce Catalyst Fibre Channel settings and properties
TIP: Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon (
).
Setting
Description
Fibre Channel
Identifier
The Fibre Channel address of the StoreOnce System.
Identifier Alias
An alias for the Fibre Channel address to make it easier to identify the StoreOnce System in
the backup application. The alias must begin with the “COFC-” prefix and cannot contain any
special characters except a hyphen (-).
Target Devices
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
99
Setting
Description
Device Name
The name of the Catalyst over Fibre Channel port.
Status
The status of the port and its current speed.
FC Address
The Fibre Channel address of the Catalyst over Fibre Channel device. Or Down if not
connected.
World Wide Node Name
Generated automatically by the StoreOnce System and used for Fibre Channel zoning for
Fibre Channel target devices. Zone with the Copy Source Fibre Channel target World Wide
Name or the Fibre Channel client Fibre Channel port WWN for backup/restore.
Number of Devices per Login
The number of client Fibre Channel ports zoned with that StoreOnce Catalyst over Fibre
Channel port. The number is accurate as of the last reboot. If a client Fibre Channel port is
unzoned, the Fibre Channel logins are not removed.
More properties
World Wide Port Name
Generated automatically by the StoreOnce System and used for Fibre Channel zoning for
Fibre Channel target devices. Zone with the Copy Source Fibre Channel target World Wide
Name or the Fibre Channel client FC port WWN for backup/restore.
Number of Logins
The number of client Fibre Channel ports zoned with that StoreOnce Catalyst over Fibre
Channel port. The number is accurate as of the last reboot. If a client Fibre Channel port is
unzoned, the Fibre Channel logins are not removed.
Initiator Devices
Device Name
The name of the Catalyst over Fibre Channel port.
Status
The status of the port and its current speed.
FC Address
The Fibre Channel address of the Catalyst over Fibre Channel device. Or Down if not
connected.
World Wide Node Name
Generated automatically by the StoreOnce System and used for Fibre Channel zoning for
Fibre Channel target devices. Zone with the Copy Source Fibre Channel target World Wide
Name or the Fibre Channel client Fibre Channel port WWN for backup/restore.
Number of Devices per Login
The number of client Fibre Channel ports zoned with that StoreOnce Catalyst over Fibre
Channel port. The number is accurate as of the last reboot. If a client Fibre Channel port is
unzoned, the Fibre Channel logins are not removed.
StoreOnce Catalyst settings
Subtopics
Viewing StoreOnce Catalyst settings
Viewing StoreOnce Catalyst Fibre Channel device settings
Bandwidth limits (StoreOnce Catalyst)
Adding StoreOnce Catalyst clients to StoreOnce Systems
Configuring StoreOnce Catalyst proxy server settings
Editing StoreOnce Catalyst Fibre Channel settings
Editing StoreOnce Catalyst Fibre Channel target device settings
Pausing and resuming outbound copy sessions
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
100
Viewing StoreOnce Catalyst settings
About this task
The Catalyst Settings screen allows you to view and manage StoreOnce Catalyst settings.
Procedure
1. Do one of the following:
On the main menu, select Data Services. On the Data Services screen, expand the Actions menu and select Catalyst Settings.
On the main menu, select Settings. On the Settings screen, under Data Services, click the Catalyst Settings panel.
2. The Catalyst Settings screen includes tabs for Permissions, Bandwidth Limits, Fibre Channel, and Cloud Bank.
Viewing StoreOnce Catalyst Fibre Channel device settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
The Fibre Channel tab shows identifier information and a list of target devices and initiator devices.
3. To view details of a Fibre Channel target or initiator device, click its information icon (
).
Bandwidth limits (StoreOnce Catalyst)
Users with the Administrator role can establish and edit StoreOnce Catalyst bandwidth limits.
Bandwidth limits can be used to avoid saturating the WAN with low-bandwidth replication and to free up bandwidth for other processes
and applications. You can establish a general bandwidth limit, and limits for one or two windows for each day of the week. Each window
can have a different bandwidth limit.
To establish or edit a general bandwidth limit, see Editing Catalyst general bandwidth limits.
To establish or edit a bandwidth limits for specific day of the week and time windows, see Editing Catalyst bandwidth limiting
windows.
IMPORTANT:
Catalyst bandwidth limits apply to all outbound copy jobs a StoreOnce System. The limits cannot be applied to
individual outbound jobs.
When a bandwidth limiting window is enabled, it overrides the general bandwidth limit at the day and time the
window is active.
HPE recommends:
A minimum of 2Mb/s per concurrent copy job.
At least 512Kbps per concurrent job is required for reliable operation.
Subtopics
Viewing Catalyst bandwidth limits
Bandwidth limit properties (Catalyst)
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
101
Editing Catalyst general bandwidth limits
Editing Catalyst bandwidth limiting windows
Viewing Catalyst bandwidth limits
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Bandwidth Limits tab.
Bandwidth limit properties (Catalyst)
Catalyst Settings screen, Bandwidth Limits tab
Property
Description
Status
System Time
The current time on the StoreOnce System.
Current Bandwidth Limit
The current Catalyst copy bandwidth limit in Kb/s. No Limit indicates
that no bandwidth restrictions are currently active.
Source Jobs Bandwidth Limiting Windows
General Bandwidth Limit
Limit in Kb/s. No Limit indicates that the general bandwidth limit is
not enabled.
Restriction table
Day
Day of the week
First Restriction Limit
Catalyst copy bandwidth restriction in Kb/s. Dashes indicate that the
restriction is not enabled.
First Restriction Time
Catalyst copy restriction start and end time. Dashes indicate that the
restriction is not enabled.
Second Restriction Limit
Catalyst copy bandwidth restriction in Kb/s. Dashes indicate that the
restriction is not enabled.
Second Restriction Time
Catalyst copy restriction start and end time. Dashes indicate that the
restriction is not enabled.
Maximum Jobs
Maximum Concurrent Source Jobs
The maximum number of source jobs that can run concurrently.
Maximum Concurrent Target Jobs
The maximum number of target jobs that can run concurrently.
TIP: If you are running backups at the same time as
replication, the default value of the target jobs can be
reduced. Reducing the value helps avoid using too much
WAN bandwidth and overloading the target StoreOnce
System.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
102
Editing Catalyst general bandwidth limits
About this task
Only an administrator can add bandwidth limiting windows.
For more information, see Bandwidth limits (StoreOnce Catalyst).
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Bandwidth Limits tab.
3. On the Outbound Copy Sessions Bandwidth Limiting Windows panel, expand the Actions menu and select Edit General Bandwidth
Limit.
On the edit dialog, do one of the following:
Manually enter a bandwidth limit.
Use the built-in Bandwidth Limit Calculator to determine and apply a limit.
Editing Catalyst bandwidth limiting windows
About this task
You can use bandwidth limiting to avoid saturating the WAN with low-bandwidth replication and to free up bandwidth for other
processes and applications. The limits apply to all outbound copy jobs from a StoreOnce System.
For more information, see Bandwidth limits (StoreOnce Catalyst).
IMPORTANT: Restriction times are in system local time, not in UTC. If the time zone of the StoreOnce System is
changed after restrictions are added, you must change the restriction times accordingly.
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Bandwidth Limits tab.
3. On the Day/Restriction table, click a day of the week, and then expand the Actions menu and select Edit Bandwidth Limiting
Windows.
On the edit dialog, do one of the following:
Manually enter a bandwidth limit.
Use the built-in Bandwidth Limit Calculator to determine and apply a limit.
Adding StoreOnce Catalyst clients to StoreOnce Systems
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Permissions tab.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
103
3. Expand the Actions menu and select Add.
Configuring StoreOnce Catalyst proxy server settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Cloud Bank tab.
3. On the Proxy Server panel, click the edit icon (
).
4. Make the necessary changes and click OK.
Editing StoreOnce Catalyst Fibre Channel settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
3. On the Fibre Channel panel, click the edit icon (
).
Editing StoreOnce Catalyst Fibre Channel target device settings
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Fibre Channel tab.
3. On the Target Devices panel, click the target device, and then click the edit icon (
).
Pausing and resuming outbound copy sessions
About this task
You can pause and resume outbound copy sessions on a StoreOnce System.
WARNING: All outbound copy sessions on a StoreOnce System are paused. No further data is copied until outbound
copy sessions are resumed.
Procedure
1. Navigate to the Catalyst Settings screen.
If necessary, see Viewing StoreOnce Catalyst settings.
2. On the Catalyst Settings screen, click the Bandwidth Limits tab.
3. On the Outbound Copy Sessions Bandwidth Limiting Windows panel, expand the Actions menu and select Pause Copy Sessions or
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
104
Resume Copy Sessions, as appropriate.
VT library data services
VT Library licensing requirements
No licensing is required for VT Library emulations, unless using the Security features Data at Rest Encryption, Data in Flight
Encryption, and Secure Erase.
VT Library replication requires a license on the target site, but only if replication is used.
Replication encryption using IPsec is part of the Security license.
VT libraries and Fibre Channel settings
For information about Fibre Channel settings, see the following System settings topics:
Viewing Fibre Channel port settings and properties
Fibre Channel settings and properties
Editing Fibre Channel port settings
Subtopics
VT libraries and multiple Fibre Channel ports
VT libraries
VT library tape drives
VT library cartridges
VT replication
VT libraries and multiple Fibre Channel ports
When creating a VT library, you can select one or multiple Fibre Channel ports for the Library controller virtual robotics interface.
The Fibre Channel settings identify both the HBA card and the port number that will be used. For example, HBA-6.Port1 is Port 1 on the
Fibre Channel card in slot 6.
Tape drives within a VT library can only appear on one Fibre Channel port. If you select multiple ports for the library robotics controller,
the tape drives are automatically assigned. The assignments distribute the tape drives evenly across the Fibre Channel ports to ensure
best performance and failover.
After creating a VT library, you can change its tape drive assignments on the Interface Information tab, Edit Device dialog of the VT
library. See Editing VT libraries.
VT libraries
Subtopics
Viewing VT libraries
Viewing VT library details
VT library interface device properties
Requirements and best practices for creating VT libraries
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
105
Creating VT libraries
Editing VT libraries
Tips for editing VT libraries
Deleting VT libraries
VT library emulation types
VT Libraries screens and properties
Viewing VT libraries interface information
Viewing VT libraries
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, do one of the following:
To view all VT libraries, click the title VT Libraries above the graphic.
To view VT libraries that have a specific status, click the status on the graphic. For example, clicking the Warning status on the
graphic opens the VT Libraries screen and displays only libraries that have a Warning status.
3. The VT libraries screen shows the VT libraries on the StoreOnce System.
TIP:
In the list view, columns for the most often viewed properties are shown by default. To add or remove columns,
click the column selector icon (
).
To create a VT library, expand the Actions menu and select Create Library. (You must be logged in with an
administrator role). See Creating VT libraries.
4. On the VT Libraries screen, click the VT library.
The screen for an individual VT library includes tabs for Overview, Details, Interface Information, Cartridges, and Replication
Permissions.
Some of the properties and settings on the Interface Information, Cartridges, and Replication Permissions tabs can be edited.
(You must be logged in with an administrator role).
Viewing VT library details
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT Library.
4. On the VT Libraries screen for the library, click the Details tab.
VT library interface device properties
VT Library, Fibre Channel Device
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
106
The following properties can appear on the Edit Device dialog when a VT library uses a Fibre Channel interface.
Property
Description
Device Name
The name of the VT library interface device. There is an entry for the Medium Changer, and
for each of the configured tape drives.
Status
The status of the port, which may be OK, Down, Warning, Error, or Not Used. Warnings
occur if the port is not available or is down.
They also appear if the system is unable to obtain Speed information. Errors occur if there
is a fault or the system cannot obtain the link status.
Protocol
Fibre Channel or iSCSI.
Device Serial Number
This number is a unique serial number for the device. It is generated automatically by the
StoreOnce System and cannot be edited.
FC Address
The Fibre Channel addresses of the device. The address is shown for each FC Port for which
the device is configured. Or, shows "Down" if the port is not connected.
Number of Logins
Fibre Channel libraries show the number of logins for each device in the library. Libraries
split across multiple ports have multiple entries.
Port
Defines the Fibre Channel port to which each media changer or drive is connected.
World Wide Node Name
Provided when the device is created and is globally unique. You can change this setting, if
necessary, but not to any names used by libraries or drives on the local StoreOnce System.
World Wide Port Name
Generated automatically by the StoreOnce System and used for Fibre Channel zoning for
Fibre Channel devices. You can change this setting, if necessary, but not to any names used
by libraries or drives on the local StoreOnce System. Libraries split across multiple ports
have multiple entries.
VT Library, iSCSI Device
The following properties can appear on the VT Libraries Interface Information tab when a VT library uses an iSCSI interface.
Property
Description
Name
The name of the VT library interface device. There is an entry for the Medium Changer, and
for each of the configured tape drives.
Status
The device status (not the state of the connection): Offline, starting, stopping, online.
Protocol
iSCSI
Serial Number
The serial number is a unique identifier for the device. It is generated automatically by the
StoreOnce System and cannot be edited.
iSCSI Alias
The Alias is generated automatically by the StoreOnce System for iSCSI devices.
Requirements and best practices for creating VT libraries
Only users with the administrator role can create VT libraries.
To reduce Fibre Channel traffic, and complexity with backup application configurations, Hewlett Packard Enterprise recommends
the following:
Create only the VT libraries that you need.
When creating a VT library, configure only the number of tape cartridges that you are likely to need. Later, you can add
cartridge slots to expand the VT library. You can also remove empty cartridge slots without deleting the whole VT library.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
107
For more information, see Security features.
iSCSI multi-initiator mode is not supported, meaning that a library can only be presented to a single iSCSI Initiator system (a single
media server).
To enable Data at Rest or Data in Flight encryption for a VT library, you must do it when creating the library. To see the settings,
click the Security Settings edit icon ( ).
The encryption features require an HPE StoreOnce encryption license. If the license is not installed, Not Licensed is displayed.
After the VT library has been created, you can edit the library and enable Secure Erase.
Creating VT libraries
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, expand the Actions menu and select Create.
The Create Library dialog allows you to specify the following:
Library name
Interface Information (iSCSI port, Fibre Channel port, or no port)
Security Settings
Emulation Settings
Barcode Settings
Backup Application Details
Advanced Settings
Editing VT libraries
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, expand the Actions menu and select Edit.
The Edit dialog allows you to specify the following:
Interface Information (iSCSI port, Fibre Channel port, or no port)
Security Settings
Emulation Settings
Barcode Settings
Backup Application Details
Advanced Settings
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
108
Tips for editing VT libraries
Users with the administrator role can edit the following settings:
Interface Information
WARNING: Changing the Media Changer Port configuration does not automatically reassign tape drives that might
become incorrectly configured.
For example, if you change a Fibre Channel multiple port configuration to a single port, you must manually correct tape drives that
become connected to an incorrect port. (When the status shows ready and restarted.)
Security Settings : After a VT library is created, and the correct HPE StoreOnce license is applied, Secure Erase Mode can be enabled
and disabled. To enable, select the number of Overwrite Passes (1, 3, 5, or 7).
When enabled, Secure Erase securely erases confidential data that might have been unintentionally backed up.
Emulation Settings:
You cannot change the Library Emulation type to a type that has smaller maximum values. For example, you cannot change to
an emulation that has a smaller number of tape cartridges.
Changing the cartridge size (by changing the emulation type) only changes newly added cartridges. The change does not
change the size of cartridges that are already created.
Deleting tape cartridges. You cannot delete tape cartridges by editing the Emulation Settings.
TIP: To delete tape cartridges, see Deleting VT library cartridges.
Deleting cartridges by reducing the number of slots. This reduction only removes the highest numbered empty slots. Once the
delete operation reaches a slot number that contains a cartridge, it will not allow further reduction, even if previous slots are
empty.
Barcode Settings: Number of Reported Barcode Characters and Barcode Template.
Backup Application Details : Backup Application and Type.
Advanced Settings : Storage Quotas.
Deleting VT libraries
About this task
Only users with the administrator role can delete VT libraries.
WARNING: All data on the VT library will be deleted.
The deduplication store for the VT library will also be deleted.
If Secure Erase is enabled for this VT library, the data will be deleted securely.
It may take some time to delete all the files and free space on the StoreOnce System.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, expand the Actions menu and select Delete.
VT library emulation types
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
109
VT library emulation types
StoreOnce Systems emulate a range of physical tape devices.
D2DBS Generic
If supported by your backup application, D2DBS Generic is the preferred emulation type. D2DBS Generic does not emulate
physical library types and is clearly identifiable as a StoreOnce device. It is the most flexible emulation type available; however,
backup application support varies by software vendor.
If you have selected D2DBS Generic for the Library Emulation Type, you will be able to select Ultrium VT for the tape drive
emulation. Ultrium VT is a generic Ultrium device which is clearly identifiable as virtual. Back up application support for Ultrium
VT is common, but not as complete as the D2DBS library type, so it is not possible to use it with all backup software.
NOTE:
VERITAS prefers their customers use this emulation type with BackupExec and NetBackup.
EML E Series
An enterprise tape library solution that allows you to configure tape drives per node and cartridges per library.
ESL E Series
An enterprise tape library solution that allows you to configure tape drives per node and cartridges per library.
IBM-TS3500
A tape library device that appears as a native IBM TS3500 device in a TSM environment to allow use of standard IBM drivers.
The emulation type is configured at the library level. Therefore, all tape drives on a library configured with the IBM-TS3500
emulation type will use the IBM-LTO3 tape drive emulation type. When the library is then changed to a different emulation type,
the tape drives will change to the new emulation type.
MSL G3 Series (2x24)
A tape library device with a maximum of two embedded Ultrium tape drives and 24 cartridge slots. Used when implementing
rotation schemes which involve simultaneous backup jobs to two devices. This emulation type is widely supported by backup
applications.
MSL G3 Series (4x48)
A tape library device with a maximum of four embedded Ultrium tape drives and 48 cartridge slots. Used when implementing
rotation schemes which involve simultaneous backup jobs to more than two devices or jobs that use many cartridges devices.
This emulation type is widely supported by backup applications.
MSL G3 Series (8x96)
A tape library device with a maximum of eight embedded Ultrium tape drives and 96 cartridge slots.
Flexible emulation
The ESL, EML, and D2DBS emulations are flexible because they allow you to configure many tape drives per library. The main benefits
are that many tape drives allows:
More concurrent streams on backups which are throttled due to host application throughput, such as multiple streamed backups
from a database.
A single library (and therefore deduplication store) to contain similar data from backups that must run in parallel to increase
deduplication ratio.
If using these flexible emulation types, consider the following factors:
An important consideration when configuring VT library devices is that the library and each tape drive that you configure for it
counts as a separate device. There are practical limitations on the number of devices that each host and Fibre Channel switch or
HBA can access.
The total device value also applies to NAS shares and StoreOnce Catalyst stores. If you configure the full value as VT library
devices, you will not be able to configure any NAS shares or StoreOnce Catalyst stores for that StoreOnce System.
VT Libraries screens and properties
VT Libraries screen (all libraries)
TIP: In the list view, columns for the most often viewed properties are shown by default. To add or remove columns,
click the column selector icon (
).
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
110
Property
Description
Name
The name of the VT library. Hewlett Packard Enterprise recommends using a name that
identifies the host or backup job with which it is associated. The name can include the
following characters: 0-9 a-z A-Z _ . + [ ] ^ | ? * ( ) # : ; = @ { }. The name cannot include
spaces.
Status
The device status. Offline, starting, stopping, online. (This status is not the status of the
connection.)
User Data Stored
The amount of user data stored on the VT library.
Size on Disk
The actual size used on disk after deduplication.
Dedupe Ratio
The deduplication ratio achieved on the data on the VT library.
Replication Role
The role of the VT library. Non-replicating, Replication Source, or Replication Target.
More properties
Number of Cartridges
The number of cartridge slots in the VT library. The number of slots available depends upon
the type of VT library emulation. Each slot is automatically populated with a new cartridge
upon creation. The cartridge capacity corresponds to the type of tape drive emulation.
Protocol
The port type. Fibre Channel or iSCSI.
Physical Storage Quota
This quota is for the amount of data written to disk after deduplication. The minimum quota
size is 50 GB. If the quota is enabled and the quota limit is reached, backups will fail to
prevent the quota from being exceeded. The quota allows you to partition the physical
capacity of the StoreOnce System between various users.
When a library reaches its quota, the status of the library changes to Critical . Restores
from that library are permitted but new backups will fail. When the quota is no longer met,
either by increasing the quota or by expiring backups, the library status returns to the OK
state.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends
configuring backup applications with quotas to reroute to another device or to
postpone backups to prevent backups from failing unexpectedly.
Logical Storage Quota
This quota is for the amount of data a user sends to the device before deduplication. The
minimum quota size is 50 GB. If the quota is enabled and the quota limit is reached, backups
will fail to prevent the quota from being exceeded. This approach allows you to provide a
service to back up a particular amount of user data. For example, set this quota when you
charge customers per TB of user data protected.
When a library reaches its quota, the status of the library changes to “Critical.” Restores
from that library are permitted but new backups will fail. When the quota is no longer met,
either by increasing the quota or by expiring backups, the library status returns to the OK
state.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends
configuring backup applications with quotas to reroute to another device or to
postpone backups to prevent backups from failing unexpectedly.
Encryption
This feature requires a StoreOnce Security Pack license before encryption can be enabled.
Encryption cannot be enabled or disabled once a library is created. It can only be enabled at
library creation. If enabled, encryption is performed before writing data to disk for this
library.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
111
Property
Description
Secure Erase Mode
This feature requires a StoreOnce Security pack license before it can be enabled. To enable,
select the number of preferred Overwrite Passes for deleted data (1, 3, 5, or 7 — The default
selection of “None” disables secure erase).
You cannot select Secure Erase while creating a library. However, after the library is created,
you can activate this feature. (Requires a Security pack license.)
See Security features.
VT Libraries (individual library), Overview tab
Property
Description
Dedupe Ratio
The deduplication ratio achieved on the data on the VT library.
User Data Stored The amount of user data stored on the VT library.
Size on Disk
The actual size used on disk after deduplication.
VT Libraries screen (individual library), Details tab
Property
Description
Library Name
The name of the VT library. Hewlett Packard Enterprise recommends using a name that identifies
the host or backup job with which it is associated.
Replication Role
The role of the VT library. Non-replicating, Replication Source, or Replication Target.
Creation Time
The date and time the VT library was created.
Media Changer Protocol
The port type. Fibre Channel or iSCSI.
Storage Quotas
Physical Storage Quota
This quota is for the amount of data written to disk after deduplication. The minimum quota size is
50 GB. If the quota is enabled and the quota limit is reached, backups will fail to prevent the quota
from being exceeded. The quota allows you to partition the physical capacity of the StoreOnce
System between various users.
When a library reaches its quota, the status of the library changes to Critical . Restores from
that library are permitted but new backups will fail. When the quota is no longer met, either by
increasing the quota or by expiring backups, the library status returns to the OK state.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends configuring
backup applications with quotas to reroute to another device or to postpone backups to
prevent backups from failing unexpectedly.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
112
Property
Description
Logical Storage Quota
This quota is for the amount of data a user sends to the device before deduplication. The minimum
quota size is 50 GB. If the quota is enabled and the quota limit is reached, backups will fail to
prevent the quota from being exceeded. This approach allows you to provide a service to back up a
particular amount of user data. For example, set this quota when you charge customers per TB of
user data protected.
When a library reaches its quota, the status of the library changes to “Critical”. Restores from that
library are permitted but new backups will fail. When the quota is no longer met, either by
increasing the quota or by expiring backups, the library status returns to the OK state.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends configuring
backup applications with quotas to reroute to another device or to postpone backups to
prevent backups from failing unexpectedly.
Security
Library Encryption
This feature requires a StoreOnce Security Pack license before encryption can be enabled.
Encryption cannot be enabled or disabled once a library is created. It can only be enabled at library
creation. If enabled, encryption is performed before writing data to disk for this library.
Secure Erase Mode
This feature requires a StoreOnce Security pack license before it can be enabled. To enable, select
the number of preferred Overwrite Passes for deleted data (1, 3, 5, or 7 — The default selection of
“None” disables secure erase).
You cannot select Secure Erase while creating a library. However, after the library is created, you
can activate this feature. (Requires a Security pack license.)
See Security features.
Emulation
Library Emulation
The type of emulation for the VT library.
The library emulation type determines the available embedded tape drives and cartridge slots. For
example, if you select MSL G3 Series (2x24), the device emulates an MSL2024 Library with two
embedded tape drives and a possible total of 24 cartridge slots.
StoreOnce Systems support a number of emulation types. See VT library emulation types.
Consult your backup application technical support information for information about device types
they support.
Drive Emulation
The drive emulation type (LTO–2, 3, 4, 5, 6 or 7) determines the default capacity of the newly
created cartridges within the VT library device and the inquiry string information provided to the
backup application.
Tape cartridge capacities can be changed individually at any time, but the capacities cannot be
reduced to smaller than the current used size.
If you selected D2DBS Generic for the Library Emulation, Ultrium VT is an option for drive
emulation. This emulation is a generic Ultrium device which is clearly identifiable as virtual. Where
supported by the backup application, Hewlett Packard Enterprise recommends that D2DBS Generic
and Ultrium VT are used in preference to the other emulation types.
All drives on a VT library configured with the IBM-TS3500 emulation type use the IBM-LTO3 drive
emulation type. If the library is changed to a different emulation type, the drives changes to the
default drive emulation type of LTO4.
If you edit this property, the new setting applies only to the next drives that are created within the
library. It is not retrospectively applied to existing drives.
Number of Slots
The number of cartridge slots in the VT library. The number of slots available depends upon the
type of VT library emulation. Each slot is automatically populated with a new cartridge upon
creation. The cartridge capacity corresponds to the type of tape drive emulation.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
113
Property
Description
Number of Drives
The default number of drives is determined by the type of emulation selected. The number of drives
can only be set during VT library creation. After VT library creation, you can add and remove
drives.
IMPORTANT: If increasing the number of drives, do not exceed the maximum number of
libraries and drives that a host can physically access.
Default Cartridge Size
The default size of tape cartridges in the VT library. This property can only be set when creating a
VT library.
Barcode
Barcode Template
A barcode is an 8– or 6–character, alpha-numeric, unique identifier for a cartridge within the
StoreOnce System. Backup applications normally track cartridges using barcodes, but may also alias
a cartridge with another name in its database. (IBM emulations only support 8–character barcodes.)
By default, barcodes are generated automatically. They may be determined by a barcode template
that is created when a VT library is created. If using barcode templates, the barcode template:
Must be unique. Must not start with the letters “CLN” or “DG” because these combinations are
reserved designations for cleaning and diagnostic cartridges.
Can have a prefix of up to three alpha-numeric characters, a start value, and a suffix of up to
two alpha-numeric characters.
Any unspecified prefix or suffix characters increases the length of the variable field of the
barcode.
Should be a minimum of 6 characters. Valid ASCII characters are A-Z, a-z, 0–9.
Barcodes are always displayed as eight characters with letters in capitals, regardless of the size
selected. However, if the number of barcode characters is set to 6, only the rightmost six
characters are visible to the backup software. For example, barcode 1ABCDEFG truncates to
BCDEFG. (Truncated barcode characters are shown in brackets.
You can modify the barcode template after a VT library is created.
Number of Barcode Characters
Barcodes for the library can display six or eight characters.
The StoreOnce System generates barcodes automatically for cartridges. When entering a barcode
manually, eight characters are required.
If the 6–character barcode is selected, the StoreOnce System truncates to six characters, removing
two characters of an 8–character barcode. For example, barcode 1ABCDEFG truncates to BCDEFG.
The barcode is displayed with the truncated characters in brackets on the Cartridges tab
(1A)BCDEFG.
Prefix
Barcode prefix. One to three alpha-numeric characters.
Start Value
Starting value for the next barcode.
Suffix
Barcode suffix. One to two alpha-numeric characters.
Next Barcode
Create the barcode with the next sequential value.
Backup Application Details
Backup Application
The name and information about the backup application that is used to back up to the VT library.
The information is optional, but is recommended as an aid to Hewlett Packard Enterprise support
troubleshooting. The information has no impact on performance or deduplication efficiency.
Data Type
The type of data being protected by the backups to this VT library. The information is optional, but
is recommended as an aid to Hewlett Packard Enterprise support troubleshooting. The information
and has no impact on performance or deduplication efficiency.
VT Libraries screen (individual library), Interface Information tab
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
114
TIP: Columns for the most often viewed properties are shown by default. To remove columns, click the column selector
icon (
).
Property
Description
Name
The name of the VT library interface device. There is an entry for the Medium Changer, and for each of
the configured tape drives.
Status
The device status. Offline, starting, stopping, online. (This status is not the status of the connection.)
Protocol
Fibre Channel or iSCSI.
Serial Number
This number is a unique serial number for the device. It is generated automatically by the StoreOnce
System and cannot be edited.
iSCSI Alias
The alias is generated automatically by the StoreOnce System for iSCSI devices.
VT Libraries screen (individual library), Cartridges tab
TIP: Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon (
).
Property
Description
Location
Cartridge slot number, tape drive number, mail slot number
Barcode
The alpha-numeric unique identifier for a cartridge within the StoreOnce System.
Mapped Slot
Indicates whether the slot is included in a replication mapping.
Used Size
The used capacity.
Cartridge Size
The default size of tape cartridges in the VT library. This property can only be set when creating a
VT library.
More properties
Write Protected
Whether write protection is enabled for disabled for a cartridge slot.
Last Written
Date and time data was last written to the tape drive or mail slot.
VT Libraries screen (individual library), Replication Permissions tab
Property
Description
Replication Serial Number
(and access)
The replication serial number that is automatically generated by the StoreOnce System. This replication
serial number is used for all replication jobs. The replication serial number does not change.
The replication serial number for a StoreOnce System is different than its serial number.
When Public Access is allowed, any StoreOnce System can participate in replication of the VT library.
Viewing VT libraries interface information
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
115
3. On the VT Libraries screen, click the VT Library.
4. On the VT Libraries screen for the library, click the Interface Information tab.
VT library tape drives
Subtopics
Changing the number of VT library tape drives
Changing the number of VT library tape drives
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the library.
4. On the screen for the VT library, expand the Actions menu and select Edit.
5. On the Edit dialog, click the Emulation Settings panel.
6. On the Emulation Settings dialog, you can increase or decrease the number of tape drives.
VT library cartridges
Subtopics
Viewing VT libraries cartridge information
VT library cartridge properties
Viewing VT libraries slot mappings detail
Changing the number of VT library cartridge slots
Creating VT library cartridges
Editing VT library barcodes
Tips for editing VT library barcodes
Deleting VT library cartridges
Editing VT library cartridges
Erasing VT library cartridges
Moving VT library cartridges
Unloading VT library cartridges
Viewing VT libraries cartridge information
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
116
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT Library.
4. On the VT Libraries screen for the library, click the Cartridges tab.
VT library cartridge properties
VT Libraries screen (individual), Cartridges tab
TIP: Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon (
).
Property
Description
Location
The location information is based on your selection of Type on the Cartridges tab.
Slots: Location shows the cartridge slot number.
Drives: Location shows the tape drive number.
Mail slot: Location shows the mail slot number. A mail slot is a dedicated slot. It holds a
cartridge that is ready for exporting to or importing from physical tape. Mail slots are not used
with StoreOnce Systems.
TIP:
When all columns for a slot show dashes, it indicates that the slot does not contain a
cartridge.
To create a cartridge for an empty slot, see Creating VT library cartridges.
Barcode
The alpha-numeric unique identifier for a cartridge within the StoreOnce System. For details, see
Barcode properties section of the VT Libraries screens and properties topic.
Mapped Slot
Indicates whether the slot is included in a replication mapping.
Used Size
The used capacity.
Cartridge Size
The default size of tape cartridges in the VT library. This property can only be set when creating a
VT library.
More properties
Write Protected
Whether write protection is enabled for disabled for a cartridge slot.
Last Written
Date and time data was last written to the tape drive or mail slot.
Viewing VT libraries slot mappings detail
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Replication above the graphic.
3. On the VT Replication screen, click the mapping.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
117
4. On the VT Replication screen for the mapping, select the Slot Mapping tab.
A list of source and target slot mappings is shown.
5. To view the details for a slot mapping, click its information icon (
).
Changing the number of VT library cartridge slots
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the library.
4. On the screen for the VT library, expand the Actions menu and select Edit.
5. On the Edit dialog, click the Emulation Settings panel.
6. On the Emulation Settings dialog, you can increase or decrease the number of cartridge slots.
Creating VT library cartridges
Prerequisites
To create cartridges in a VT library, the VT library must have at least one empty slot or mail slot.
About this task
Only users with the administrator role can create cartridges.
TIP: The Create Cartridges action creates cartridges in all empty slots in a VT library.
IMPORTANT:
If you create a cartridge in an empty slot, ensure that the backup application inventories it (adds it to its database
or catalog). Otherwise, the backup application cannot access the new cartridge.
If you create a cartridge in an empty mail slot, use the backup application to move the blank new cartridge to an
empty cartridge slot without requiring an inventory. This approach saves processing time.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Cartridges tab, and then select Slots or Mail Slot for the Type.
A list of slots or mail slots is displayed.
5. On the Type panel, expand the Actions menu and select Create Cartridges.
6. On the Create Cartridges dialog, select the cartridge size, and click Create.
7. After the action completes, restart the backup application services to ensure that the application sees the new cartridges.
Editing VT library barcodes
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
118
About this task
You can change the number or reported bar code characters for a VT library. You can also change the barcode template for a VT
library.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the library.
4. On the screen for the library, expand the Actions menu and select Edit.
5. On the Edit dialog, Barcode Settings panel, click the edit icon (
).
Tips for editing VT library barcodes
The barcodes for multiple cartridges within a VT library can be changed according to a user-defined template. The template can contain
a prefix, suffix, or both.
General
All characters in a barcode must be alpha-numeric (A-Z, 0–9). All alphabetic characters are capitalized upon application (regardless
of how they are entered).
A barcode template results in restricted barcode prefixes of CLN or DG being created.
A barcode template cannot be applied to a range of slots with one or more empty slots.
Barcode format
Prefix: Defines the first letter or numerical value for the barcodes. Accepts up the three characters.
Start Value: Defines the numerical value of the first barcode value.
Suffix: Defines the suffix letter or numerical value for the barcodes. Accepts up to two characters.
IMPORTANT:
The values you choose for prefix, suffix, and starting value limit how many barcodes can be generated.
For example, if you enter a two-character prefix and two-character suffix, you are limited to three alpha-numeric
characters for the variable portion. If the starting value for the variable portion is 000, the choice would limit the
amount of barcodes to 46656.
If six-character barcodes are selected, the leading characters of the barcode will not be reported to the backup
application. These characters might be part of the barcode prefix specified.
Deleting VT library cartridges
About this task
WARNING: Deleting a cartridge permanently deletes all data on the cartridge.
HPE recommends using the data protection software to erase cartridges prior to deleting the cartridge. This approach
ensures that the application catalog is updated.
Only users with the administrator role can delete cartridges from a VT library.
You can delete cartridges by specifying a slot or mail slot.
You cannot delete cartridges that are currently in drives that are mapped for replication. Or that are in the delete pending, erase
pending, or creating state.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
119
TIP: You can also delete cartridges by using the Edit Library, Emulation Settings dialog, and reducing the number of
slots.
However, that approach only removes the highest slots with no or blank cartridges. Once the delete operation reaches a
slot that contains a cartridge with data, it will not reduce the number further. Even if lower numbered slots are blank.
First, use the Cartridges tab, Erase Cartridges dialog to reconfigure the slots to a blank state.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Cartridges tab, and then select Slots or Mail Slot for the Type.
A list of slots or mail slots is displayed.
5. Click the slot or mail slot, and then expand the Actions menu on the Type panel and select Delete.
Editing VT library cartridges
About this task
You can edit cartridges by specifying a slot or mail slot. The properties that can be changed include the cartridge barcode, maximum
size, and write protection.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Cartridges tab, and then select Slots or Mail Slot for the Type.
A list of slots or mail slots is displayed.
5. Click the slot or mail slot, and then expand the Actions menu on the Type panel and select Edit.
Erasing VT library cartridges
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Cartridges tab, and then select Slots or Mail Slot for the Type.
A list of slots or mail slots is displayed.
5. Click the slot or mail slot, and then expand the Actions menu and select Erase.
Moving VT library cartridges
Prerequisites
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
120
To move cartridges, the VT library must have at least one empty slot or tape drive.
About this task
Moving cartridges is useful to realign the VT library configuration with the backup application. For example, if the library and backup
application become out of sync. Or if the backup application does not support a Move Medium command.
You can move a cartridge to an empty slot or empty mail slot.
You cannot move cartridges that are in the delete pending, erase pending, or create state.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Cartridges tab, and then select Slots or Mail Slot for the Type.
A list of slots or mail slots is displayed.
5. Click the slot or mail slot, and then expand the Actions menu and select Move.
Unloading VT library cartridges
About this task
Unloading cartridges is useful to realign the VT library configuration with the backup application. For example, if the library and backup
application become out of sync.
You can unload all loaded cartridges from the tape drives in a VT library.
You cannot unload cartridges that are in the delete pending, erase pending, or create state.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Cartridges tab.
5. On the Type panel, expand the Actions menu and select Unload All.
VT replication
Subtopics
VT libraries replication overview
Viewing VT replication mappings
Viewing VT replication slot mappings
Adding replication permissions for target VT libraries
Creating replication mappings for source VT libraries
Editing replication mappings for source VT libraries
Editing replication permissions for target VT libraries
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
121
Editing replication public access for target VT libraries
Editing replication slot mappings for source VT libraries
Deleting replication mappings for source VT libraries
Making replication target VT libraries visible to hosts
VT replication screens and properties
VT libraries replication overview
Prerequisites
This overview assumes that the source and target VT libraries exist. If you have not created the source and target VT libraries, see
Creating VT Libraries.
About this task
TIP: Multiple source StoreOnce Systems can replicate VT libraries to a single target StoreOnce System. This approach,
known as fan-in, provides consolidation benefits.
Only users with the Administrator role can create and manage VT library replication mappings.
You can only map and replicate VT libraries of the same version.
Procedure
Create partner systems relationship
1. On the source StoreOnce System, create a partner system relationship between the source and target systems. Lean more: Adding
replication target systems.
TIP: After a partner system relationship between systems has been created, you do not need to perform this step
again.
Establish system-level replication permission
2. On the target StoreOnce system, establish replication permission between the source system and the target system. Learn more:
Adding replication permissions to target systems .
TIP: After system-level replication permission has been established between systems, you do not need to perform
this step again.
Establish VT library replication permission
3. On the target StoreOnce system, select the target VT library and establish replication permission for the library. Learn more:
Adding VT library replication permissions to target systems .
4. On the target StoreOnce system, turn on (allow) replication to the target VT library. Learn more: Editing VT library replication
permissions to target systems.
Create VT Library replication mapping
5. On the source system, select the source VT library and create replication mapping for the library. Learn more: Creating VT
replication mappings.
Viewing VT replication mappings
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, do one of the following:
To view all VT replication mappings, click the title VT Replication above the graphic.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
122
To view VT replication mappings that have a specific status, click the status on the graphic. For example, clicking the Warning
status on the graphic opens the VT Replication screen and displays only VT replication mappings that have a Warning status.
3. On the VT Replication screen, click the VT replication mapping.
The screen for an individual VT replication mapping includes tabs for Overview, Details, and Slots Mapping.
Viewing VT replication slot mappings
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title VT Replication above the graphic.
3. On the VT Replication screen, click the replication mapping.
4. On the screen for the VT replication mapping, click the Slots Mapping tab.
A list of slots is shown. To view more detail, click the information icon (
) for the slot mapping.
Adding replication permissions for target VT libraries
Prerequisites
The system level replication permission for the source StoreOnce system must have been previously added to the target StoreOnce
system. Learn more: VT libraries replication overview.
You know the replication serial number of the source StoreOnce system. Learn more: Locating replication serial numbers.
Procedure
1. On the main menu of the target StoreOnce system, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
4. On the screen for the VT library, click the Replication Permissions tab.
A list shows the source system replication permissions for the target VT library.
5. To add a source system to the list, expand the Actions menu and select Add.
6. On the Add dialog, paste in the replication serial number of the source StoreOnce System.
When the action is complete, the replication serial number of the source StoreOnce System is added to the list.
Creating replication mappings for source VT libraries
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title VT Replication above the graphic.
3. On the VT Replication screen, expand the Actions menu and select Create.
The Create dialog enables you to specify the following:
Source Library
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
123
Target System
Target Library
Mapped Slots
Target Library Data Recovery Option
Editing replication mappings for source VT libraries
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title VT Replication above the graphic.
3. On the VT Replication screen, click the VT library replication mapping.
4. On the screen for the VT library replication mapping, expand the Actions menu and select Edit.
Editing replication permissions for target VT libraries
Prerequisites
In this procedure, you must know the replication serial number of the source StoreOnce system. Learn more: Locating replication
serial numbers.
About this task
Editing the replication access permission enables you to allow or disallow replication access to a target VT library.
Procedure
1. On the main menu of the target StoreOnce system, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the target VT library.
4. On the screen for the target VT library, click the Replication Permissions tab.
A list shows the system replication serial numbers for the target VT library.
5. In the replication permissions list, click the replication serial number of the source StoreOnce System. Then, expand the Actions
menu and select Allow Replication.
On the Edit Replication Access dialog, you can allow or disallow replication to the target VT library.
Editing replication public access for target VT libraries
About this task
You can allow or disallow public access for replicating to a target VT library. When public access is allowed, any StoreOnce System can
participate in replication to the target VT library.
Procedure
1. On the main menu of the target StoreOnce, select Data Services.
2. On the Data Services screen, click the title VT Libraries above the graphic.
3. On the VT Libraries screen, click the VT library.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
124
4. On the screen for the VT library, click the Replication Permission tab.
5. Click the Public Access item, and then expand the Actions menu and select Allow Replication.
6. On the Edit Replication Access dialog, you can allow or disallow public access replication to the target VT library.
Editing replication slot mappings for source VT libraries
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title VT Replication above the graphic.
3. On the VT Replication screen, click the replication mapping.
4. On the screen for the replication mapping, expand the Actions menu and select Edit.
5. On the Edit dialog, Mapped Slots panel, click the edit icon (
).
Deleting replication mappings for source VT libraries
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title VT Replication above the graphic.
3. On the VT Replication screen, click the VT replication mapping.
4. On the screen for the VT replication mapping, expand the Actions menu and select Delete.
Making replication target VT libraries visible to hosts
About this task
For an overview of VT libraries replication, see VT libraries replication overview.
Replication target VT libraries with Media Changer Port type "No Port" are not visible to hosts. You can make them visible by changing
the Media Changer Port to iSCSI or Fibre Channel. Making a target VT library visible allows a backup application to:
Move cartridges from storage slots to drives in the VT library.
Perform read and verify operations on cartridges (but not write).
Perform load and unload operations on tape devices.
Why make target VT libraries visible?
It can be useful to make a target VT library visible to:
Confirm that replication is working correctly.
Check the integrity of the replicated backup by doing a test restore.
Use a backup application to perform manual tape copy jobs (sometimes called tape offload) to any tape device on the network.
WARNING: If a backup application can see both the source and target VT libraries, the application cannot distinguish
between them. The reason is that the barcodes in the source and target VT libraries are duplicated in the two locations.
IMPORTANT: You cannot change data on a target VT library cartridge. You can only load it temporarily to a physical
tape device to read it.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
125
Best practices
WARNING: Failure to follow best practices can cause instability or damage your backup system and data. Cartridges
can be marked as unusable or the backup application can attempt to write to target cartridges.
Procedure
1. Verify that no replication jobs to the selected target cartridge are in progress.
2. Verify that no backup jobs to the mapped source cartridges are scheduled.
3. Verify that the backup application media server is not in the same cell or domain as the source cartridge.
4. Import the data on the target cartridge into the backup application. This operation must be repeated after each replication
operation to the cartridge.
5. Perform the desired operation on the cartridge, which may be:
a. Verify the cartridge using the backup application, either with a verify command or by performing a restore.
b. Copy the cartridge to a physical tape device connected to the media server.
Results
Making a target device visible
Create the replication mapping as normal. See VT libraries replication overview.
From the host that has access to the target VT library, edit the target VT library. See Editing VT libraries.
Click the Interface Information panel.
On the Interface Information dialog, select the appropriate Fibre Channel or iSCSI configuration for the Media Changer Port. Click
OK and then click Update.
Make the target VT library visible from other hosts. Configure the Fibre Channel fabric to make the host visible. Target visibility
persists even if the power fails or if the replication mapping is removed.
To remove visibility to the target VT library, reset the Media Changer Port to None.
VT replication screens and properties
VT Replication screen (all mapping)
TIP: In the list view, columns for the most often viewed properties are shown by default. To add or remove columns,
click the column selector icon (
).
Property
Description
Status
Replication status. Synchronised, Synchronising, or Pending Synchronisation.
Source Name
Name of the source StoreOnce System.
Source Device
The name of the source VT library.
Target Name
Name of the target StoreOnce System.
Target Device
The name of the target VT library.
More properties
Mapping Type
Replication Source or Replication Target
Name
Name that the StoreOnce System assigned to the replication mapping.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
126
Property
Description
Hours Out of Sync
Number of hours that the replication mapping has been out of sync.
Recovery Active
Indicates whether data recovery is active.
Slots In Sync
The number of mapped VT library slots that are in sync.
Slots Out Of Sync
The number of mapped VT library slots that are out of sync.
VT Replication screen (individual mapping), Overview tab
Property
Description
Status bar
Replication status. Synchronised, Synchronising, or Pending Synchronisation.
Replication Source graphic
Source Name
Name of the source StoreOnce System.
Source Device Name
The name of the source VT library.
Replication Summary graphic
Number of Slots in Sync
The number of mapped VT library slots.
Number of mapped Slots
The number of mapped VT library slots that are in sync.
Replication Direction Arrow
The direction of replication. An arrow pointing from target to source indicates data
recovery.
Average Throughput
Average throughput of the replication mapping in b/s.
Bandwidth Used
Bandwidth used for the replication mapping in Kb/s.
Replication Target graphic
Target Name
Name of the target StoreOnce System.
Target Device Name
The name of the target VT library.
VT Replication screen (individual mapping), Details tab
Property
Description
Recovery Active
Indicates whether data recovery is active. (The replication direction is from target to
source.)
Average Throughput
Average throughput of the replication mapping in b/s.
Bandwidth Used
Bandwidth used for the replication mapping in Kb/s.
Percentage Bandwidth Saved
The percentage of bandwidth saved during the replication job. The saving depends
upon whether the device has been configured for source-side deduplication with a
low-bandwidth transfer policy. Or with target-side deduplication with a highbandwidth transfer policy.
Mapped Slots
Number of mapped slots.
Mapping Type
Replication source or target.
Out Of Sync Entries
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
127
Property
Description
Number of Hours Out of Sync
Number of hours that the replication mapping has been out of sync.
Number of Slots Out Of Sync
Total number of mapped slots in the replication mapping that are out of sync.
Number of Slots Out Of Sync (Warning)
Number of mapped slots in the replication mapping that are out of sync, with a
status of Warning.
Number of Slots Out Of Sync (Critical)
Number of mapped slots in the replication mapping that are out of sync, with a
status of Critical.
Source and Target Details
Library Name
The name of the VT library.
Replication Address
IP address of the StoreOnce System.
Replication Serial Number
Replication serial number of the StoreOnce System.
Total Slots
Total cartridge slots in the VT library.
User Data Stored
The amount of user data stored on the VT library.
Size on Disk
The actual size used on disk after deduplication.
VT Replication screen (individual mapping), Slots Mapping tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
To display all slot mapping properties in a Details flyout, click the information icon (
) for the slot mapping.
Property
Description
Source Slot
Cartridge slot number in the source VT library.
Target Slot
Cartridge slot number in the target VT library.
Barcode
Bar code of the cartridge. The barcode is the same on the source and target.
Status
Status of the replication job.
User Data Stored
The amount of user data stored on the VT library.
More Properties
Cartridge Size
The size of tape cartridges in the VT library.
Marked for Recovery
Indicates whether the data recovery option for the VT library is enabled.
Job Size
The amount of data in the replication job.
Duration
The length of time for the replication job to complete.
Time Start Sync
The date and time when synchronisation was started.
Last Sync Time
The date and time when the last synchronisation was completed.
Time Out of Sync
The amount of time that the replication mapping was out of sync.
Progress
The percentage of progress for the replication job.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
128
Property
Description
Throughput
The replication job throughput in b/s.
Bandwidth Utilization
The replication job bandwidth in Kb/s.
Bandwidth Savings
The percentage of bandwidth savings for the replication mapping.
NAS data services
IMPORTANT:
The StoreOnce network share is intended to be used only by backup applications that “back up to disk”. Do not use the
NAS target device as a drag-and-drop general file store, unless seeding a StoreOnce System for replication.
NAS licensing requirements
No licensing is required for StoreOnce NAS emulations unless using Encryption of Data at Rest.
If StoreOnce NAS replication is used, a license on the target StoreOnce System is required. Self-replication does not require a
license.
Protocol Support
NFS version 3 is supported over IPv4 and IPv6.
NFS version 4 is not supported.
SMB versions 2 and 3 supported over IPv4 only.
SMB version 1 is not supported due to security vulnerabilities.
Subtopics
NAS shares
NAS replication
NAS settings
NAS shares
Subtopics
Viewing NAS shares
Viewing NAS shares detail
Creating NAS shares
Editing NAS shares
Tips for editing NAS shares
Deleting NAS shares
NAS CIFS shares
NFS shares
Replicating NAS shares
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
129
NAS shares screens and properties
Viewing NAS shares
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, do one of the following:
To view all NAS shares, click the title NAS Shares above the graphic.
To view shares that have a specific status, click the status on the graphic. For example, clicking the Warning status on the
graphic opens the NAS Shares screen and displays only shares that have a Warning status.
3. On the NAS Shares screen, click the NAS share.
The screen for an individual NAS share includes tabs for Overview, Details, Network Paths, Permissions, and Replication
Permissions.
Viewing NAS shares detail
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS above the graphic.
3. On the NAS Shares screen, click the NAS share.
4. On the NAS Shares screen for the share, click the Details tab.
Creating NAS shares
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS above the graphic.
3. On the NAS Shares screen, expand the Actions menu and select Create.
The Create dialog allows you to specify the following:
NAS Share Name
Access Protocol (CIFS or NFS)
Security Settings
Backup Application Details
Advanced Settings
Editing NAS shares
Procedure
1. On the main menu, select Data Services.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
130
2. On the Data Services screen, click the title NAS above the graphic.
3. On the NAS Shares screen, click the share.
4. On the screen for the share, expand the Actions menu and select Edit.
The Edit dialog allows you to specify the following:
Security Settings
Backup Application Details
Advanced Settings
Tips for editing NAS shares
Users with the administrator role can edit the following:
Security Settings : Secure Erase Mode. You can enable Secure Erase and select the number of Overwrite Passes. This property
does not appear until after the NAS share is created.
Backup Application Details : Backup Application and Type
Advanced Settings : Description, Write Protection, and Storage Quotas. Write protection prevents access initially, or protects
data after it has been backed up.
Data at Rest Encryption cannot be edited. This feature is only enabled or disabled at the time of NAS share creation.
You cannot change the NAS share name after it is created.
If a NAS share is converted from Read/Write to Read Only, any open items will be forced closed, which may result in inconsistencies
if they are being written to by a backup application. The user will be warned that this could occur before the change is made.
The Network Path tab is not available for when you select Edit. However, if you display the Network Paths tab, you can copy the
share path if required. If your StoreOnce System is configured on a Virtual LAN, this tab will display all the VLAN IP addresses
available for that share.
Deleting NAS shares
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS Shares above the graphic.
3. On the NAS Shares screen, click the share.
4. On the screen for the share, expand the Actions menu and select Delete.
NAS CIFS shares
About this task
Overview of creating backup target shares that Windows users can access.
Procedure
1. Confirm or select the NAS CIFS authentication mode for the StoreOnce System. See Selecting NAS CIFS authentication modes.
2. Create NAS CIFS shares on the StoreOnce System. See Creating NAS shares.
3. Define access rights to the NAS CIFS shares. Do one of the following:
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
131
If you are using User authentication:
Add local user accounts for the StoreOnce System. See Adding NAS CIFS local users.
Enable or disable user access to individual shares. See Editing NAS CIFS shares user access.
If you are using Active Directory authentication, configure the Active Directory server and the StoreOnce System. See NAS CIFS
Active Directory authentication overview
Subtopics
NAS CIFS authentication modes
Selecting NAS CIFS authentication modes
NAS CIFS server user authentication mode
Editing NAS CIFS shares user access
Active Directory authentication mode
NAS CIFS authentication modes
The CIFS authentication mode is a setting for all NAS CIFS shares on a StoreOnce System.
None. Provides a simple CIFS server configuration that allows for the creation of shares with no authentication. Any user or
computer can mount and access the shares created on the StoreOnce System with this setting.
This mode is the default authentication mode for the CIFS server where all the Shares configured have its Permission disabled.
Because this mode is the default, there is no user action required to activate this mode. Proceed to mounting the share on your
Windows client.
User. Secures CIFS shares so they can be accessed only by specified users. The users must have local account credentials on the
StoreOnce System.
Once the CIFS server authentication mode is set to user, you can use the Permissions tab of the share to add and remove users. You
can also edit the access for specific users.
Active Directory . Secures CIFS shares so they can be accessed only by specified users or groups. The users or groups must be within
an Active Directory domain to the CIFS server.
Prerequisites:
Domain Name
Domain Controller on supported server. See the HPE StoreOnce Support Matrix
https://www.hpe.com/Storage/StoreOnceSupportMatrix.
A user account on the Domain Controller, which is the Domain Administrator or delegated user with Domain Administrative rights.
A user account on the server running DNS to add entries.
The system time on the StoreOnce System must be correct and in sync with the domain controller.
Selecting NAS CIFS authentication modes
About this task
The CIFS authentication mode is a setting for all NAS CIFS shares on a StoreOnce System. Learn more: NAS CIFS authentication modes.
WARNING: If you change the CIFS authentication mode:
Running backups and restores will fail.
To make the new setting take effect on the client, log out of the client and then log back in.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
132
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Settings panel, click the edit icon (
).
4. On the CIFS Settings dialog, select the Authentication Mode, and then click Update.
NAS CIFS server user authentication mode
Subtopics
Adding NAS CIFS local users
Changing NAS CIFS local user passwords
Deleting NAS CIFS local users
Adding NAS CIFS local users
Prerequisites
The CIFS server authentication mode for the StoreOnce System is set to user.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Users panel, expand the Actions icon and select Add User.
4. On the Add User dialog, enter a user name and the password that you want to use.
The user name can be up to 64 characters.
The password must be at least eight characters long and can include special characters.
The password can comply with the Windows strong password requirements: uppercase letters (A,B,C) or lowercase letters
(a,b,c) or numbers (0,1,2,3,4,5,6,7,8,9) or symbols (` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? / ).
5. Click Add.
The new user is added to the list in the Users panel. By default, new users are added to a StoreOnce System with Access to NAS
CIFS shares disabled.
Results
TIP: To enable access to a specific NAS CIFS share, navigate to the share and click the Permissions tab. Then select the
user and click its edit icon (
).
Changing NAS CIFS local user passwords
Prerequisites
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
133
The CIFS server authentication mode is set to user.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Users panel, select the user, and then expand the Actions icon and select Edit User.
4. On the Edit User dialog, enter and confirm the new password, and then click Update.
The new password takes effect immediately.
Deleting NAS CIFS local users
Prerequisites
The CIFS server authentication mode is set to user.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Users panel, select the user, and then expand the Actions icon and select Remove User.
Editing NAS CIFS shares user access
About this task
You can enable and disable access by specific users to individual NAS CIFS shares.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS above the graphic.
3. On the NAS Shares screen, click the CIFS NFS share.
4. On the NAS Shares screen for the NAS CIFS share, click the Permissions tab.
5. On the User Access panel, click the user, and then click the edit icon (
Access.
). The Edit User Access dialog opens. Enable of disable
Active Directory authentication mode
Subtopics
NAS CIFS Active Directory authentication overview
Adding StoreOnce Systems to Active Directory domains
Granting Active Directory domain users access to NAS CIFS shares
Adding Active Directory users as local administrators to the StoreOnce CIFS server
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
134
Adding Active Directory groups as local administrators to the StoreOnce CIFS server
Deleting Active Directory users or groups as local administrators of the StoreOnce CIFS server
Leaving Active Directory domains
NAS CIFS Active Directory authentication overview
About this task
Process overview:
Procedure
1. Adding StoreOnce Systems to Active Directory domains
2. Granting Active Directory domain users access to NAS CIFS shares
3. Adding Active Directory users as local administrators to the StoreOnce CIFS server
4. Adding Active Directory groups as local administrators to the StoreOnce CIFS server
Adding StoreOnce Systems to Active Directory domains
Prerequisites
Verify that the StoreOnce System has an entry in the DNS server. The DNS entry is required so the StoreOnce System can be
resolved by referring to its qualified domain name. (StoreOnce Systems do not automatically add themselves to DNS server
configurations during network configuration.).
If the StoreOnce System does not have a DNS entry, you must manually create the entry before proceeding.
StoreOnce port sets and DNS entries on the Networking screen must be configured correctly. The networking settings must allow
the StoreOnce System contact the Active Directory server and resolve its host name.
The system time on the StoreOnce System and the Active Directory server must be in sync.
To add a StoreOnce System, you must know the Active Directory domain name, and the credentials of an Active Directory user that
has permission to add the StoreOnce System to the domain.
StoreOnce supports the following Kerberos encryption types when joining Microsoft Active Directory domain:
RC4-HMAC
DES-CBC-MD5
DES-CBC-CRC
AES type encryptions are currently not supported.
About this task
WARNING:
To add a StoreOnce System, you must use the StoreOnce Join action. Joining or leaving an Active Directory domain
will cause running backup and restore jobs on a StoreOnce System to fail. Do not perform this procedure if the
StoreOnce System has backup or restore jobs running.
Procedure
On the StoreOnce System
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
135
3. On the CIFS Server tab, click the edit icon (
) on the Settings panel.
4. On the CIFS Settings dialog, select Active Directory for the Authentication Mode.
5. Enter the name of the Active Directory Domain to which you want to join the StoreOnce System, and then click Update.
The Join Active Directory dialog opens.
6. On the Join Active Directory dialog, enter the user name and password to join the Active Directory domain, and then click Join.
The StoreOnce System is added to the domain and the CIFS Server tab displays the Active Directory information. (Joining can
take some time, depending on topology and domain size.).
The Local Administrators panel shows the domain users that can be delegated to manage the CIFS Server of the StoreOnce
System. To add local administrators, see Adding and deleting NAS CIFS Active Directory users and groups.
On a Windows domain management system
7. On a Windows domain management system, verify that there is an entry for the StoreOnce CIFS server.
a. On a Windows server that is used to perform Active Directory domain configuration, launch the Active Directory Users and
Computers management tool.
For example, enter dsa.msc in the Windows Run command.
Or from a PC with the Microsoft Remote Server Administration Tools installed, launch from Administrative Tools).
Granting Active Directory domain users access to NAS CIFS shares
Prerequisites
StoreOnce port sets and DNS entries on the Networking screen must be configured correctly. Use the Active Directory DNS server
or some other DNS server properly configured to resolve the Active Directory domain.
The CIFS server authentication mode for the StoreOnce System is set to Active Directory.
About this task
Procedure
1. On the Windows client, open the Microsoft Management Console (MMC). For example, select Start > Run > mmc.
2. From the MMC menu, navigate to FileAdd/Remove Snap-in.
3. Browse through the list of Available Snap-ins and select the Shared Folders snap-in.
4. Click Add.
5. Select Another Computer on the Shared Folders window and enter the fully qualified domain name of the StoreOnce System.
You can also click Browse and search for the StoreOnce System.
6. In the View section, select Shares.
7. Complete the snap-in configuration by clicking Finish and then click OK.
The snap-in is now added to the MMC console. Use this setting for future management of the StoreOnce System NAS CIFS shares.
8. Expand the Shares list to see the shares configured on the StoreOnce System.
9. Select the share to which you want to assign access to domain users or groups.
10. Right-click on the share and select Properties
A new share created will have no users or groups assigned to it.
11. Select the Share Permissions tab and click Add.
12. Enter the domain user name to be added. Verify by the domain user name by clicking Check Names. Once the user is verified, click
OK.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
136
13. Assign the permission you want the domain user to have for this share.
14. Click OK to confirm the changes.
You can now access the newly created share from any Windows server on the domain, using the credentials of anyone who has
permission to access the share. If a permitted user is logged into Windows, access to the share is granted automatically with those
permissions.
IMPORTANT:
When switching from None or User authentication mode to Active Directory authentication mode, Hewlett Packard
Enterprise recommends logging out and then back in to the Windows client where the share is mounted. This
approach ensures that the new authentication settings of the CIFS server are enforced.
NOTE:
The StoreOnce System does not support creating shares from Windows Computer Management Consoles. Shares
must be created from the StoreOnce Management Console.
The StoreOnce System only supports the Shared Folders utility within the Windows Computer Management. Any
other Windows Computer Management utilities are not supported.
Adding Active Directory users as local administrators to the StoreOnce CIFS server
Prerequisites
The StoreOnce System has been added to an Active Directory domain.
The user or group to be added must already exist in the Active Directory domain.
About this task
After a StoreOnce System is added to an Active Directory domain, the Local Administrators panel is displayed on the CIFS server tab of
the NAS Settings screen.
The Local Administrators panel allows you to add Active Directory domain users or groups with administrator privileges to the CIFS
server. Adding users or groups using the StoreOnce Management Console provides a way of implementing Delegated
Administration, which is not available for the StoreOnce device from the Active Directory Management tool.
Users are added using the Active Directory login name. This name is available from the user account information from the Active
Directory Management tool. (Right-click the domain user from the domain controller, select Properties, and check the domain user
account information.)
Both user login formats are accepted. For example, <domain_user@domain> or <domain\domain_user>. The user is resolved
against the domain controller database.
IMPORTANT: When adding Active Directory domain users through a StoreOnce Management Console, the users are
automatically added as Local Administrators. (Even if they are not administrator users on the Active Directory
domain.)
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Servers tab.
3. On the Local Administrators panel, expand the Actions menu and select Add Users or Groups
4. On the Add Users or Groups dialog, enter the user name in the Member Name box, and then click Add.
The user is added to the list of local administrators.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
137
Adding Active Directory groups as local administrators to the StoreOnce CIFS server
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Servers tab.
3. On the Local Administrators panel, expand the Actions menu and select Add Users or Groups
4. On the Add Users or Groups dialog, in the group name in the Member Name box, and then click Add.
The group is added to the list of local administrators.
Deleting Active Directory users or groups as local administrators of the StoreOnce CIFS
server
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Servers tab.
3. On the Local Administrators panel, select the Member, and then expand the Actions menu and select Delete Users or Groups
4. On the Delete Members dialog, click the acknowledgment check box, and then click Delete.
The user or group is deleted from the list of local administrators.
Leaving Active Directory domains
Prerequisites
The StoreOnce System is joined to an Active Directory.
About this task
You may want a StoreOnce System to leave Active Directory domains to:
Temporarily leave, then rejoin the StoreOnce System to the same Active Directory domain.
Join the StoreOnce System to a different Active Directory domain.
Change the StoreOnce System to another CIFS server authentication mode.
WARNING: Leaving an Active Directory domain prevents the member users and groups from accessing NAS CIFS shares
on the StoreOnce System.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Settings panel, expand the Actions menu and select Leave Active Directory.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
138
NFS shares
About this task
Overview of configuring backup target shares that UNIX and Linux servers can access.
1. Add NFS hosts to the StoreOnce System. These hosts are the servers that mount the NAS NFS shares. See Adding NAS NFS server
hosts.
2. Create NAS NFS shares on the StoreOnce System. See Creating NAS shares.
TIP: When NAS NFS shares are created, read/write access is enabled for all hosts. If you want to restrict access, you
must edit the access property of the share.
3. Enable or disable host access by editing the access type on individual NAS NFS shares. See Editing NAS NFS shares host access.
Subtopics
Adding NAS NFS server hosts
Editing NAS NFS settings (browsability)
Editing NAS NFS shares host access
Adding NAS NFS server hosts
About this task
This procedure adds a NAS NFS host to a StoreOnce System.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the NFS Servers tab.
3. On the Host List panel, expand the Actions menu and select Add Host.
4. On the Add Host dialog, enter the name that you want to use for the host (required) and a description (optional). Click Add.
The new NAS NFS server host is added to the list.
Editing NAS NFS settings (browsability)
About this task
NAS NFS settings include an NFS browsability setting. The setting allows you to enable or disable browsability to NFS shares.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the NFS Server tab.
3. On the Settings panel, click the edit icon (
).
Editing NAS NFS shares host access
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
139
Editing NAS NFS shares host access
About this task
In the list of hosts, the * (asterisk) host name represents any/all hosts.
IMPORTANT: To restrict host access to specific hosts, you should first set the access type for any/all hosts to No
Access, and then add individual hosts and their access types.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS above the graphic.
3. On the NAS Shares screen, click the NAS NFS share.
4. On the NAS Shares screen for the NAS NFS share, click the Permissions tab.
5. On the Host List panel, click the host, and then click the edit icon (
). The Edit Host Access dialog opens.
Replicating NAS shares
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS above the graphic.
3. On the NAS Shares screen, click the panel for the specific NAS share.
4. On the NAS Shares screen for the specific share, select Create mapping on the Actions menu.
NAS shares screens and properties
NAS Shares screen (all shares)
In the list view, columns for the most often viewed properties are shown by default. To add or remove columns, click the column selector
icon ( ).
Property
Description
Name
Name of the NAS share.
Status
The status of the share. Online, offline, not started, failed to start, stopping, creating, or deleting
User Data Stored
The amount of user data stored on the NAS share.
Size on Disk
The actual size used on disk after deduplication.
Dedupe Ratio
The deduplication ratio achieved on the data on the NAS share. All NAS shares have deduplication
enabled. Deduplication on NAS shares cannot be disabled.
Replication Role
The replication role of the NAS share. Non-Replicating, Replication Source, or Replication Target.
More properties
Number of Files
The number of files and directories on the NAS share.
Protocol
CIFS (Common Internet File System) or NFS (Network File System)
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
140
Property
Description
Physical Storage Quota
This quota is for the amount of data written to disk after deduplication. If the quota is enabled and the
limit is reached, backups will fail to prevent the quota from being exceeded. The quota allows you to
partition the physical capacity of the StoreOnce System between various users (and users with a better
deduplication ratio can store more data).
When a NAS share reaches its quota, the status of the share will change to “Physical Quota Reached”.
Restores from that share are permitted but new backups will fail. When the quota is no longer met, either
by increasing the quota or by expiring backups, the share status returns to the “OK” state.
If you use this feature in conjunction with client permissions to control of client access to the share, you
can effectively define how much space a particular user is allowed to use on the StoreOnce System. With
many users using the same system, this approach allows you to control how much disk space is available
to individual users.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends configuring
backup applications with quotas to reroute to another device or to postpone backups to
prevent backups from failing unexpectedly.
Logical Storage Quota
This quota is for the amount of data a user sends to the device before deduplication. If the quota is
enabled and the quota limit is reached, backups will fail in order to prevent the quota from being
exceeded. This allows you to provide a service to back up a particular amount of user data. For example,
set this when you charge customers per TB of user data protected.
When a NAS share reaches its quota, the status of the share will change to “Logical Quota Reached”.
Restores from that share are permitted but new backups will fail.
When the quota is no longer met, either by increasing the quota or by expiring backups, the share status
returns to the “OK” state. If you use this feature in conjunction with Client-Permissions to control a
client’s access to the share, you can effectively define how much space a particular user is allowed to use
on the . With many users using the same system, this allows you to control how much disk space is
available to individual users.
NOTE:
If capacity management is required, Hewlett Packard Enterprise recommends configuring
backup applications with quotas to reroute to another device or to postpone backups to
prevent backups from failing unexpectedly.
Encryption
Indicates whether the NAS share data is encrypted. Shows as Not Licensed if there is no encryption
license on the StoreOnce System. If encryption is licensed, shows as Enabled or Disabled.
Secure Erase Mode
The availability of HPE Secure Erase. Shows as Disabled or the number of Secure Erase passes.
NAS Shares screen (individual share), Overview tab
Property
Description
Status bar
The status of the NAS share. Shows as Online, Down, or Error.
Share Dedupe Ratio
The deduplication ratio achieved on the data on the NAS share. All NAS shares have deduplication
enabled. Deduplication on NAS shares cannot be disabled.
User Data Stored
The amount of user data stored on the NAS share.
Size on Disk
The actual size used on disk after deduplication.
NAS Shares screen (individual share), Details tab
Property
Description
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
141
Property
Description
Name
Name of the NAS share.
Description
A text description of the share (optional).
Access Protocol
CIFS (Common Internet File System) or NFS (Network File System)
Replication Role
The replication role of the NAS share. Non-Replicating, Replication Source, or Replication Target.
Share Version
NAS shares can be configured as version 2 (default) or version 1.
The primary difference is the maximum number of items permitted per share. (An item is a file or a
directory)
Version 1 NAS shares: 25,000 items
Version 2 NAS shares: 1,000,000 items
Also, version 2 NAS shares are optimized to improve performance with Commvault backup software.
Version 1 NAS shares are only recommended for replication compatibility with legacy StoreOnce systems
that only support version 1 NAS shares.
Once configured, you can change the NAS share version from 1 to 2 but you cannot change from 2 to 1.
The maximum number of NAS shares depends upon the product model and the number of other devices
(including VT libraries and StoreOnce Catalyst stores) already created.
Number of Files/Directories The number of files and directories on the NAS share.
Write Protection
Used to prevent further backup to the share. If enabled, any backup jobs currently using that share will
fail.
Security
Encryption Enabled
Indicates whether the NAS share data is encrypted. Shows as Not Licensed if there is no encryption
license on the StoreOnce System. If encryption is licensed, shows as Enabled or Disabled.
Secure Erase Mode
The availability of HPE Secure Erase. Shows as None or the number of Secure Erase passes.
Storage
Physical Storage Quota
This quota is for the amount of data actually written to disk after deduplication. If the quota is enabled
and the quota limit is reached, backups will fail in order to prevent the quota from being exceeded. The
quota allows you to partition the physical capacity of the StoreOnce System between various users (and
users with a better deduplication ratio can store more data).
When a NAS share reaches its quota, the status of the share will change to “Physical Quota Reached”.
Restores from that share are permitted but new backups will fail. When the quota is no longer met, either
by increasing the quota or by expiring backups, the share status returns to the “OK” state.
If you use this feature in conjunction with client permissions to control a client’s access to the share, you
can effectively define how much space a particular user is allowed to use on the StoreOnce System. With
many users using the same system, this allows you to control how much disk space is available to
individual users.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends configuring
backup applications with quotas to reroute to another device or to postpone backups to
prevent backups from failing unexpectedly.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
142
Property
Description
Logical Storage Quota
This quota is for the amount of data a user sends to the device before deduplication. If the quota is
enabled and the quota limit is reached, backups will fail in order to prevent the quota from being
exceeded. This allows you to provide a service to back up a particular amount of user data. For example,
set this when you charge customers per TB of user data protected.
When a NAS share reaches its quota, the status of the share will change to “Logical Quota Reached”.
Restores from that share are permitted but new backups will fail.
When the quota is no longer met, either by increasing the quota or by expiring backups, the share status
returns to the “OK” state. If you use this feature in conjunction with Client-Permissions to control a
client’s access to the share, you can effectively define how much space a particular user is allowed to use
on the . With many users using the same system, this allows you to control how much disk space is
available to individual users.
TIP:
If capacity management is required, Hewlett Packard Enterprise recommends configuring
backup applications with quotas to reroute to another device or to postpone backups to
prevent backups from failing unexpectedly.
Backup Details
Backup Application
The name and information about the backup application that is used to back up to the NAS share. The
information is optional, but is recommended as an aid to HPE support troubleshooting. The information
has no impact on performance or deduplication efficiency.
Data Type
The type of data being protected by the backups to this NAS share. The information is optional, but is
recommended as an aid to HPE support troubleshooting. The information and has no impact on
performance or deduplication efficiency.
NAS Shares screen (individual share), Network Paths tab
Property
Description
Path
The network paths used to access the configured NAS share.
NAS Shares screen (individual share), Permissions tab
Property
Description
Access Protocol
CIFS (Common Internet File System) or NFS (network file system).
Authorisation
Authorisation mode
Authorisation mode applies only to CIFS NAS shares. The modes are: None, User, or AD
(Active Directory).
None mode provides a simple CIFS server configuration that allows creation of shares
with no authorization. Any user or computer can mount and access the shares.
User mode secures CIFS shares so they can be accessed only by specified users. The
users must have local account credentials on the StoreOnce System.
Active Directory mode secures CIFS shares so they can be accessed only by specified
users or groups. The users or groups must be within an Active Directory domain to the
CIFS server.
User Access
User Name (and access)
Name of a user for the NAS share. Access to a NAS share can be enabled and disabled for the
user.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
143
NAS Shares screen (individual share), Replication Permissions tab
Property
Description
Replication Serial Number
(and access)
The replication serial number that is automatically generated by the StoreOnce System. This replication
serial number is used for all replication jobs. The replication serial number does not change.
The replication serial number for a StoreOnce System is different than its serial number.
When Public Access is allowed, any StoreOnce System can participate in replication of the NAS share.
NAS replication
Subtopics
NAS shares replication overview
Viewing NAS replication mappings
Viewing NAS replication file information
Adding replication permissions for target NAS shares
Adding replication target systems
Creating replication mappings for source NAS shares
Editing replication mappings for source NAS shares
Editing replication permissions for target NAS shares
Editing replication public access for target NAS shares
Deleting replication mappings for source NAS shares
Recovering replicating NAS shares over a WAN
NAS replication screens and properties
NAS shares replication overview
Prerequisites
This overview assumes that the source and target NAS shares exist. If you have not created the source and target NAS shares, see
Creating NAS shares.
About this task
TIP: NAS replication requires a 1:1 relationship from a source StoreOnce System to a target StoreOnce System.
Replicating from multiples sources to a single target (fan-in) is not supported with NAS replication. (Fan-in is supported
for VT replication and StoreOnce Catalyst replication.)
Procedure
Create partner systems relationship
1. On the source StoreOnce System, create a partner system relationship between the source and target system. Lean more: Adding
replication target systems.
TIP: After a partner system relationship has been created, you do not need to perform this step again.
Establish system-level replication permission
2. On the target StoreOnce system, establish replication permission between the source system and the target system. Learn more:
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
144
Adding replication permissions for target systems .
TIP: After system-level replication permission has been established, you do not need to perform this step again.
Establish NAS share replication permission
3. On the target StoreOnce system, select the target NAS share and establish replication permission for the share. Learn more: Adding
replication permissions for target NAS shares.
4. On the target StoreOnce system, turn on (allow) replication to the target NAS share. Learn more: Editing replication permissions for
target NAS shares.
Create NAS share replication mapping
5. On the source system, select the source NAS share and create replication mapping for the share. Learn more: Creating replication
mappings for source NAS shares.
Viewing NAS replication mappings
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, do one of the following:
To view all NAS replication mappings, click the title NAS Replication above the graphic.
To view NAS replication mappings that have a specific status, click the status on the graphic. For example, clicking the Warning
status on the graphic opens the NAS Replication screen and displays only NAS replication mappings that have a Warning
status.
3. On the NAS Replication screen, click the NAS replication mapping.
The screen for an individual NAS replication mapping includes tabs for Overview, Details, and File Information.
Viewing NAS replication file information
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, click the title NAS Replication above the graphic.
3. On the NAS Replication screen, click the replication mapping.
4. On the screen for the NAS replication mapping, click the File Information tab.
A list of files is shown.
5. To view the details for a file, click its information icon (
).
Adding replication permissions for target NAS shares
Prerequisites
To add replication permissions:
The system level replication permission for the source StoreOnce system must have been previously added to the target StoreOnce
system. Learn more: NAS shares replication overview.
You know the replication serial number of the source StoreOnce system. Learn more: Locating replication serial numbers.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
145
Procedure
1. On the main menu of the target StoreOnce system, select Data Services.
2. On the Data Services screen, click the title NAS Shares above the graphic.
3. On the NAS Shares screen, click the NAS share.
4. On the screen for the NAS share, click the Replication Permissions tab.
A list shows the source system replication permissions for the target NAS share.
5. To add a source system to the list, expand the Actions menu and select Add.
6. On the Add dialog, paste in the replication serial number of the source StoreOnce System.
When the action is complete, the replication serial number of the source StoreOnce System is added to the list.
Adding replication target systems
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Partner Systems tab.
3. Expand the Actions menu and select Add.
Creating replication mappings for source NAS shares
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title NAS Replication above the graphic.
3. On the NAS Replication screen, expand the Actions menu and select Create.
The Create dialog enables you to specify the following:
Source Share
Target System
Target Share
Target Share Data Recovery Option
Editing replication mappings for source NAS shares
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title NAS Replication above the graphic.
3. On the NAS Replication screen, click the NAS share replication mapping.
4. On the screen for the NAS share replication mapping, expand the Actions menu and select Edit.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
146
Editing replication permissions for target NAS shares
Prerequisites
In this procedure, you must know the replication serial number of the source StoreOnce system. Learn more: Locating replication
serial numbers.
About this task
Editing the replication access permission enables you to allow or disallow replication access to a target NAS share.
Procedure
1. On the main menu of the target StoreOnce system, select Data Services.
2. On the Data Services screen, click the title NAS Shares above the graphic.
3. On the NAS Shares screen, click the target NAS share.
4. On the screen for the target NAS share, click the Replication Permissions tab.
A list shows the source system replication serial numbers for the target NAS share.
5. In the replication permissions list, click the replication serial number of the source StoreOnce System. Then, expand the Actions
menu and select Allow Replication.
On the Edit Replication Access dialog, you can allow or disallow replication to the target NAS share.
Editing replication public access for target NAS shares
About this task
You can allow or disallow replication access for a NAS share. When public access is allowed, any StoreOnce System can participate in
replication of the NAS share.
Procedure
1. On the main menu of the target StoreOnce System, select Data Services.
2. On the Data Services screen, click the title NAS Shares above the graphic.
3. On the NAS Shares screen, click the target NAS share.
4. On the screen for the target NAS share, click the Replication Permissions tab.
5. Click the Public Access item, and then expand the Actions menu and select Allow Replication.
6. On the Edit Replication Access dialog, you can allow or disallow replication to the target NAS share.
Deleting replication mappings for source NAS shares
Procedure
1. On the main menu of the source StoreOnce System, select Data Services.
2. On the Data Services screen, click the title NAS Replication above the graphic.
3. On the NAS Replication screen, click the NAS replication mapping.
4. On the screen for the NAS replication mapping, expand the Actions menu and select Delete.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
147
Recovering replicating NAS shares over a WAN
About this task
In this scenario, a remote source site has lost its host servers and StoreOnce System. New server hardware has been purchased and
installed at the site, and the administrator must recover data to a new server. A new StoreOnce system has not been installed at the
remote site.
The administrator plans to recover data over a WAN from a StoreOnce System at a data center. (Which will take a long time.)
Before the failure, a replication mapping existed between the source NAS share (at the remote site) and the target NAS share (at the
data center). After the failure, the replication mapping still exists, but the source NAS share is missing at the remote site. The target
NAS share on the StoreOnce System at the data center is still in target-share mode. It has not had its replication mapping removed.
TIP:
The following procedure retains the ability to back up to the target NAS share. If backing up to the target NAS
share is not required, an easier solution might be to recover data directly from the target NAS share, which is readonly.
Recovering high volumes of data over a WAN can take a long time. Recovering data at the data center is much
faster. And once recovered, the recovered data can be transported to the remote site.
WARNING:
If you replace the storage disks on a source StoreOnce System — and keep the system — the source to target mapping
will still exist. Therefore, you must remove the replication mapping before performing a recovery .
If the replication mapping is not removed, the blank source NAS share (on the replacement storage disks) will overwrite
the target NAS share. Effectively losing backup data on both the source and target NAS shares.
Procedure
1. On the target StoreOnce System in the data center, remove the replication mapping.
a. Navigate to the NAS Replication screen. See Viewing NAS replication mappings
b. Select the NAS replication mapping.
c. Remove the replication mapping. See Deleting replication mappings for source NAS shares
2. The target NAS share at the data center becomes a nonreplicating NAS share.
3. Make sure that the backup application is targeting the newly nonreplicating NAS share at the data center. Recover the data using
the backup application at the data center.
4. At this point, there is no source StoreOnce System at the remote site. If one is installed at a later date, reverse recover the data and
configure the replication mapping.
NAS replication screens and properties
NAS Replication screen (all mapping)
TIP: In the list view, columns for the most often viewed properties are shown by default. To add or remove columns,
click the column selector icon (
).
Property
Description
Status
Replication status. Synchronised, Synchronising, or Pending Synchronisation.
Source Name
Name of the source StoreOnce System.
Source Device
The name of the source NAS share.
Target Name
Name of the target StoreOnce System.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
148
Property
Description
Target Device
The name of the target NAS share.
More properties
Mapping Type
Replication Source or Replication Target
Name
Name that the StoreOnce System assigned to the replication mapping.
Hours Out of Sync
Number of hours that the replication mapping has been out of sync.
Recovery Active
Indicates whether data recovery is active.
Entries In Sync
The number of mapped NAS share entries that are in sync.
Entries Out Of Sync
The number of mapped NAS share entries that are out of sync.
Protocol
CIFS (Common Internet File System) or NFS (Network File System)
NAS Replication screen (individual mapping), Overview tab
Property
Description
Status bar
Replication status. Synchronised, Synchronising, or Pending Synchronisation.
Replication Source graphic
Source Name
Name of the source StoreOnce System.
Source Device Name
The name of the source NAS share
Replication Summary graphic
Entries in Sync
The number of mapped entries.
Mapped Entries
The number of mapped entries that are in sync.
Replication Direction Arrow
The direction of replication. An arrow pointing from target to source indicates data
recovery.
Average Throughput
Average throughput of the replication mapping in b/s.
Bandwidth Used
Bandwidth used for the replication mapping in Kb/s.
Replication Target graphic
Target Name
Name of the target StoreOnce System.
Target Device Name
The name of the target NAS share.
NAS Replication screen (individual mapping), Details tab
Property
Description
Recovery Active
Indicates whether data recovery is active. (The replication direction is from target to
source.).
Average Throughput
Average throughput of the replication mapping in b/s.
Bandwidth Used
Bandwidth used for the replication mapping in Kb/s.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
149
Property
Description
Percentage Bandwidth Saved
The percentage of bandwidth saved during the replication job. The saving depends
upon whether the device has been configured for source-side deduplication with a
low-bandwidth transfer policy. Or with target-side deduplication with a highbandwidth transfer policy.
Mapping type
Replication source or target.
Out of Sync Entries
Number of Hours Out of Sync
Number of hours that the replication mapping has been out of sync.
Number of Entries Out Of Sync
Number of Entries Out Of Sync (Warning)
Number of mapped entries in the replication mapping that are out of sync, with a
status of Warning.
Number of Entries Out Of Sync (Critical)
Number of mapped entries in the replication mapping that are out of sync, with a
status of Critical.
Source and Target Details
Share Name
The name of the NAS share.
Replication Address
IP address of the StoreOnce System.
Replication Serial Number
Replication serial number of the StoreOnce System.
Total Entries
Total number of entities in the NAS share.
User Data Stored
The amount of user data stored on the NAS share.
Size on Disk
The actual size used on disk after deduplication.
NAS Replication screen (individual mapping), File Information tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon (
).
To display the properties in a Details flyout, click the information icon (
).
Property
Description
Entry
NAS share entry number.
Type
Directory or file.
File Name
Name of the directory or file.
Status
Replication status. Synchronised, Synchronising, or Pending Synchronisation.
More properties
Marked For Recovery
Indicates whether the data recovery option for the NAS share is enabled.
File Size
Size of the file.
Duration
The length of time for the replication job to complete.
Time Start Sync
The date and time when synchronisation was started.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
150
Property
Description
Last Sync Time
The date and time when the last synchronisation was completed.
Time Out of Sync
The amount of time that the replication mapping was out of sync.
Progress Phase 1
The percentage of progress for the replication job in phase 1. Phase 1 replicates the main file
data.
Progress Phase 2
The percentage of progress for the replication job in phase 2. Phase 2 replicates internally
written write-in-place data that is associated with a file.
Progress Phase 3
The percentage of progress for the replication job in phase 3. Phase 3 replicates metadata
that is associated with a file.
Throughput
The replication job throughput in b/s.
Bandwidth Utilization
The replication job bandwidth in Kb/s.
Bandwidth Savings
The percentage of bandwidth savings for the replication mapping.
NAS settings
Subtopics
Viewing NAS settings
Adding and deleting NAS CIFS Active Directory users and groups
Adding, editing, and deleting NAS CIFS users
Adding, editing, and deleting NAS NFS hosts
Editing NAS CIFS settings
Editing NAS NFS settings (browsability)
Joining and leaving NAS CIFS Active Directories
Viewing NAS settings
About this task
The NAS Settings screen allows you to view and manage NAS settings.
Procedure
1. Do one of the following:
On the main menu, select Data Services. On the Data Services screen, expand the Actions menu and select NAS Settings.
On the main menu, select Settings. On the Settings screen, under Data Services, click the NAS Settings panel.
2. The NAS Settings screen includes tabs for CIFS Server and NFS Server.
Adding and deleting NAS CIFS Active Directory users and groups
About this task
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
151
NAS CIFS Active Directory users and groups (if any) are listed on the Local Administrators panel of the CIFS Server tab of the NAS
Settings screen.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Servers tab.
3. Scroll to the Local Administrators panel.
TIP: If the Local Administrators panel is not displayed, click the edit icon (
CIFS Settings dialog to set the Authentication mode to Active Directory.
) on the Settings panel. Then use the
4. On the Local Administrators panel, do one of the following:
To add a CIFS Active Directory user, expand the Actions menu and select Add Users or Groups.
To delete a CIFS user or group, select the user or group and then expand the Actions menu and select Delete Users or Groups.
The Delete Members dialog opens.
Adding, editing, and deleting NAS CIFS users
Prerequisites
To display the CIFS server Users panel and Actions menu, the Authentication Mode must be set to User on the CIFS Settings dialog.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Servers tab.
3. On the Users panel, do one of the following:
To add a CIFS user, expand the Actions menu and select Add.
To edit or delete a CIFS user, select the user, and then expand the Actions menu and select Edit or Delete.
Adding, editing, and deleting NAS NFS hosts
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the NFS Servers tab.
3. On the Host List panel, do one of the following:
To add an NFS host, expand the Actions menu and select Add.
To edit or delete an NFS host, select the host and then expand the Actions menu and select Edit or Delete.
Editing NAS CIFS settings
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
152
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Settings panel, click the edit icon (
).
Editing NAS NFS settings (browsability)
About this task
NAS NFS settings include an NFS browsability setting. The setting allows you to enable or disable browsability to NFS shares.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the NFS Server tab.
3. On the Settings panel, click the edit icon (
).
Joining and leaving NAS CIFS Active Directories
Prerequisites
To display Active Directory actions on the NAS Settings screen, the Authentication Mode must be set to Active Directory on the CIFS
Settings dialog.
Procedure
1. Navigate to the NAS Settings screen.
If necessary, see Viewing NAS settings.
2. On the NAS Settings screen, click the CIFS Server tab.
3. On the Settings panel, expand the Actions menu and select Join Active Directory or Leave Active Directory, as appropriate.
NOTE: HPE StoreOnce versions 4.3.2 and above support AES strong encryption when joining NAS CIFS Active
Directories. Ensure that your Active Directory is set up to use strong encryption as per the Microsoft guidelines,
and that encryption settings are configured on the client side. HPE StoreOnce will automatically provide strong
encryption when you join the directory.
Replication data services
Replication Mapping
Replication data services include replication mapping for VT libraries and NAS shares, and general replication settings.
Replication mapping is available for source and target VT libraries and NAS shares.
To view VT replication mapping, see Viewing VT replication mappings.
To view NAS replication mapping, see Viewing NAS replication mappings.
Replication Settings
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
153
General replication settings include: Partner Systems, Bandwidth Limits, Blackout Windows, Event History, and Permissions.
To view replication settings, see Viewing replication settings.
Subtopics
Viewing replication settings
Bandwidth limits (replication)
Blackout windows (replication)
Event history (replication)
Partner systems (replication)
Pausing replication
Permissions (replication)
Resuming replication
Viewing replication settings
Procedure
1. Do one of the following:
On the main menu, select Data Services. On the Data Services screen, expand the Actions menu and select Replication Settings.
On the main menu, select Settings. On the Settings screen, under Data Services, click the Replication Settings panel.
2. The Replication Settings screen includes tabs for Partner Systems, Bandwidth Limits, Blackout Windows, Event History, and
Permissions.
Bandwidth limits (replication)
Users with the Administrator role can establish and edit replication bandwidth limits.
Bandwidth limits can be used to avoid saturating the WAN with low-bandwidth replication and to free up bandwidth for other processes
and applications. You can establish a general bandwidth limit, and limits for one or two windows for each day of the week. Each window
can have a different bandwidth limit.
To establish or edit a general bandwidth limit, see Editing replication general bandwidth limit settings.
To establish or edit a bandwidth limits for specific day of the week and time windows, see Editing replication bandwidth limiting
windows settings.
IMPORTANT:
Replication bandwidth limits apply to all outbound replication jobs a StoreOnce System. The limits cannot be
applied to individual outbound jobs.
When a bandwidth limiting window is enabled, it overrides the general bandwidth limit at the day and time the
window is active.
HPE recommends:
A minimum of 2Mb/s per concurrent replication job.
At least 512Kbps per concurrent job is required for reliable operation.
Subtopics
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
154
Viewing replication bandwidth limits
Bandwidth limit properties (replication)
Editing replication general bandwidth limit settings
Editing replication bandwidth limiting windows settings
Editing replication maximum concurrent job settings
Viewing replication bandwidth limits
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Bandwidth Limits tab.
Bandwidth limit properties (replication)
Replication Settings screen, Bandwidth Limits tab
Property
Description
Status
System Time
The current time on the StoreOnce System.
Current Bandwidth Limit
The current replication bandwidth limit in Kb/s. No Limit indicates
that no bandwidth restrictions are currently active.
Source Jobs Bandwidth Limiting Windows
General Bandwidth Limit
Limit in Kb/s. No Limit indicates that the general bandwidth limit is
not enabled.
Restriction table
Day
Day of the week
First Restriction Limit
Replication bandwidth restriction in Kb/s. Dashes indicate that the
restriction is not enabled.
First Restriction Time
Replication restriction start and end time. Dashes indicate that the
restriction is not enabled.
Second Restriction Limit
Replication bandwidth restriction in Kb/s. Dashes indicate that the
restriction is not enabled.
Second Restriction Time
Replication restriction start and end time. Dashes indicate that the
restriction is not enabled.
Maximum Jobs
Maximum Concurrent Source Jobs
The maximum number of source jobs that can run concurrently.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
155
Property
Description
Maximum Concurrent Target Jobs
The maximum number of target jobs that can run concurrently.
TIP: If you are running backups at the same time as
replication, the default value of the target jobs can be
reduced. Reducing the value helps avoid using too much
WAN bandwidth and overloading the target StoreOnce
System.
Editing replication general bandwidth limit settings
About this task
You can use bandwidth limiting to avoid saturating the WAN with low-bandwidth replication and to free up bandwidth for other
processes and applications. The limits apply to all outbound replication jobs from a StoreOnce System. Learn more: Bandwidth limits
(replication).
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Bandwidth Limits tab.
3. On the Source Jobs Bandwidth Limiting Windows panel, expand the Actions menu and select Edit General Bandwidth Limit.
On the Edit General Bandwidth Limit dialog opens.
4. To enable or disable the limit, click the General Bandwidth Limit toggle.
5. When enabled, you can manually enter a bandwidth limit, or use the built-in Bandwidth Limit Calculator to determine and apply a
limit.
TIP: The recommended bandwidth limit is a calculation of (Max WAN Speed) x (Max Desired WAN Usage%).
6. To save your edits, click Update.
Editing replication bandwidth limiting windows settings
About this task
You can use bandwidth limiting to avoid saturating the WAN with low-bandwidth replication and to free up bandwidth for other
processes and applications. The limits apply to all outbound replication jobs from a StoreOnce System. Learn more: Bandwidth limits
(replication).
IMPORTANT: Restriction times are in system local time, not in UTC. If the time zone of the StoreOnce System is
changed after restrictions are added, you must change the restriction times accordingly.
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Bandwidth Limits tab.
3. On the Source Jobs Bandwidth Limiting Windows panel, click the day of the week (for example, Monday) on the restriction table,
and then expand the Actions menu and select Edit Bandwidth Limiting Windows .
4. On the Edit Bandwidth Limiting Windows dialog, click the Restriction 1 toggle.
Manually enter a bandwidth limit, or use the built-in Bandwidth Limit Calculator to determine and apply a limit.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
156
TIP: The recommended bandwidth limit is a calculation of (Max WAN Speed) x (Max Desired WAN Usage%).
Enter or select a Restriction Time.
5. If you want to set another restriction time, click the Restriction 2 toggle and complete the entries.
6. When ready, click Update. The bandwidth limiting window for the selected day of the week is added to the restriction table.
Editing replication maximum concurrent job settings
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Bandwidth Limits tab.
3. On the Maximum Jobs panel, click the edit icon (
).
Blackout windows (replication)
Users with the Administrator role can specify times when replication cannot occur. For example during planned maintenance, or heavy
network traffic.
Blackout windows for a StoreOnce System apply regardless of whether the system is a replication source or target.
Any running jobs for replication mappings that involve the StoreOnce System are automatically paused during a blackout window.
You can configure multiple blackout windows for a StoreOnce System.
To establish or edit blackout windows, see Editing replication blackout window settings.
Subtopics
Viewing replication blackout windows
Blackout window properties
Editing replication blackout window settings
Viewing replication blackout windows
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Blackout Windows tab.
Blackout window properties
Replication Settings screen, Blackout Windows tab
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
157
Property
Description
Status
System Time
The current time on the StoreOnce System.
Blackout Windows
Indicates whether blackout windows are active or inactive. When
blackout windows are active, no replication can occur.
Source Jobs Blackout Windows, Restriction table
Day
Day of the week
First Restriction Time
Replication restriction start and end time. Dashes indicate that the
restriction is not enabled.
Second Restriction Time
Replication restriction start and end time. Dashes indicate that the
restriction is not enabled.
Editing replication blackout window settings
About this task
Users with the Administrator role can specify times when replication cannot occur. For example, during planned maintenance or heavy
network traffic. Learn more: Blackout windows (replication).
IMPORTANT: Restriction times are in system local time, not in UTC. If the time zone of the StoreOnce System is
changed after restrictions are added, you must change the restriction times accordingly.
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Blackout Windows tab.
3. On the Source Jobs Blackout Windows panel, click the day of the week (for example, Monday) on the restriction table, and then
expand the Actions menu and select Edit Blackout Window.
4. On the Edit Blakout Window dialog, click the Restriction 1 toggle, and then Enter or select a Restriction Time.
5. If you want to set another restriction time, click the Restriction 2 toggle and complete the entries.
6. When ready, click Update. The blackout window for the selected day of the week is added to the restriction table.
Event history (replication)
The Event History tab includes the following:
The Out of Sync Notifications panel that shows the warning and critical out-of-sync settings.
The settings establish the amount of time (in hours) that a replication mapping can be out of sync before an out-of-sync event is
generated.
When an out-of-sync event is generated, an entry is added to the StoreOnce System event Log. Also, depending on the StoreOnce
System configuration, an SNMP trap is triggered and email is sent.
The Events panel that shows a list of significant replication events.
The list includes the date and time, severity status, and associated messages. The most recent event is at the top of the list.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
158
TIP: The replication event history is maintained even if the StoreOnce System is power cycled.
See also:
Clearing replication events.
Editing replication out of sync notification.
Subtopics
Viewing replication event history
Event history properties
Clearing replication events
Editing replication out of sync notification
Viewing replication event history
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Event History tab.
The Event History tab includes panels for:
Events
To filter the list of events, click the filter icon (
text, and event date and time.
). You can filter on the event severity (Info, Warning, Error), event message
Out of Sync Notifications
3. To view the details of an event, click its information icon (
).
Event history properties
Replication Settings screen, Event History tab
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column selector icon (
Property
).
Description
Out of Sync Notifications
Out of Sync Warning
Indicates the amount of time that a replication mapping can be out of
sync before an out-of-sync warning event is generated.
Out of Sync Critical
Indicates the amount of time that a replication mapping can be out of
sync before an out-of-sync critical event is generated.
Events
Severity
The severity level of the replication event (Information, Warning,
Error).
Event Category
StoreOnce category of the replication event. For example, a
Cartridge data job event .
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
159
Property
Description
Time
Date and time that the replication event occurred.
Message
The replication event message. For example, Data job for a cartridge
has completed successfully.
More properties
Reason
Reason that the replication event occurred. For example, Starting
Job to synchronise Cartridge Data in Target Slot with Source Slot.
Source Library/Share Name
Name of the source VT library or NAS share that is involved in the
replication event.
Target Library/Share Name
Name of the target VT library or NAS share that is involved in the
replication event.
Source Slot/Entry ID
Source VT library Slot or NAS share Entry ID that is involved in the
replication event.
Target Slot/Entry ID
Target VT library Slot or NAS share Entry ID that is involved in the
replication event.
Clearing replication events
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Event History tab.
3. Click the clear icon (
).
Editing replication out of sync notification
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Event History tab.
3. On the Out of Sync Notification Settings panel, click the edit icon (
).
Partner systems (replication)
Subtopics
Viewing replication partner systems
Partner system properties
Adding replication target systems
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
160
Editing and deleting replication target systems
Locating replication serial numbers
Viewing replication partner systems
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Partner Systems tab.
Partner system properties
Replication Settings screen (all), Partner Systems tab
The Partner Systems tab displays the replication status of all source and target devices that are configured on the StoreOnce System.
Columns for the most often viewed settings are shown by default. To add or remove columns, click the column selector icon (
Setting
Description
System Name
The name of the StoreOnce System.
Status
The health of the StoreOnce System.
System Type
System replication type: source or target.
Replication Address
The IP address of the StoreOnce System.
Replication Serial Number
A serial number that is generated by a StoreOnce System. The
number is used for all replication jobs and does not change.
).
More settings
Product Class
The product class of the StoreOnce System.
Replication Status
Status of replication: running or not.
System Supported Protocol Versions
Replication versions that are supported.
Capacity
Storage capacity of the StoreOnce System.
Free Space
The amount of free space on the StoreOnce System.
Software Version
Software version of the StoreOnce System.
System Time
The current time on the StoreOnce System.
Blackout Window Active
Indicates if a blackout window is active or not. When active, no
replication can occur.
Adding replication target systems
Prerequisites
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
161
You know the IP address of the intended target StoreOnce system.
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Partner Systems tab.
3. Expand the Actions menu and select Add.
When the action is completed, the target StoreOnce System is added to the list of partner systems.
Editing and deleting replication target systems
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Partner Systems tab.
3. Click the target system, and then expand the Actions menu and select Edit or Delete.
Locating replication serial numbers
Procedure
1. On the source StoreOnce System, navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Partner Systems tab.
3. The replication serial number for the StoreOnce System is shown in the top panel.
Pausing replication
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Blackout Windows tab.
3. Expand the Actions menu and select Pause Replication.
Permissions (replication)
The Permissions tab shows replication serial numbers of partner StoreOnce Systems.
See also:
Adding replication permissions for target systems.
Removing replication permissions for target systems.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
162
Subtopics
Replication permission tab
Adding replication permissions for target systems
Removing replication permissions for target systems
Replication permission tab
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Permissions tab.
The Permissions tab shows a list replication serial numbers for partner StoreOnce Systems.
Adding replication permissions for target systems
Prerequisites
The replication target system must have been previously added to the Partner Systems list on the source system.
In this procedure, you must have the replication serial number of the source system available. The best practice is to copy the
replication serial number and have it available to paste in. Learn more: Locating replication serial numbers.
About this task
Adding replication permission on a target system is a one-time step that allows the target system to accept replication from the source
system. Replication is not started between the systems.
TIP: If replication permission for Public Access appears on the target system permissions list, then any StoreOnce
System has permission to replicate to the target system.
Procedure
1. On the target system, navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Permissions tab.
3. Expand the Actions menu and select Add Replication Serial Number.
When the action is complete, the replication serial number of the source system is added to the list of replication permissions.
Removing replication permissions for target systems
Prerequisites
In this procedure, you must know the replication serial number of the source StoreOnce System. Learn more: Locating replication serial
numbers.
About this task
Removing a replication permission from a target system prevents the target system from accepting replication from the removed source
system.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
163
Procedure
1. On the target system, navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Permissions tab.
3. In the list of replication serial numbers, click the replication serial number of the source system that you want to remove. Then
expand the Actions menu and select Remove Replication Serial Number.
Resuming replication
Procedure
1. Navigate to the Replication Settings screen.
If necessary, see Viewing replication settings.
2. On the Replication Settings screen, click the Blackout Windows tab.
3. Expand the Actions menu and select Resume Replication.
Reports
Subtopics
Reports overview
Report content categories
Viewing online reports
Working with Custom reports
Working with Scheduled reports
Reports overview
StoreOnce System reports are available as online reports and as scheduled report downloads.
Online reports. Online reports are interactive graphical reports. You can interactively select and filter report content. Online reports
are viewed on the Reports screen. Learn more: Viewing online reports.
Online reports display information for a single StoreOnce system or a single device.
Scheduled reports . Scheduled reports are tabular reports that can be downloaded as CSV files. Also, when a scheduled report is
created, you can specify email recipients. You create and manage scheduled reports on the Scheduled tab of the Reports screen.
Scheduled reports can include multiple StoreOnce Systems and multiple devices.
Report content categories
The following report content categories are displayed in tabs on the Reports screen. These content categories can also be selected
when you create scheduled reports.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
164
Backup/Restore
Backup/Restore Throughput graph:
Catalyst Write, Catalyst Read | NAS Write, NAS Read | VTL Write, VTL Read
Backup/Restore Sessions graph:
Catalyst Sessions, NAS Sessions, VTL Sessions
Replication/Copy
Replication/Copy Throughput graph:
Catalyst Copy Target, Catalyst Copy Source | NAS Replication Target, NAS Replication Source | VTL Replication Target, VTL
Replication Source
Replication/Copy Sessions graph:
Catalyst Target Sessions, Catalyst Source Sessions | NAS Target Sessions, NAS Source Sessions | VTL Target Sessions, VTL Source
Sessions
Cloud Bank
Cloud Bandwidth Utilization graph:
Uploaded Bytes, Downloaded Bytes
Cloud Requests graph:
PUT Requests, POST Requests, GET Requests, HEAD Requests, DELETE Requests, LIST Requests
Capacity
Capacity Usage graph:
User Data Stored, Size on Disk, Size in Cloud
Capacity Dedupe Ratio graph:
Dedupe Ratio
Pending Housekeeping Graph:
Bytes Pending, Secure Erase Bytes Pending
Processed Housekeeping
Bytes Processed, Secure Erase Bytes Processed
Housekeeping Space Reclaimed
Reclaimed Bytes
Resources
System Resources Utilization
CPU, Memory
Data Disks Throughput
Write Throughput, Read Throughput
OS Disks Throughput
Write Throughput, Read Throughput
Interface
Ethernet Received (for each Ethernet card speed and card)
Ethernet Transmit (for each Ethernet card speed and card)
Fibre Channel Received (for each Fibre Channel card speed and card)
Fibre Channel Transmit (for each Fibre Channel card speed and card)
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
165
Custom
Only present when customer-configured.
Backup/Restore throughput:
Catalyst read/write, NAS read/write, VTL read/write
Scheduled
System Report
Device Report
Viewing online reports
About this task
TIP: When you log in to a federation lead system, the Reports screen displays information for the lead system. The
screen does not show aggregated information for the federation.
Procedure
1. On the main menu, select Reports.
The Reports screen includes tabs for Backup/Restore, Replication/Copy, Cloud Bank, Capacity, Resources, Interface, Custom, and
Scheduled.
2. To choose a time Period for the online reports, click the clock icon (
).
You can choose from defined time periods, or specify a custom time period.
Working with Custom reports
About this task
Add your own selection of graphs to the tab and select a layout for them. Once created, customize the graphs layout, or remove graphs
from the screen.
Procedure
1. On the main menu, select Reports.
2. Click the Custom tab.
3. On the Custom tab, click + Add Graph.
4. From the Add Graph dialog box, select the data to graph from the list.
5. Select whether you want to graph data from the System or a Device.
a. If you want to graph data from a device, click the Device radio button.
b. Click the edit icon (
) and select the device from the list.
6. To change the layout of the graphs on the screen, move them up and down with the arrows.
7. Delete a graph using the X.
Working with Scheduled reports
About this task
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
166
Create scheduled reports for systems or devices.
Procedure
1. On the main menu, select Reports.
2. Click the Scheduled tab.
3. From the Action menu, select the type of report you want to schedule.
4. Complete all the fields, using the Edit icon (
) to select the following items:
System or devices to include in the report.
Report content, which allows you to select the length of time you want to report to cover.
Schedule on which you want the report to run. You can select from a list of standard time frames, such as weekly or monthly. Or
you can set up a custom schedule, such as the first Friday of every month.
5. Once the schedules are created, you can copy, edit, or delete them.
Copy a schedule to use it for different systems or devices, or edit the schedule without having to start from the beginning.
Dual Authorization
NOTE: Dual Authorization is available for StoreOnce systems on software versions 4.3.2 and later.
Dual Authorization mandates approval of two separate users to authorize execution of an operation. The Dual Authorization protects
customers from data loss caused by malicious actions, such as a ransomware attack. The two authorized individuals must be capable of
detecting unauthorized procedures with respect to the task being performed. The tasks include store deletion, system storage
modification and deletion, system time change, enabling, and disabling the Dual Authorization feature. For a list of protected
operations, see Dual Authorization requests.
Dual Authorization is disabled by default. You must have administrator privileges to enable the feature. Additionally, a user with the
Security Officer role is needed to use the feature. In the absence of a Security Administrator user, you will not be able to enable the
Dual Authorization feature.
You can create another user with the privileges of the Security Officer. However, creating user is considered a protected operation that
requires authorization by another Security Officer.
For more information about the Dual Authorization, see Dual Authorization workflow.
Subtopics
Dual Authorization workflow
Dual Authorization requests
Dual authorization request states
Dual authorization audit/event entries
Operations prohibited in Dual Authorization
Dual Authorization workflow
The Dual Authorization works by approving requests within a specific time period.
The Admin user can request to perform one or more of the operations. When submitting the request the Admin user provides
details about the operations they wish to perform.
If the request falls under the protected operations category, the Security Officer user is notified of this request via an email
alert, if configured, and a display notification on the GUI.
NOTE: Dual Authorization request submissions and approvals are notified as warnings. You must subscribe to
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
167
warnings and critical alerts in the email notification settings.
The Security Officer user reviews the request and either approves or denies the operation. The requestor and the approvers
are informed via an email alert, and a display notification on the GUI.
- If approved, the request is executed and an audit log entry is generated.
- If rejected, or if the Security Officer did not approve the request within a certain time, the request is not executed.
There is a limit of 200 requests that can await an Security Officer approval at any point in time. After a request is submitted for
Security Officer approval, you cannot withdraw the request.
All the requests, irrespective of their statuses are preserved across reboot, PML restart, and upgrade to a maximum of 14 days,
after which the request expires. Completed requests (successful or failed), and/or expired requests are purged after 7 days.
NOTE: There is a limit of 750 total requests in any of the request states at any point in time.
Dual Authorization requests
The following operations are considered protected that requires Dual Authorization, in the order of priority. For information about how
these requests are executed, see Dual Authorization workflow.
NOTE: Dual Authorization must be enabled to execute the protected operations.
Enabling or Disabling Dual Authorization
Edit Catalyst store
Catalyst store deletion
System Date and Time settings
Creating, modifying, and deleting users with Security Officer role
Storage modification and deletion
Dual authorization request states
As an administrator, you can filter the requests on the Dual Authorization page to check the status. You can also sort the requests using
the expiry date option. By default, the requests are sorted by the expiry date.
For the role of the approver or Security Officer, the pending requests, whether approved or rejected are listed along with the submitter
name and the expiry time.
Following are the Dual Authorization request states:
Table 1. Request status
Status
Desctiption
PENDING
Once a request gets added to the request queue, the request is
assigned a PENDING state.
IN PROGRESS
Once a request gets approved and the command execution is in
progress, the request is assigned an IN PROGRESS state.
REJECTED
If the Security Officer rejects a request, the request is assigned a
REJECTED state.
EXECUTED
If a request gets executed, it is assigned an EXECUTED state.
EXPIRED
If a request gets expired, it is assigned an EXPIRED state.
DELETED
If a request gets deleted from the queue, it is assigned a DELETED
state.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
168
Status
Desctiption
CANCELLED
If a request gets cancelled, the request is assigned a CANCELLED
state.
Dual authorization audit/event entries
The event log captures the following Dual Authorization operations:
Enabling and disabling the Dual Authorization feature.
User submitting a protected request.
Security Officer approving or denying the protected request.
Request completion success notifiction
Request expiry notification.
NOTE: Internal queue management, such as deleting the request after execution or expiry is not audited.
Operations prohibited in Dual Authorization
When Dual Authorization is enabled, you cannot:
Delete the last Security Officer user. There should at least be one security officer when Dual Authorization is enabled.
Issue several protected operations on a specific catalyst store. For example, if store1 has edit request pending, you cannot delete or
edit the request until the previous request is complete.
Change the manual time and date. The time delta is applied instead of the absolute time.
Event log
Subtopics
Viewing event logs
Manually deleting events
Managing automatic event deletion
Viewing event logs
Procedure
1. On the main menu, select Event Log.
To filter and sort the list, or to include internal system events, click the filter icon (
).
The Event Log screen displays a list of events.
2. Some events include additional details. To view all the details for an event, click its information icon (
).
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
169
Manually deleting events
About this task
You can manually delete events that were generated before a date and time that you specify.
See also: Managing automatic event deletion.
Procedure
1. On the main menu, select Event Log.
2. On the Event Log screen, expand the Actions menu and select Clear Event Log.
Managing automatic event deletion
About this task
You can specify the number of months that an event is retained in the log before it is automatically deleted.
See also: Manually deleting events.
Procedure
1. On the main menu, select Event Log.
2. On the Event Log screen, expand the Actions menu and select Manage Retention.
Restart, shutdown, and upgrade
Subtopics
Restarting and shutting down StoreOnce systems
Upgrade overview
Upgrading StoreOnce Systems
Restarting and shutting down StoreOnce systems
About this task
Only a user with the Administrator role can restart or shut down a StoreOnce System.
IMPORTANT:
If you restart or shut down a StoreOnce system, all users will be disconnected. Also, all running tasks will be
interrupted.
You can only restart or shut down a StoreOnce system that you are directly logged in to. You cannot restart or shut
down a federation member system from the federation lead.
Procedure
1. On the main menu, select Settings.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
170
2. On the Settings screen, expand the Actions menu and select Restart or Shutdown.
The corresponding dialog is displayed.
Read and carefully consider the warning messages. If you do not want to proceed, click the close icon (
confirmation check box and then click Restart or Shutdown.
). Otherwise, click the
Upgrade overview
The upgrade package contains new StoreOnce software, as well as firmware for the hardware components to be upgraded.
An upgrade is not an online process. Services will shut down to perform the updates. The whole StoreOnce System will be offline for a
period.
Upgrade checks
As part of the upgrade, the upgrade package is validated. All the checks must pass before the upgrade is allowed to proceed. The
following checks are performed:
Signature check. Ensures that the package is a valid package and has been securely signed by HPE.
Checksum check. Validates that the package is not corrupted.
Image type check. Verifies that the image type is valid for this StoreOnce system.
Version check. Verifies that the currently installed software version can be upgraded to the version in the upgrade package.
System readiness check. Verifies that the hardware components and software services are in a healthy state. If any checks report an
error, then you will need to fix the issue before the upgrade is allowed to proceed.
Upgrading StoreOnce Systems
Prerequisites
You have obtained the StoreOnce upgrade package (.star file). The upgrade package file is located where it can be accessed from
the StoreOnce System.
You are directly logged in to the StoreOnce System that you are upgrading. You cannot upgrade a federation member system from
the federation lead system.
You are logged in as Administrator.
IMPORTANT: On HPE StoreOnce 3660, 5260 and 5660 Systems, please follow these mandatory steps for offline
storage expansion to work seamlessly:
1. First, upgrade to the latest version of the StoreOnce software revision 4.3.5.
2. Cleanly shut down the server node and all existing enclosures.
3. Disconnect all power cables from the server and enclosures.
4. Perform the storage expansion, remembering the numbered sequence required to connect the enclosures. Ensure
that only necessary changes are made to complete the expansion.
5. Connect back all of the SAS cables correctly the same order, following the configuration diagrams.
6. Connect back the enclosure power cables only and wait for a few minutes until the enclosures are powered up.
7. When the enclosures are powered up, connect the server power cables and power on the server.
Not following these instructions can lead to data unavailability or data loss.
IMPORTANT: iLO must be configured to use the Production security state. Using the iLO High Security state is not
supported.
NOTE: When performing a software upgrade to StoreOnce 4.3.5, ensure that the iLO5 version is at 2.44 or later. The
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
171
iLO version is in accordance with the restricted upgrade path to 4.3.5, from software versions 4.2.3 or later.
NOTE: Data Services may take longer to start than expected. Do not reboot the system unless the data services are in a
failed to start state.
Procedure
1. On the StoreOnce Management Console main menu, select Settings.
2. On the Settings screen, expand the Actions menu and then select Upgrade.
The Upgrade screen guides you through steps for:
Selecting and uploading an upgrade package.
Validating the upgrade package.
Upgrading the StoreOnce System.
System settings
Subtopics
Viewing the StoreOnce software version
Viewing warranty serial numbers
StoreOnce licensing
Configure system date and time
Editing system date and time
Editing system information
Editing user preferences
Capacity units
Using the StoreOnce First Time Setup wizard
Removing optional hardware cards
Updating StoreOnce system information
Viewing the StoreOnce software version
Procedure
On the main menu, select System Dashboard.
To see the software version of a federation member, select Federation Dashboard, then select the system of interest.
The System Information section shows the software version.
Viewing warranty serial numbers
About this task
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
172
Each major component of a StoreOnce hardware model has its own warranty serial number. For example, the base system (server) and
expansion enclosures have warranty serial numbers.
The warranty serial numbers are preconfigured on the hardware and cannot be changed.
Procedure
1. On the main menu, select Settings.
2. In the System section, click the Warranty Serial Number panel.
The Warranty Serial Number screen shows warranty information for the StoreOnce System.
NOTE:
The warranty serial number is also visible in the System Information section of the System Dashboard.
StoreOnce licensing
General
Gen4 StoreOnce products do not require licenses for StoreOnce Catalyst and Replication.
Full license entitlement
Capacity license : Expands the capacity of the system.
Cloud Storage license : Enables connection to Cloud storage through a Cloud Service Provider. The cloud storage license provides
cloud capacity in 1 TB increments.
The maximum is twice the maximum local storage capacity.
Cloud Archive license : Allows the system to archive and disconnect from a cloud store and place it in archive mode.
Security license : Enables the security features of Data at Rest Encryption and Data in Flight Encryption.
Subtopics
Obtaining licenses from HPE My License Portal
Viewing StoreOnce licenses
License Management screen and properties
Adding standalone licenses to StoreOnce
Deleting StoreOnce Standalone licenses
Obtaining licenses from HPE My License Portal
About this task
Use the HPE My License Portal to obtain licenses for your StoreOnce Systems and your AutoPass license server.
Procedure
1. Go to the HPE My License Portal at https://myenterpriselicense.hpe.com .
2. Log in using your HPE Passport user ID and password.
3. After obtaining the license :
Viewing StoreOnce licenses
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
173
Viewing StoreOnce licenses
Procedure
1. On the main menu, select Settings.
2. In the System section, click the License Management panel.
3. To view a license summary, click the Overview tab. To view a list of the installed licenses, click the Licenses tab.
License Management screen and properties
License Management screen, Overview tab
Property
Description
Licensing Mode
Locking ID (Serial Number)
ID that locks the license to a specific StoreOnce System.
Licensed Features
Licensed feature name. For example, Encryption .
Name
Licensed Capacity
Capacity
The amount of capacity covered by the license.
Cloud Bank Storage Read/Write Capacity
Capacity covered by the Cloud Bank Read/Write license.
Cloud Bank Storage Detach Capacity
Capacity covered by the Cloud Bank Detach license.
License Management screen, Licenses tab
TIP:
Columns for the most often viewed properties are shown by default. To add or remove columns, click the column
selector icon ( ).
Property
Description
Name
The license name. For example, BC002A/AAE HPE StoreOnce VSA 4TB Base .
Category
The license category. For example, Storage.
License Type
The license type. For example, Capacity or Encryption .
Capacity
The amount of capacity covered by the license.
Expiration
Date and time that the license expires.
More properties
Description
Full description of the license. For example, BC002A/AAE HPE StoreOnce VSA 4TB Base LTU .
Valid From
Date and time that the license was first activated.
Status Information
License status. For example, This license is valid and active .
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
174
Adding standalone licenses to StoreOnce
Prerequisites
You must have obtained the StoreOnce license file from HPE My License Portal at https://myenterpriselicense.hpe.com .
The file must be in a location where it can be accessed from the Add License dialog. Learn more: Obtaining licenses from HPE My
License Portal.
About this task
This topic applies to:
IMPORTANT:
Once a standalone license is added to a StoreOnce VSA, it cannot be deleted or moved to another StoreOnce VSA.
Procedure
1. On the main menu, select Settings.
2. In the System section, click the License Management panel.
3. On the License Management screen, click the Add license panel.
4. Once the Add license dialog appears, select Choose File.
5. Browse to the location of the downloaded license file on your device.
6. Click the license file and click Open.
7. Click the Add button in the Add license dialog.
If this license is the first license to be added to the StoreOnce VSA, the license mode is set to Standalone.
After a few seconds, the license will appear on the Licenses tab of the License Management settings screen.
Results
After adding the license, the license is uploaded, validated, and installed on the StoreOnce VSA. After a few seconds, the status on the
Overview tab is updated and the license is shown on the Licenses tab.
Deleting StoreOnce Standalone licenses
About this task
IMPORTANT: Once a Standalone license is added to a StoreOnce System, the license cannot be deleted by StoreOnce
System users or administrators. If necessary, contact HPE Support regarding removal of Standalone licenses.
Configure system date and time
Configure the system date, time, and time zone using one of the following methods:
Using NTP servers (Recommended).
Using NTP is recommended to ensure that time remains in sync. It is important that time remains accurate when applying licenses,
or when using Active Directory or LDAP/LDAPS authentication.
Provide up to two NTP servers either by providing an IP address or the FQDN.
Configure the time zone.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
175
Adjustments for Daylight Savings time are made automatically where applicable.
A reboot is required if there is a large time discrepancy between the NTP time and system time. An event is triggered in this
case.
Manually setting the date and time.
Time changes take place immediately.
During configuration, changing the time zone does not automatically adjust the current time to match the time zone. First set
the time zone and then set the local time.
Editing system date and time
Procedure
1. On the main menu, select Settings.
2. In the System section, click the System Date & Time panel.
The System Date & Time dialog enables you to change the date and time settings.
NOTE:
Setting the clock backward triggers the clock tampering detection. Repeated clock tamper events will cause the
system to lock and requires HPE Support intervention to recover the system.
Editing system information
About this task
You can edit the system name. You can also view and edit optional information such as a contact name, phone number, and email
address.
Procedure
Do one of the following:
On the main menu, select System Dashboard, and then click the edit icon (
) on the System Information panel.
On the main menu, select Settings, and then click the System Information panel.
Editing user preferences
About this task
You can change your preferences for display formats. For example, you can choose units-of-measure for the system, drives, and
volumes. You can also choose display formats for date, time, and WWNs.
Procedure
1. On the main menu, select Settings.
2. In the System section, click the User Preferences panel.
The Preferences dialog shows the preferences and allows you to change the settings.
Capacity units
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
176
Capacity units
Binary units:
1 KiB = 1024 bytes (2 10)
1 MiB = 1,048,576 bytes (2 20), or 1024 KiB
1 GiB = 1,073,741,824 bytes (2 30), or 1024 MiB
1 TiB = 1,099,511,627,776 bytes (2 40), or 1024 GiB
1 PiB = 1,125,899,906,842,624 bytes (2 50), or 1024 TiB
Decimal units:
1 KB = 1,000 bytes (10 3)
1 MB = 1,000,000 bytes (10 6), or 1000 KB
1 GB = 1,000,000,000 bytes (10 9), or 1000 MB
1 TB = 1,000,000,000,000 bytes (10 12), or 1000 GB
1 PB = 1,000,000,000,000,000 bytes (10 15), or 1000 TB
Using the StoreOnce First Time Setup wizard
About this task
The StoreOnce First Time Setup wizard guides you through the steps to set up a recently installed StoreOnce System.
Procedure
1. Browse to the recently installed StoreOnce System. The First Time Setup wizard is automatically displayed.
TIP: If a StoreOnce System has already been set up, the First Time Setup wizard is not displayed.
2. The setup steps include:
Setting the Administrator Password.
Setting the Console Password.
Setting basic System Information such as the system name (host name), location, and contact information.
Setting the System Date & Time . You can set the date and time manually, or synchronize the date and time with a network time
server.
Configuring Storage. The wizard also enables you to configure additional storage capacity that you might have installed. The
wizard also reports issues with additional storage, for example, when additional storage is not installed in the correct location.
Configuring Remote Support.
Configuring Dual Authorization.
Removing optional hardware cards
Prerequisites
Prior to using the Remove Cards action, ensure that the StoreOnce System can be powered off without disrupting operations.
Have licenses for new optional hardware cards available to install after the system is restarted. New optional hardware cards (if any)
cannot be used until you add their licenses to the StoreOnce System.
For more information, see Optional hardware and the HPE StoreOnce Optional Hardware Installation and Configuration Guide .
About this task
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
177
Use the Remove Cards action prior to powering off and removing or moving cards. Using the action will prevent invalid card alerts from
being generated after you restart the system.
This topic applies to:
StoreOnce hardware systems
Procedure
1. On the main menu, select Settings.
2. In the System section, click the License Management panel.
3. On the License Management screen, expand the Actions menu and select Remove Cards.
4. Power off the StoreOnce System. Then remove or move the desired optional hardware cards. Then restart the system.
Updating StoreOnce system information
Procedure
1. On the main menu, select Settings.
2. In the System section, click the System Information panel.
The System Information dialog allows you to change the system properties.
Hardware settings
Subtopics
Storage
Networking
Integrated Lights Out (iLO)
Fibre Channel
Hardware and firmware
Storage
Subtopics
Viewing storage
Configuring storage
Rescanning storage
Unconfiguring storage
Editing storage capacity thresholds
Viewing storage
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
178
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Storage panel.
The Storage screen includes tabs for Local Storage, Cloud Bank Storage, and Capacity Threshold.
Configuring storage
About this task
After storage is added to a StoreOnce System, you must configure the storage to make it usable.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Storage panel.
3. On the Storage screen, click the Local Storage tab, and then expand the Actions menu and select Configure.
Rescanning storage
About this task
Rescanning storage is not a required task but can be used to check if devices are visible.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Storage panel.
3. On the Storage screen, click the Local Storage tab, and then expand the Actions menu and select Rescan.
Newly detected storage is added to the storage list with a status of Unconfigured.
Unconfiguring storage
About this task
WARNING: If you unconfigure the storage:
All your data will be lost
Data services will stop running
Running backup/restore jobs will fail
Unconfiguring storage can only be performed by a user with the Administrator role.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Storage panel.
3. On the Storage screen, click the Local Storage tab, and then expand the Actions menu and select Unconfigure.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
179
Editing storage capacity thresholds
About this task
You can edit user-defined thresholds for when a StoreOnce System generates storage capacity Information, Warning, and Alert events.
Info thresholds must be less than Warning, and Warning must be less than Alert.
User-defined thresholds cannot be set higher than system-defined thresholds.
System-defined thresholds cannot be edited.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Storage panel.
3. On the Storage screen, click the Capacity Threshold tab.
4. On the Local Storage Threshold panel, click the edit icon (
).
5. On the Capacity Threshold dialog, you can specify Info, Warning, and Alert thresholds.
Networking
Network Configuration
The networking features in StoreOnce Systems allow you to support complex network environments. The following topics summarize
the networking features and settings. The topics also include StoreOnce Management Console procedures for using the networking
settings.
Subtopics
StoreOnce networking features overview
Networking concepts
Initial configuration
Viewing the active network configuration
Editing the active network configuration
Activating network configurations
Adding, editing, and deleting port sets
Identifying physical ports
Adding, editing, and deleting subnets
Adding, editing, deleting static routes
Adding and deleting encryption links
Editing DNS servers
Restoring factory network settings
Pinging systems
Using traceroute
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
180
StoreOnce networking features overview
IPv4 and IPv6
StoreOnce Systems support IPv4 and IPv6 protocols on each network port. Static and DHCP configuration is supported for both
protocols. IPv6 is not supported with IPsec.
Management and data interfaces
All network subnets can be configured to provide access to the network management interface or have this access disabled. This
approach allows separation between data and management networks if required.
All network subnets can be configured to provide access to a mixture of the following data interfaces:
RMC (iSCSI) (mutually exclusive with VTL)
VTL (iSCSI) (mutually exclusive with RMC)
NAS (CIFS and NFS)
Catalyst and Replication
Additionally, each network subnet can be configured to allow SNMP trap delivery.
VLAN tagging
Subnets can have VLAN tagging enabled. Enabling VLAN allows:
Network VLANs to be extended down to StoreOnce systems. Thus providing logically separate networks to be maintained.
Multiple VLAN tagged subnets can be created on a single set of network ports.
Static routing
Each subnet can be configured with a set of static routes. The static routes can allow access through a specified gateway server to a
particular IP address, or range of IP addresses which might not be accessible through the default gateway.
Data in Flight encryption (IPsec)
IPsec encryption can be configured on subnets to allow encrypted data transfer between specific devices. The encryption can be used
for Replication, Catalyst copy, or backing up data from a host. IPsec is not supported on networks with IPv6 protocol.
Networking concepts
Port Sets. A port set is a configuration containing one or more network ports. A port set can be configured with one or more
network subnets.
Subnets. A subnet is a logical configuration which contains the addressing and access information for the network. VLAN tagging,
data-in-flight encryption (IPsec), and static routing are also configuration parameters of a subnet.
DNS. DNS configuration applies to all port sets. However, DNS server details can be provided by DHCP networks within subnets.
Initial configuration
When initially configuring a StoreOnce System, Hewlett Packard Enterprise recommends connecting network port 1 (OCP 3.0 NIC Port)
to a network which will provide initial management access. This configuration allows you to perform basic configuration.
If the network provides DHCP addressing, the StoreOnce System will obtain an IP address automatically. That IP address can be used to
access the StoreOnce Management Console to perform more complex configuration.
For more information about initial configuration of StoreOnce hardware models, see the HPE StoreOnce 3620, 3640, 5200, 5250, and
5650 Systems Installation Guide.
To determine the DHCP assigned address, or to configure a static IP address, connect a monitor and keyboard directly to a StoreOnce
system. Or, access it over an HPE iLO remote console.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
181
Using the StoreOnce Initialization Console
1. Log in using the Initialization Console. Username = console, Initial Password = changeme.
2. You will be asked to immediately change the password.
After that, a menu will allow you to view or set the network configuration. The current IP address is shown at the top of the menu.
NOTE: Only ports with speeds of 100Mbps, 1Gbps, 10Gbps, and 25Gbps are supported during the initial network
configuration.
Viewing the active network configuration
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel. The Networking screen opens.
The active configuration is shown. Network settings are shown for Port Sets and DNS Server.
The Port Sets panel shows the status, name, IP addresses of its subnets, and port type.
The DNS Server panel shows the DNS server addresses (up to three) and a DNS search suffix.
Viewing port set details and subnet details
TIP: In the following steps, you can navigate back to a previous screen by clicking the arrow icon (
screen name.
3. On the Networking screen, Port Sets panel, click the information icon (
) that is near the
) for the port set. The Port Set screen opens.
The port set Configuration panel shows the status, name, network ports, bond mode, frame size, and type.
The port set Subnets panel shows subnet IP address and VLAN tag.
To view subnet details, click the information icon (
) for the subnet. The Subnet screen opens. Detailed subnet information is
shown on the Configuration, Routes, and Encryption Links panels.
Editing the active network configuration
About this task
Editing the active network configuration allows you to modify the StoreOnce System settings for port sets, subnets, and DNS server.
As you use the various networking screens and dialogs, your changes are temporarily saved. However, no changes are made to the
active configuration until you select Activate on the Actions menu of the Edit Configuration screen.
If you decide to not activate your changes, you can click the arrow icon (
) to the left of the Edit Configuration screen name. The
active configuration screen will be redisplayed and your changes will be discarded.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Edit Configuration on the Actions menu.
The Edit Configuration screen opens and displays settings for Port Sets and DNS server. You can perform the following actions:
Add, edit, and delete port sets.
Edit DNS servers.
Activate changes to the network configuration
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
182
Activating network configurations
Prerequisites
You have used the Edit Configuration action that will change the StoreOnce System network configuration.
About this task
Activation can take some time to complete. When completed, the Active Configuration on the Networking screen will reflect the new
network configuration.
WARNING:
If the new network settings are different from the previous settings, backup/restore, copy, and replication
operations might fail.
If the network management interface has changed, the connection to this management session might be lost.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
The active configuration is shown.
3. Select Edit configuration on the Actions menu.
4. On the Edit Configuration screen, select Activate on the Actions menu. The Activate dialog opens.
Read and carefully consider the warning messages. If you do not want to activate the new network configuration, click the close icon
( ). Otherwise, click Activate.
Adding, editing, and deleting port sets
About this task
A port set can be edited, but it cannot be renamed. If you need a port set with a different name, you must add a new port set.
Port sets can be deleted. When you activate the new configuration, the port set is deleted. Also, any associated subnets, routes, and
encryption links are deleted.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Edit configuration on the Actions menu.
4. On the Edit Configuration screen, do one of the following:
Add. Click Add port set on the Actions menu. Use the Add Port Set dialog to add a port set.
Edit. Click its edit icon ( ) on the Port Sets panel. On the Port Set screen, click Edit port set on the Actions menu. Use the Edit
Port Set dialog to change settings.
Delete . To delete a port set, click its delete icon (
set.
) on the Port Sets panel. Use the Delete Port Set dialog to delete the port
5. Settings for adding and editing a port set
Name. Is a required text field that identifies the port set.
Ports. A list of network ports on the StoreOnce System is shown with check boxes to add those ports to the port set. Only ports
of the same type and speed may be included in the same port set.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
183
A port may only be a member of one port set. So any ports already configured in an existing port set are grayed out in the list
and cannot be selected.
Bond mode. When more than one port is selected, a further option appears in the configuration to configure the Bond Mode for
the Port Set. All port parameters must match to be bondable.
1 (Active Passive Bonding). This option provides basic port failover capability and does not require configuration of the
network switch. However it does not result in improved aggregate network performance.
4 (Link Aggregate Control (LACP) Bonding) .This option aggregates the bandwidth of the network ports, and provides
failover, however it does require network switch support and configuration.
6 (Adaptive Load Balance Bonding). This option provides port failover capability and some level of bandwidth aggregation.
The option does not need switch configuration but the aggregation is less effective than Mode 4.
Frame size. Frame size defines the amount of data contained in an Ethernet frame, the default is 1,500 bytes. Larger size
frames, often referred to as jumbo frames, can improve performance of the port set. Use this property to increase or decrease
the value, which must be an integer between 1280 and 9000.
IMPORTANT: If you specify jumbo frames, other devices on the network (clients and switches) must also be
configured to enable jumbo frames. The compatibility is necessary to avoid packets fragmenting or dropping.
6. When you are ready, click OK.
IMPORTANT: Your new settings will not become active until you activate the network configuration.
Identifying physical ports
About this task
Hardware models only
When using the Add Port Set dialog, the ports are identified by interface names and MAC addresses. For example: eno1
(00:00:6f:ca:e8:00) - 1 Gig TP.
You can use this information to identify the port location on the Hardware Monitoring screen.
Procedure
1. On the Add Port Set dialog, note the port name and Mac address of the port that you want to identify.
2. On the main menu, select Settings.
3. In the Hardware section, click the Hardware Monitoring panel. The Hardware Monitoring screen opens.
4. Click the System tab. A list of components in the StoreOnce System is displayed.
5. To view the physical ports:
a. In the Components list, scroll to the NICs section, then click its expand icon (
). A list of NICs is displayed.
The NICs list shows the NIC name, model, firmware version, location, and events. The location shows as a PCI-E slot or LOM.
b. Click the expand icon ( ) for the NIC. A list of ports is displayed. The Ports list shows the port name, MAC address, location,
max link speed, and events. The location shows as a port number for onboard 1Gbps ports.
Adding, editing, and deleting subnets
About this task
A subnet can be edited to change its configuration.
However, you cannot change DHCP to static addressing, or from static to DHCP. To change the addressing, delete the subnet and
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
184
then add a new subnet to replace it.
Subnets can be deleted. When you activate the new configuration, the subnet is deleted. Also, any associated routes, and encryption
links are deleted.
Port sets can have one or more subnets, depending on the configuration:
A maximum of 1 subnet, if configured with DHCP support IPv4 and IPv6 with no VLAN tagging.
A maximum of 2 subnets, if configured with static addressing, a separate subnet can be created for IPv4 and IPv6.
A maximum of 128 subnets per protocol (IPv4 and IPv6), if VLAN tagged subnets are created.
However, there is a maximum of 128 subnets per protocol for a StoreOnce System. The subnets can be spread across multiple
port sets or included in a single port set.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Edit configuration on the Actions menu.
4. On the Edit Configuration screen, click the edit icon (
) for the port set.
5. On the Port Set screen, do one of the following:
Add. Click Add subnet on the Actions menu. Use the Add Subnet dialog to add a subnet.
Edit. Click its edit icon ( ) on the Subnets panel. On the Subnet screen, click Edit subnet on the Actions menu. Use the Edit
Subnet dialog to change settings.
Delete . To delete a subnet, click its delete icon (
) on the Subnets panel. Use the Delete Subnet dialog to delete the subnet.
6. Settings for adding and editing a subnet
IP Assignment. When adding a subnet, you must first select the IP assignment, Manual or Automatic (DHCP). When editing a
subnet, the IP assignment cannot be changed.
If you select Manual, you can specify:
IP address. IPv4 or IPv6 format.
Prefix. Network prefix in CIDR format as a numeric value (without a / character).
VLAN (optional). VLAN tag numeric value.
No entry implicitly indicates there is no tagging. An entry of zero (0) explicitly indicates there is no VLAN tagging. When
tagged, the allowed values are 2 to 4094.
Gateway address (optional). Network gateway IP address in IPv4 or IPv6 format. The IP address must be in the same subnet
range as the IP address.
If you select Automatic (DHCP), you can specify:
Protocol. IPv4 or IPv6.
VLAN (optional). VLAN tag numeric value.
No entry implicitly indicates there is no tagging. An entry of zero (0) explicitly indicates there is no VLAN tagging. When
tagged, the allowed values are 2 to 4094.
IPv4 Gateway address (optional). This choice is displayed if IPv4 protocol is selected. Network gateway IP address in IPv4
or IPv6 format. The IP address must be in the same subnet range as the IP address.
TIP: Only provide this gateway if you want to override the gateway that is supplied by DHCP.
Allow management traffic. All subnets can be enabled to allow access to the StoreOnce management interface and REST
interface. The default is to enable. Disabling the setting prevents management administration from the subnet.
Services (optional). All subnets can be configured to provide access to a mixture of data interface types. Select the protocols
that are required to be accessible through this interface.
iSCSI protocol (RMC) (mutually exclusive with VTL)
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
185
iSCSI protocol (VTL) (mutually exclusive with RMC)
NAS (CIFS and NFS)
Catalyst and Replication
SNMP
7. When you are ready, click OK.
IMPORTANT: Your new settings will not become active until you activate the network configuration.
Adding, editing, deleting static routes
About this task
After a subnet has been created, static routes can be added. Static routes can be helpful for accessing a StoreOnce System through a
gateway other than the one defined in the main subnet configuration.
To add a static route:
The active network configuration must already include the subnet.
The subnet IP assignment must be static.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Edit configuration on the Actions menu.
4. On the Edit Configuration screen, click the edit icon (
5. On the Port Set screen, click the edit icon (
) for the port set.
) for the subnet.
6. On the Subnet screen, do one of the following:
Add. Select Add route on the Actions menu. Use the Add Route dialog to add a route.
Edit. Click its edit icon (
) on the Routes panel. Use the Edit Route dialog to change settings.
Delete . To delete a route, click its delete icon (
) on the Routes panel. Use the Delete Route dialog to delete the route.
7. Settings for adding and editing a route
Target address. The IP address of the target, which may be a specific IP address or the subnet on which it is located. The final
values in the IP address indicate whether this address is a host (specific value) or a subnet (value = 0). For example:
xxx.xxx.xxx.0 indicates any target on the specified IPv4 subnet.
xxxx:xxxx:xxxx:xxxx:: indicates any target on the specified IPv6 subnet.
Prefix. Defines the range of IP addresses that are available in the subnet to which the route is being created.
Gateway address. The address of the gateway through which traffic will be routed to the target host or subnet, this address
must be in the same range as the current address.
8. When you are ready, click OK.
IMPORTANT: Your new settings will not become active until you activate the network configuration.
Adding and deleting encryption links
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
186
Prerequisites
The encryption links feature requires a StoreOnce Security Pack license.
The subnets must have already been created.
About this task
After subnets are created, you can add point-to-point, data-in-flight encryption links (using IPsec) on a per subnet basis. Data-in-flight
encryption can be used to secure network links between data centers for StoreOnce VT libraries, NAS replication, or low-bandwidth
Catalyst Copy operations.
IMPORTANT: Data-in-flight encryption is not supported for DHCP or IPv6 subnets.
If you select an IPv6 subnet, encryption links actions are not displayed.
Encryption links can be created and deleted, but cannot be edited.
There are no limits to the number of encryption links per subnet.
HPE recommends that the StoreOnce System and client computer equivalent data-in-flight configurations and use the same
passphrase.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Edit configuration on the Actions menu.
4. On the Edit Configuration screen, click the edit icon (
5. On the Port Set screen, click the edit icon (
) for the port set.
) for the subnet.
6. On the Subnet screen, do one of the following:
Add. Select Add encryption link on the Actions menu. Use the Add Encryption Link dialog to add a link.
Delete . To delete a link, click its delete icon (
the link.
) on the Encryption Links panel. Use the Delete Encryption Link dialog to delete
7. Settings for adding an encryption link
Target Address. The IP address of the remote device. For example, a client or another StoreOnce System used for replication
and StoreOnce Catalyst copy.
Passphrase. The passphrase to use for the link. The passphrase will be shown as dots. To display the passphrase in text, check
Show passphrase check box.
Ensure that the passphrase is also configured on the target device.
8. When you are ready, click OK.
IMPORTANT: Your new settings will not become active until you activate the network configuration.
Editing DNS servers
About this task
You can include up to three DNS servers, and one DNS Search Suffix, in a StoreOnce network configuration.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Edit Configuration on the Actions menu.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
187
4. On the Edit Configuration screen, select Edit DNS on the Actions menu.
5. On the DNS Configuration dialog:
DNS address. IP address of the DNS server in IPv4 or IPv6 format.
Up to three DNS addresses can be included. If you enter fewer than 3 static addresses, DHCP can add addresses. The static
entries take precedence.
DNS search domains. Up to 6 are allowed statically. DHCP can extend it to a total of 8. The static entries take precedence.
Restoring factory network settings
About this task
You can restore the StoreOnce System network configuration to its original factory settings.
The restored factory network configuration is:
Port 1/10 GbE
IPv4 DHCP subnet
WARNING:
All user-specified port sets and associated subnets will be deleted.
All user-specified DNS settings will be deleted.
Restoring the factory configuration can result in loss of connection to the StoreOnce Management Console.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
The active configuration is shown.
3. On the Networking screen, select Restore factory settings on the Actions menu.
Pinging systems
About this task
Pinging allows you to check the connectivity from the StoreOnce System to backup clients, servers, and other StoreOnce Systems.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Ping on the Actions menu.
4. On the Ping dialog, enter an IPv4 or IPv6 address. Click Begin.
The results of the test are displayed.
Using traceroute
About this task
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
188
Traceroute allows you to check the network path from the StoreOnce System to backup clients, servers, and other StoreOnce Systems.
You can use traceroute to help resolve performance issues.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Networking panel.
3. On the Networking screen, select Traceroute on the Actions menu.
4. On the Traceroute dialog, enter an IPv4 or IPv6 address. Click Begin.
The results of the test are displayed.
Integrated Lights Out (iLO)
StoreOnce hardware models are based on HPE ProLiant server hardware that includes HPE Integrated Lights Out (iLO) management
features.
iLO configurations include a unique user account and password. This information is printed on a label on the StoreOnce system.
By default, iLO configurations obtain a DHCP IP address from the network. You can edit the iLO configuration from the StoreOnce
Management Console at any time.
You can also launch the iLO web interface from the StoreOnce Management Console.
You do not need to use iLO features to configure a StoreOnce System. However, using iLO can be useful in some circumstances, for
example:
Remotely powering up a StoreOnce System after it has been shut down.
Accessing the Initialisation Console on a StoreOnce System to discover or configure networking without having a monitor and
keyboard attached.
Subtopics
Viewing iLO configurations
Editing the iLO network configuration
Editing the iLO security state
Launching the iLO web interface
Viewing iLO configurations
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Integrated Lights Out (iLO) Configuration panel.
The Integrated Lights Out (iLO) Configuration screen shows the HPE Integrated Lights Out network configuration.
Editing the iLO network configuration
About this task
You can edit the iLO network configuration and security state of the StoreOnce System from the StoreOnce Management Console.
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
189
1. On the main menu, select Settings.
2. In the Hardware section, click the Integrated Lights Out (iLO) Configuration panel.
3. On the Integrated Lights Out (iLO) screen, expand the Actions menu and select Edit iLO Configuration.
4. Enable or disable DHCP, or enter the static network configuration.
Editing the iLO security state
About this task
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Integrated Lights Out (iLO) Configuration panel.
3. On the Integrated Lights Out (iLO) screen, expand the Actions menu and select Edit iLO Security Settings.
4. Complete the following:
Security State: set the level to either High Security or Production
iLO login username: the username used for the Integrated Lights-Out (iLO) console
iLO login password: the password used for the Integrated Lights-Out (iLO) console
NOTE:
Changing the iLO security state to Production or High Security is only available for StoreOnce systems on software
versions 4.3.2 and later.
When changing the security state from Production to High Security, entering the iLO username and password is
required.
The username must be of one of the following roles:
Administrator
Custom with at least the following permissions:
- Login
- Configure iLO Settings
You should not change the iLO security state using the iLO web console, as doing so will break the functionality.
The iLO user used for setting up iLO High Security should not be modified (change password or privileges) or
deleted. If at all the user is modified or deleted, using the Edit iLO Security Settings security state needs to be
moved back to Production mode with new/updated set of credentials and again reverted back to High Security
with the new/updated credentials.
Launching the iLO web interface
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Integrated Lights Out (iLO) Configuration panel.
3. On the Integrated Lights Out (iLO) Configuration screen, expand the Actions menu and select Launch iLO.
The iLO web interface opens in a new browser tab.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
190
Fibre Channel
Subtopics
Viewing Fibre Channel port settings and properties
Editing Fibre Channel port settings
Fibre Channel settings and properties
Viewing Fibre Channel port settings and properties
About this task
You can view the settings and properties of the Fibre Channel ports on StoreOnce Systems.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Fibre Channel panel.
3. The Fibre Channel screen shows a list of the Fibre Channel ports on the StoreOnce System.
TIP: Columns for the most often viewed settings and properties are shown by default. To add or remove columns,
click the column selector icon (
).
Editing Fibre Channel port settings
Prerequisites
Only administrators can edit the Fibre Channel port settings.
About this task
WARNING: Editing the Fibre Channel port settings resets the Fibre Channel link and can affect backup and restore jobs
that are running.
TIP:
Fibre Channel port settings apply to StoreOnce Catalyst target devices over Fibre Channel, and VT libraries.
Changing the port speed causes the port status to be reported as Down.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Fibre Channel panel.
3. On the Fibre Channel screen, select the port and then click the edit icon (
).
4. On the Edit Port dialog, make your changes and click Update.
Fibre Channel settings and properties
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
191
Fibre Channel screen
TIP: Columns for the most often viewed settings and properties are shown by default. To add or remove columns, click
the column selector icon (
).
Property
Description
Status
The status of each port. Can be Up , Down , Warning , Error , or Not Used . Warnings occur if
the port is not available or is down, or if the system is unable to obtain speed information. Errors occur if
there is a fault or the system cannot obtain the link status.
Port Location
The physical location of the Fibre Channel port, described by the PCIe card slot number that the card is in
and the physical port number. For example, Slot 5 Port1.
Current Speed
The current speed of the port. Controlled by the Selected Speed.
Selected Speed
You can use the Edit Port dialog to control the speed. Choices are Auto, 4G, 8G, 16G, and 32G. When
using auto-negotiate, the speed will be auto-negotiated between the switch and the StoreOnce System to
select the highest supported speed.
Beacon
You can use the Edit Port dialog to enable and disable the beacon. The beacon toggles an LED on the
physical HBA. The color of the button changes to show the status of the beacon. Grey is off, blue is on.
More properties
Topology
You can use the Edit Port dialog to select the topology. Choices are N_Port, Loop, and Auto.
Loop mode (private loop) is a direct connection between a host and the StoreOnce System without a
switch. Private loop is supported up to 8 Gb speeds only (does not support 16 Gb and 32 Gb).
Status Information
Provides the reason if the port status is Error . A healthy port does not report any status information.
Hardware and firmware
Subtopics
Viewing hardware components (hardware monitoring)
Locating the StoreOnce system components
Locating StoreOnce Systems
Updating hardware component firmware
Viewing hardware components (hardware monitoring)
About this task
The Hardware Monitoring pages allow users to view individual components for a given StoreOnce Server or attached enclosures.
Procedure
General
1. On the main menu, select Settings.
2. In the Hardware section, click the Hardware Monitoring panel.
The Hardware Monitoring screen includes tabs for Requires Attention, System, and Storage.
TIP: You can sort the information in tables by clicking the column headings.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
192
The Requires Attention tab identifies components that require attention (if any).
The System tab shows the properties and location of components such as CPUs, fans, HBAs, iLO, memory DIMMs, and NICs. Also
listed are components for OS storage, power management, power supplies, storage controllers, and temperature sensors.
The System has three types of views for the server:
Figure 1. Front View
Figure 2. Rear View
Figure 3. Internal View
The Storage tab shows the properties and location of components such as storage systems, controllers, and enclosures.
The Storage tab allows for two types of views for the enclosure:
Figure 4. Primera 600 LFF Front View
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
193
Figure 5. Primera 600 LFF Rear View
Viewing firmware versions
If a firmware version is not the latest, a pulsing icon is displayed at the top of the Hardware Monitoring screen. To go directly to
the relevant firmware information, click the icon.
To view firmware versions, click the System or Storage tab. Then, click the expand icon ( ) to display more information for the
hardware component. Expand the component levels as needed. Where applicable, a Firmware Version column is included.
Locating the StoreOnce system components
About this task
You can locate an individual component within a StoreOnce System using the hardware monitoring view. Mapping the location helps to
physically locate a component.
Procedure
1. On the main menu, select Settings.
2. On the Hardware section, click the Hardware Monitoring panel.
3. On the Hardware Monitoring screen, select the System or Storage tab menu.
4. Select the FrontRear or Internal view of the system.
5. Expand the Components drop-down menu below the system view, and select the Map Location (
6. The component will be highlighted after the Map Location (
will also be displayed below the system view.
) for a given component.
) icon has been clicked. The component name, location and status
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
194
Locating StoreOnce Systems
About this task
You can turn on the UID (unit identification) light for a StoreOnce System. Turning on the light helps to physically locate a StoreOnce
system in a rack. Icons indicate whether the light is turned on ( ) or off ( ).
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Hardware Monitoring panel.
3. On the Hardware Monitoring screen, expand the Actions menu and select Locate system.
Updating hardware component firmware
About this task
Component firmware upgrades are done as part of a StoreOnce software upgrade.
The only time that upgrading component firmware might be required is if a hardware component has been replaced. For example, when
replacing a failed disk, the replacement disk may be at an older or newer version of firmware than is supported by the StoreOnce
System.
Procedure
1. On the main menu, select Settings.
2. In the Hardware section, click the Hardware Monitoring panel.
3. On the Hardware Monitoring screen, expand the Actions menu and select Update firmware.
User management settings
Subtopics
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
195
User roles and types
Adding, editing, and deleting users and groups
Prerequisites for adding directory servers
Distinguished names
Adding directory servers
Removing directory servers
Adding directory users and groups
Editing active directory users and groups
Deleting Active Directory users and groups
Logging in to StoreOnce system as a domain user
Configuring password policies
User roles and types
TIP: To identify the current user, click the user icon (
) in the lower left corner of the main menu.
User roles
The following roles can be associated users:
Administrator: This role allows a user to create and edit management and StoreOnce functions in the StoreOnce Management
Console. Any user with the Administrator role has the same permissions as the default Admin account.
Observer: This role limits access to monitoring and viewing.
Security Officer : This role limits the user to viewing, approving and rejecting dual authorization requests. It limits access to
monitoring and viewing for all other features.
BackupAdmin: This role limits the user to creating, editing, and managing data services features.
Backup Operator: This role limits the user to monitoring and viewing the data services features.
User types
The following types of user accounts are available:
Local User (with an Administrator or Observer role): Logs in locally and is authenticated using credentials on the StoreOnce System.
Directory User (with any user role): Logs in as a domain user. External users are authenticated using their domain credentials by an
external Microsoft Active Directory Server.
Directory Group (with any user role): A Microsoft Active Directory group. Members of the group login as domain users.
TIP: To add directory users or groups, first add the HPE StoreOnce device to an Active Directory domain. Then
configure the connection to the Active Directory domain. See Adding directory servers.
Default account
When a StoreOnce System is installed, one default user account (Admin) is created with the Administrator role. You cannot delete
the account.
When you first access a StoreOnce System, you use the StoreOnce First Time Setup wizard to set the password for the Admin
account.
IMPORTANT: HPE strongly recommends that you change the default password. After the Admin account password
has been changed, it cannot be changed back to the default password.
If Admin credentials are lost, the Admin password can be reset through a locally attached Initialisation Console. HPE recommends
changing the Initialisation Console password after installation and storing it in an offline password security tool.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
196
Best practices
After using the StoreOnce First Time Setup wizard, a user with the Administrator role can configure additional user accounts. HPE
recommends assigning roles to user accounts that allow the minimum necessary privileges to prevent accidental or malicious data
loss.
If you create a group with the Observer role, HPE recommends setting up a user in the group with the Administrator role. (Roles set
with the Add User action take precedence over roles set with the Add Group action).
HPE recommends using Active Directory or LDAP users types, if possible.
If you use the StoreOnce federations features, HPE recommends that you add users to all the StoreOnce Systems in the federation
to enable remote management.
Adding, editing, and deleting users and groups
Procedure
1. On the main menu, select Settings.
2. In the User Management section, click the Users and Groups panel.
3. On the Users and Groups screen:
To add a user or group, Select Add user or group on the Actions menu.
To edit a user, click the user name.
To remove a user, click the user name, then click Remove.
Prerequisites for adding directory servers
Prerequisites
Active Directory or LDAP/Secure LDAP can be used to configure user access through directory users or directory groups. Ensure that
the StoreOnce device is connected to the directory server.
Procedure
1. Requirements for adding Active Directory server :
The user must have a Microsoft Active Directory server deployed.
The Active Directory domain services (AD DS) must be enabled and configured appropriately. Ensure that a domain controller is
also configured.
NOTE:
StoreOnce allows multiple domain controllers to be added under the same domain. If applied, all the domain
controllers must be added as separate instances of the directory server.
The login credentials of all users and groups to be added to StoreOnce must be available.
The Distinguished Names of all the groups to be added to StoreOnce must be available.
The Active Directory Server must be reachable to the StoreOnce through the network.
2. Requirements for adding LDAP/LDAPS Server :
LDAP/Secure LDAP (LDAPS) can be configured through open-source software or as part of a Windows Active Directory setup.
To use open-source software such as OpenLDAP, ensure that the server details and the queried users and group details to
be added to StoreOnce is available.
LDAP can be configured in two ways when using Windows Active Directory setup. The Active Directory can be installed by
default using Active Directory Domain Services (AD DS) and the directory server can be added on StoreOnce using LDAP as
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
197
the selected protocol. Alternatively, an LDAP instance can be installed using Active Directory Lightweight Directory
Services (AD LDS).
The common name (CN) or the UID of the LDAP server must be available.
The login credentials of all users and groups to be added to StoreOnce must be available.
The Distinguished Names of all the groups to be added to StoreOnce must be available. See Distinguished names.
3. Requirements for adding secure LDAP Server (LDAPS) :
To use LDAPS over Windows, the user must have Active Directory Certificate services (AD CS) enabled and configured for
certificate authentication.
Port 636 must be open for the LDAPS to work.
Distinguished names
A Distinguished Name (DN) is a string that uniquely identifies an entry in a directory tree.
When setting up Active Directory for StoreOnce, the Distinguished Name is the location in the directory tree where the user, group, and
organization entries are located.
Examples of distinguished names for a directory user
The following shows an example of the distinguished names where Users are added under a domain (STOREONCE.COM):
CN=Users, DC=STOREONCE, DC=COM
Example of a distinguished name for a directory organization
The following shows an example of the distinguished name in which an organization, 'MyOrg,' is added under the domain:
OU=MyOrg, DC=STOREONCE, DC=COM
Examples of distinguished names for a directory group within an organization
The following shows an example of the distinguished names in which a group, 'MyGroup,' is made within the previously made
organization 'MyOrg':
CN=MyGroup, OU=MyOrg, DC=STOREONCE, DC=COM
Examples of distinguished names for LDAP/LDAPS using UID (userID)
The following shows an example of configuring an LDAP/LDAPS user where the UID is the primary user naming the attribute:
UID=JDoe, OU=MyOrg, DC=STOREONCE, DC=COM
NOTE: StoreOnce allows for distinguished names of directory servers, users, and groups to be in lowercase and
uppercase format. For best practices however, it is recommended that attribute names are in uppercase (examples: CN,
O, OU, DC, etc.)
Adding directory servers
Procedure
1. On the main menu, select Settings.
2. In the User Management section, click the Directory panel.
3. On the Directory panel, click the Add or the
icon.
4. On the Connect to Directory Server screen, complete the fields and click Connect.
Server type: Users can select either to connect an LDAP/LDAPS server or an Active Directory Server.
Directory server host name or IP address: Users can either use the FQDN (Fully Qualified Domain Name) of the directory server
host, or the IP address of the host.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
198
Directory server port: The directory server port. The default port is port 636.
5. On the Add Directory Server screen, click Trust Certificate.
6. Click Trust to accept the certificate from the directory server and proceed with the configuration process.
7. On the Configure Directory Server screen, complete the fields, and click Ok to finish.
Name: The Name is a unique name used to identify this directory server when configuring users and groups.
Base distinguished name (DN): The base distinguished name is the location in the directory tree where user and group entries
are located.
NOTE:
StoreOnce allows for distinguished names of directory servers, users, and groups to be in lowercase or
uppercase format. For best practices however, it is recommended to use uppercase for attribute names such as
CN, O, OU, and DC.
Examples:
For a directory user:
- If the users are added under a domain, then the DN would be CN=Users,DC=STOREONCE,DC=COM
- If an organization ( MyOrg ) is added under a domain, then the DN would be
OU=MyOrg,DC=STOREONCE,DC=COM
For LDAP/LDAPS using UID (userID): The following example shows the configuration of an LDAP/LDAPS user where the
UID is the primary user naming attribute: UID=JDoe, OU=MyOrg, DC=STOREONCE,DC=COM
For a group with the DN of cn=Admins, ou=groups,o=my.com , you would enter ou=groups,o=my.com .
User naming attribute: These user naming attribute options represent the different attributes in LDAP/Secure LDAP and
Active Directory that contain the user or group name values that are checked during authentication.
For LDAP/Secure LDAP this value can be either CN (common name) or UID (Unique ID).
For Active Directory this value is always CN (common name).
User name: The user name for the Directory Server. The following formats are supported for StoreOnce user names:
Domain Name\username format (for example, MyDomain\johndoe)
Email address (e.g johndoe@MyDomain.com) domain users only
Username format (for example, johndoe) for local and domain users
Password: The password used to connect to the directory server.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
199
Removing directory servers
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
200
1. On the main menu, select Settings.
2. In the User Management section, click the Directory panel.
3. On the Directory panel, click the remove icon (
).
Adding directory users and groups
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
201
Adding directory users and groups
About this task
StoreOnce systems that are added to an Active Directory domain allow users or groups within the domain to log into the StoreOnce
system using their credentials. This is applicable to both Active Directory and LDAP/Secure LDAP users and groups.
NOTE:
Ensure that the directory server is connected to the StoreOnce system. You can add directory users and groups only
after a connection has been established.
Procedure
1. Adding a directory user
a. On the main menu, select Settings.
b. In the User Management section, click the Users and Groups panel and select Directory user.
c. On the Add User or Groups screen, specify the following:
Username: The username for a directory user. When adding a directory user to a StoreOnce, use the UPN (User Principal
Name) format. For example: johndoe@storeonce.com.
Directory: Select the directory from which the user will be added.
Role: Specify the role of the user. Options available are Administrator, Observer, Security Officer, Backup Admin, Backup
Operator.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
202
2. Adding a directory group
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
203
a. On the main menu, select Settings.
b. In the User Management section, click the Users and Groups panel.
c. On the Add User or Groups screen, specify the following:
Name (Group Distinguished Name): The group distinguished name for the directory group to be added. For example, a group
within a specific organization will be CN=MyGroup,OU=MyOrg,DC=storeonce,DC=com .
Directory: Select the directory from which the group will be added.
Role: Assigned role for the directory group. When applied, users under this directory group will be assigned the same role.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
204
3. Viewing Active Directory users and groups : To view the added directory users and groups, navigate to the Users and Groups panel
in the Settings page.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
205
Editing active directory users and groups
Procedure
1. On the main menu, select Settings.
2. In the User Management section, click the Users and Groups panel and select the directory user to be edited.
3. In the right hand column, edit the required fields and click OK.
NOTE:
Directory Users and Groups can only edit the directory role. You cannot edit the name of the directory to which the
user or group belongs to.
Deleting Active Directory users and groups
Procedure
1. On the main menu, select Settings.
2. In the User Management section, click the Users and Groups panel and select the directory user to be deleted.
3. In the right column, click Remove to remove the directory user.
NOTE:
If you are a currently logged in directory user, you will not be able to delete your own user within the Users and
Groups list.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
206
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
207
Logging in to StoreOnce system as a domain user
About this task
Directory users can log in to the StoreOnce system using their credentials if they have been added to the StoreOnce system or if they
are a member of a group that has been added. Navigate to the StoreOnce log in page and provide the credentials.
Procedure
1. User name : The user name of the directory user. The user name can be entered in one of the following formats:
Domain name or user name format. For example, storeonce\johndoe
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
208
User principal name or email address. For example, johndoe@storeonce.com
Username format. For example, johndoe
Full name format. For example, John Doe
2. Password: The password of the directory user.
3. Logging in to the StoreOnce system using Directory Server credentials : To log in to the StoreOnce system with the Directory server
credentials, the credentials must match the unique name of the directory server when it was originally added. For example, the
username of a directory server StoreOnceDirectoryServer with the username johndoe will be
StoreOnceDirectoryServer\johndoe .
Configuring password policies
Procedure
1. On the main menu, select Settings.
2. In the User Management section, click the Users and Groups panel.
3. On the Users and Groups screen, select Configure password policy on the Actions menu.
Security settings
Subtopics
Certificates
Key Manager
Login Banner
Sessions
Initialisation Console credentials
Data at Rest encryption guidelines
Certificates
The StoreOnce Management Console is accessed through the HTTPS protocol. HTTPS requires the exchange of an SSL (Secure Sockets
Layer) certificate to authenticate the connection between a web browser and the StoreOnce System.
By default, StoreOnce Systems return a generic certificate. The generic certificate is created when a StoreOnce System is deployed for
the first time. The generic certificate cannot be verified up to a trusted certificate authority, therefore it is not considered to be secure
by web browsers.
You can replace the generic security certificates with your own trusted certificates. Learn more: Replacing default certificates overview.
Subtopics
Certificate Authority (CA)
Viewing security certificates
Replacing default certificates - overview
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
209
Generating certificate signing requests (CSR)
Importing security certificates
Removing CA security certificates
Importing client CA certificate (License server or SMTP server)
Viewing client CA certificates
Removing Client CA security certificates
Certificate Authority (CA)
A certificate authority (CA) is a trusted organization that issues digital certificates that verify the ownership of a public encryption key.
Certificates that are signed by certificate authorities provide verification to devices, browsers, and websites that the certificate source
has been validated and can be trusted.
Viewing security certificates
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Certificates panel.
The Certificates screen is displayed.
The top portion of the Certificates screen shows the details of the current CA-signed server certificate for the StoreOnce
system.
The bottom portion of the screen shows the list of root and intermediate CA-signed certificates for the server certificate.
Learn more: Certificate Authority (CA).
3. To view the details of a root or intermediate CA-signed certificate, click its panel.
Replacing default certificates - overview
About this task
This overview describes how to replace the default security certificates on a StoreOnce System with certificates for your environment.
Procedure
Generate and submit a certificate signing request
1. On the StoreOnce Management Console for the StoreOnce System, generate a certificate signing request (CSR). For details, see
Generating certificate signing requests (CSR).
TIP: If your certificate authority (CA) does not require a certificate signing request, this step is not required. For
example, this step is not required if the certificate authority provides a private key.
2. In a separate application, submit the CSR to your certificate authority.
Receive and import the CA-signed certificates
3. In a separate application, receive the CA-signed certificates. Depending on the certificate authority, it might take several hours or
longer to receive the signed certificates.
At a minimum, the certificate authority response will include a root CA certificate and a CA-signed server certificate.
In some cases, the certificate authority response might also include a private key, intermediate CA certificates, or both.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
210
4. In a separate application, save the CA-signed certificate files to a location where you can copy them to your clipboard.
5. On the StoreOnce Management Console for the StoreOnce System, import the certificates. For details, see Importing security
certificates.
Generating certificate signing requests (CSR)
About this task
If your certificate authority does not require a CSR, this step is not required. For example, this step is not required if the certificate
authority provides a private key.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Certificates panel.
3. On the Certificates screen, select Generate CSR on the Actions menu (
4. On the Generate CSR dialog, click the edit icon (
).
).
5. On the Distinguished Name dialog, replace the default properties that were provided with the StoreOnce System with the
properties for your environment. Click OK. The screen returns to the Generate CSR dialog.
IMPORTANT: In a security certificate, the Subject Alternative Name must match the hostname of the system.
Otherwise, browsers will report that the host is not trusted.
In a security certificate, the Common Name, and Subject Alternative Name (if any), must match the host name of the
system. Otherwise, browsers will report that the host is not trusted.
6. On the Generate CSR dialog, a message warns that changing the Distinguished Name will cause the screen to refresh. This message
is an expected behavior. To apply the new properties, click Change.
7. To proceed to the Certificate Signing Request dialog, click Change.
8. On the Certificates screen, click the Actions menu and select Generate CSR.
9. On the Generate CSR dialog, click Generate.
10. On the Generate CSR dialog, click View Certificate Signing Request (CSR) .
11. On the Certificate Signing Request dialog, follow the onscreen instructions to copy the CSR text to your clipboard. Click OK.
TIP: Depending on your certificate authority, you might need to save the CSR text to a file. Or, you might paste it in
to another application.
12. In a separate application, submit the CSR to your certificate authority. When you receive the certificates, continue with the process.
See Replacing default certificates - overview.
Importing security certificates
Prerequisites
You have generated and submitted a certificate signing request for the StoreOnce System to your certificate authority.
You have received the root and any intermediate certificates from your certificate authority, as well as the CA-signed certificate for
the StoreOnce System. They are located where you can copy the certificate text to your clipboard.
If you received a private key, it is located where you can copy its text to your clipboard.
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
211
1. On the main menu of the StoreOnce System, select Settings, and then click the Certificates panel.
2. In the Security section, click the Certificates panel.
3. On the Certificates screen, select Import Certificates on the Actions menu.
4. Click Import Root and Intermediate Certificates .
a. In a separate application, locate your root and intermediate certificates. Copy one of them to your clipboard.
b. In the StoreOnce Management Console, paste the contents of the certificate in the text box. Click Import.
TIP: You can import only one certificate at a time. If you have more than one, repeat this step.
The certificate is added to the StoreOnce System and the Import Certificates dialog is redisplayed.
The CA Certificates panel on the Import Certificates dialog indicates that the number of certificates that have been imported. You
can click the information icon ( ) to see the list of imported certificates on the StoreOnce System.
5. If you received a private key from the certificate authority, click Private Key and then click Add Private Key.
a. In a separate application, locate the CA private key. Copy its contents to your clipboard.
b. In the StoreOnce Management Console, paste the contents of the CA private key in the text box.
c. If the CA private key is encrypted, enter its encryption password.
d. Click Add.
The private key is added and the Import Certificates dialog is redisplayed.
6. Click Import CA-signed Server Certificate
a. In a separate application, locate the CA-signed server certificate. Copy its contents to your clipboard.
b. In the StoreOnce Management Console, paste the contents of the CA-signed server certificate in the text box. Click Import.
IMPORTANT: HPE recommends that you close the browser session after clicking Import. Then start a new
browser session. Starting a new browser session is required for the new CA-signed server certificate to take
effect with the browser.
7. Import CA-signed Chain certificate
a. In a separate application, locate the CA-signed server certificate, root and intermediate keys.
b. Create a chain of certificates by copying all the above 3 keys one after the other. CA-signed certificate > root > intermediate.
c. In the StoreOnce Management Console, paste the content of the chain certificate in the text box.
d. Click Add.
The chain certificate is added and the Import Certificates dialog is redisplayed.
NOTE: You cannot remove the chain certificate.
Removing CA security certificates
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Certificates panel.
The Certificates screen shows the details of the security certificate for the StoreOnce system and a list of CA certificates.
Learn more: Certificate Authority (CA).
3. To remove a CA certificate, click its panel and then select Remove in the lower right corner of the dialog.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
212
Importing client CA certificate (License server or SMTP server)
Prerequisites
For License Management, you have an APLS (Licence Server) CA certificate.
For SMTP, you have a SMTP server CA certificate.
Procedure
1. On the main menu of the HPE StoreOnce System, select Settings, and click the Certificates panel.
2. In the Security section, click the Certificates panel.
3. On the Certificates screen, select Import Client CA Certificates on the Actions menu.
4. Click Import Root and Intermediate Certificates .
5. Copy the CA certificate to your clipboard.
6. In the StoreOnce Management Console, paste the contents of the certificate in the text box.
7. Click Import.
TIP: You can import only one certificate at a time. If you have more than one, repeat this step.
The certificate is added to the HPE StoreOnce System, and the Import Certificates dialog is redisplayed.
The Client CA Certificates panel on the Import Client Certificates dialog indicates the number of imported certificates. You can click
the information icon (i) to see the list of imported client certificates on the HPE StoreOnce System.
IMPORTANT: Hewlett Packard Enterprise recommends that you close the browser session after clicking Import. To
continue, start a new browser session.
Viewing client CA certificates
Procedure
1. On the HPE StoreOnce main menu, select Settings.
2. In the Security section, click the Certificates panel.
The Certificates screen is displayed.
The top portion of the Certificates screen shows the details of the current CA-signed server certificate for the StoreOnce system.
The bottom portion of the screen shows the list of root and intermediate CA-signed certificates for the server well as client CA
certificates.
To view the details of a root or intermediate CA-signed certificate, click the respective panel.
NOTE: See Certificate Authority for information about CA certificates.
Removing Client CA security certificates
Procedure
1. On the HPE StoreOnce main menu, select Settings.
2. In the Security section, click the Certificates panel.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
213
The Certificates screen shows the details of the security certificate for the HPE StoreOnce system, and a list of server and client CA
certificates.
NOTE: See Certificate Authority for information about CA certificates.
3. To remove a Client CA certificate, click its panel and then select Remove in the lower right corner of the dialog.
Key Manager
StoreOnce Systems can use the Local Key Manager (LKM) or External Key Manager (EKM) to manage keys for Data at Rest and Data in
Flight encryption. The Local Key Manager is the default key manager and is used unless a StoreOnce System has been configured to use
the External Key Manager.
StoreOnce Systems support the following external key manager products:
Micro Focus Enterprise Secure Key Manager (ESKM)
Gemalto SafeNet KeySecure
At any point in time, you can configure a StoreOnce System to use the Local Key Manager or the External Key Manager. However, the
two key managers cannot be used at the same time.
Best practices
Local Key Manager . When using the Local Key Manager, the local key store contains the encryption keys used for Data at Rest
Encryption or Data in Flight Encryption.
Hewlett Packard Enterprise recommends that you back up the local key store and save it securely off site in case the original key
store becomes corrupted.
Keep only the latest version of the key store after you create or delete an encrypted VT library, NAS share, StoreOnce Catalyst
store, or data in flight encryption link.
External Key Manager . When using the External Key Manager, the local key store contains only the credentials required to authenticate
with an external key manager product.
Hewlett Packard Enterprise recommends that you back up the local key store after the StoreOnce System has been successfully
configured to use an external key manager product.
All the encryption keys used for Data in Flight Encryption or Data at Rest Encryption are stored and managed by the external key
manager product.
Subtopics
Viewing the Key Manager mode
Backing up Key Manager configurations
Restoring Key Manager configurations
Enrolling with an External Key Manager
Generating External Key Manager certificate signing requests
Renewing External Key Manager certificates
Withdrawing from an External Key Manager
EKM enrollment common errors
Data in Flight encryption guidelines
Viewing the Key Manager mode
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
214
1. On the main menu, select Settings.
2. In the Security section, click the Key Manager panel.
The Key Manager screen is displayed.
The Overview panel shows the name of the Key Manager mode that is enabled.
If the External Key Manager mode is enabled:
The Overview panel displays the External Key Manager type and its IP address.
The Certificates panel lists the applicable security certificates for the External Key Manager.
3. To view the details of an External Key Manager certificate, click its panel.
Backing up Key Manager configurations
About this task
HPE strongly recommends making regular backups of the Key Manager on StoreOnce Systems. ​
Circumstances for making backups that deserve special attention include:
When the Local Key Manager mode is active and you have just created an encrypted StoreOnce VT library, NAS share, Catalyst
store, or Cloud Bank store.
After enrolling a StoreOnce System with an external key manager product. You will be asked to create a backup of the local key
manager. HPE strongly recommends that you retain a copy of the backup.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Key Manager panel.
3. On the Key Manager screen, select Backup on the Actions menu.
4. On the Backup dialog, enter and confirm the password that you want to use for the encrypted StoreOnce Key Manager file.
IMPORTANT: The Key Manager backup file is encrypted with the password that you enter. The Key Manager
backup can only be restored by providing that password.
Restoring Key Manager configurations
Prerequisites
You have access to the Key Manager backup file for the StoreOnce System and know its password.
About this task
This procedure is intended for the rare circumstances in which the Key Manager on a StoreOnce System must be restored.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Key Manager panel.
3. On the Key Manager screen, select Restore on the Actions menu.
4. On the Restore dialog, read the warning message. When ready, enter the password for the Key Manager configuration backup file.
5. Click the confirmation check box, and then click OK.
The Key Manager configuration is restored.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
215
Enrolling with an External Key Manager
Prerequisites
You are familiar with your External Key Manager and know your External Key Manager login user name and password.
About this task
This procedure describes how to enroll a StoreOnce System with an External Key Manager. Completing the procedure disables the
StoreOnce Local Key Manager mode and enables the External Key Manager mode.
Once a StoreOnce System is enrolled with an external key manager product, the encryption keys are migrated from the Local Key
Manager to the External Key Manager. The keys are no longer persisted on the StoreOnce System.
Procedure
Generate and submit an External Key Manager certificate signing request
1. On the StoreOnce Management Console for the StoreOnce System, generate an External Key Manager certificate signing request.
For details, see Generating External Key Manager certificate signing requests.
2. In the External Key Manager application, paste the EKM certificate signing request text in the relevant application screen.
Receive the External Key Manager signed certificate
3. In a separate application, receive the External Key Manager signed certificate.
Using the Enroll dialog
4. On the StoreOnce Management Console for the StoreOnce System, click Enroll. The Enroll dialog opens.
IMPORTANT: To complete the enrollment, you must make a backup copy of the Local Key Manager configuration.
The backup is required in case you have to withdraw from the External Key Manager at a later date.
5. On the Enroll dialog, click Backup the key manager configuration. The Backup dialog opens.
6. On the Backup dialog, enter the password that you want to use to encrypt the backup copy of the Local Key Manager configuration.
Click Backup. The Enroll dialog is redisplayed and shows that the backup action has been completed.
7. On the Enroll dialog, click Configure External Key Manager Server .
8. On the Configure External Key Manager Server dialog, provide the information for the External Key Manager. Click OK.
For ESKM, enter the IP addresses of the servers, the Certificate authority name, Port number, and ESKM EKM credentials.
For SafeNet, enter the IP addresses of the servers, the Port number, and the SafeNet EKM password.
The Enroll dialog is redisplayed and shows that the External Key Manager information has been entered.
9. In the External Key Manager application, copy the root CA certificate text to your clipboard.
10. On the Enroll dialog, click Import Root Certificate.
11. On the Import Root Certificate dialog, paste the certificate text in the text box. Click OK.
The Enroll dialog is redisplayed and shows that the root certificate has been staged for enrollment.
12. In the External Key Manager application, copy the signed certificate text to your clipboard.
13. On the Enroll dialog, click Import Signed Certificate.
14. On the Import Signed Certificate dialog, paste the certificate text in the text box. Click OK.
The Enroll dialog is redisplayed and shows that the signed certificate has been staged for enrollment.
15. To start the enrollment, click Enroll.
The enrollment can take several seconds.
When enrollment is completed, the Key Manager mode for the StoreOnce System is changed from Local Key Manager to
External Key Manager.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
216
Generating External Key Manager certificate signing requests
Prerequisites
You are familiar with your External Key Manager and know your External Key Manager login user name and password.
About this task
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Key Manager panel.
3. On the Key Manager screen, select Generate CSR on the Actions menu.
4. On the Generate CSR dialog, click Provide External Key Manager Credentials .
5. On the External Key Manager Credentials dialog, enter your External Key Manager login user name and password. Click OK.
The Generate CSR dialog is redisplayed and your External Key Manager user name is shown.
6. Click Generate.
The Signing Request dialog opens.
7. On the Signing Request dialog, follow the onscreen instructions to copy the External Key Manager signing request text to your
clipboard. Click OK.
8. In a separate application, submit the External Key Manager certificate signing request to your certificate authority. When you
receive the certificates, continue with the enrollment process. See Enrolling with an External Key Manager.
Renewing External Key Manager certificates
Prerequisites
The External Key Manager mode is currently enabled.
You are familiar with your External Key Manager and know your External Key Manager login password.
You have received new certificates. The certificates are located where you can copy the certificate text to your clipboard.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Key Manager panel.
3. On the Key Manager screen, select Renew Certificates on the Actions menu.
4. On the Renew dialog, click Configure Renew settings .
5. On the Renew Settings dialog, enter your External Key Manager login password. Click OK.
The Renew dialog is redisplayed and indicates that the settings are configured.
Import the root CA certificate
6. In a separate application, copy the root CA certificate text to your clipboard.
7. On the Renew dialog, click Import Root Certificate.
8. On the Import Root Certificate dialog, paste the certificate text in the text box. Click OK.
The Renew dialog is redisplayed and shows that the root certificate has been provided.
Import the signed certificate
9. In a separate application, copy the certificate text to your clipboard.
10. On the Renew dialog, click Import Signed Certificate.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
217
11. On the Import Signed Certificate dialog, paste the certificate contents in the text box. Click OK.
The Renew dialog is redisplayed and shows that the signed certificate has been staged provided.
12. To proceed with the renewal, click Renew.
The Key Manager screen is redisplayed. The new expiration dates for the certificates are shown on the Certificates panel.
Withdrawing from an External Key Manager
Prerequisites
The External Key Manager mode is currently enabled.
About this task
This procedure describes how to withdraw a StoreOnce System from an External Key Manager. Withdrawing from the External Key
Manager will return the StoreOnce System to Local Key Manager mode.
WARNING: Withdrawing from the External Key Manager mode can result in total data loss on the StoreOnce System.
When you withdraw the keys that are on the external key manager product are no longer available to the StoreOnce
System.
If you must withdraw, you can restore a copy of the local key manager that you backed up when enrolling with the
external key manager product. However, the backup will not contain any new keys that were generated when the
StoreOnce System was in External Key Manager mode.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Key Manager panel.
3. On the Key Manager screen, select Withdraw on the Actions menu.
4. On the Withdraw dialog, read warning message and carefully consider whether you want to proceed. To proceed, click the
confirmation check box.
5. Enter your StoreOnce login password and then click Withdraw.
Withdrawal is completed. The Key Manager screen indicates that the Local Key Manager mode is re-enabled.
EKM enrollment common errors
Overview
Most errors during an EKM enrollment will require that you use the Withdraw action and restart the enrollment.
When you withdraw from an external key manager, you must restore the Local Key Manager key store that you backed up when
you started the enrollment.
Possible enrollment errors
Failed to communicate with the external key manager. The user credentials are incorrect, or the wrong certificates were uploaded.
This error is the most common type.
User or group already exists . A user or group exists on the external key manager that is identical to the user and group for the
enrollment.
The duplicate user or group was created during a previous enrollment attempt. These accounts are not automatically deleted on
the external key manager. Manually delete the accounts.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
218
Data in Flight encryption guidelines
General
The encryption is software-based and is a licensed feature of StoreOnce Systems.
It is supported for low-bandwidth replication and low-bandwidth copy jobs.
Is not recommended for backup up jobs due to performance.
Is compatible with Gen4 StoreOnce Systems.
StoreOnce Data Services have no visibility of Data in Flight encryption.
Does not support certificate-based authentication.
Is not applicable to Fibre Channel traffic.
Networking detail
You can set up multiple encrypted links for each subnet to allow connectivity to multiple client systems.
IMPORTANT:
Data in Flight encryption is:
Not supported for IPv6 subnets.
Not supported for direct backup operations to StoreOnce Systems over a local network. This support consideration
is due to the performance impacts of encryption.
Intended to secure network links between data centers for StoreOnce VT library or NAS replication, or for lowbandwidth StoreOnce Catalyst copy operations.
A single encryption link allows a specific client IP address to have a secure connection with all nodes and IP addresses configured by the
subnet. Each encryption link applies to:
All IP addresses in the subnet of the specific network addressing mode (IPv4) including both VIF and physical address, if
appropriate.
All nodes in the cluster.
The following Data In Flight encryption guidelines apply:
Configure the StoreOnce systems and client computer with an equivalent configuration and use the same passphrase.
There is no limit to the number of encryption links per subnet.
If using IPv4, configurations for encryption links are possible and auto detected based on the IP address format used for the clientside IP.
You should not configure encryption links between DHCP assigned IP addresses. IPsec protection relies on the IP addresses not
changing. Use statically assigned IP addresses.
You can create and delete encryption links, but you cannot modify them. To change the passphrase used for a link, delete and
recreate that link with the new passphrase.
You must have an active security pack license on the StoreOnce System to create encryption links.
If no license was applied or the license has expired, the encryption link section of the StoreOnce Management Console will show a
warning. In this case, you cannot create encryption links. However, you can delete encryption links that were created before the
security pack license expired.
Login Banner
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
219
Subtopics
Enabling and disabling StoreOnce login banners
Enabling and disabling StoreOnce login banners
About this task
Administrators can enable and disable an informational banner that is displayed on the StoreOnce Management Console login screen.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Login Banner panel.
Sessions
Subtopics
Viewing sessions
Configuring session timeout policy
Viewing sessions
About this task
You can view a list of open user sessions. The user name, IP address, and date and time when the login was initiated are shown.
TIP: Users with the Administrator role can force close any of the open sessions in the list.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Sessions panel.
The Sessions screen shows a list of active sessions.
Configuring session timeout policy
About this task
You can configure the user session timeout policy for the StoreOnce System. Open sessions are automatically logged out after the
timeout period is reached.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Sessions panel.
3. On the Sessions screen, click the tools icon (
).
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
220
Initialisation Console credentials
Subtopics
Initialisation Console user name and password
Changing the Initialisation Console user password
Initialisation Console user name and password
The StoreOnce Initialisation Console user name and password are used to log in to a StoreOnce Initialisation Console through a login
prompt.
Typical Initialisation Console user login methods are:
For more information about the Initialisation Console, see the HPE StoreOnce 3660, 5260 and 5660 Systems Installation Guide .
Depending on the login connection method, a StoreOnce Initialisation Console user can:
Reset the StoreOnce administrator user ( Admin) password.
Generate a StoreOnce support login challenge for support access.
View or change the StoreOnce System IP address.
Change the StoreOnce Initialisation Console user password.
Initial setting
The StoreOnce Initialisation Console user name is console. The Initialisation Console user name cannot be changed.
The Initialisation Console default password is changeme. During the first login to a StoreOnce System, an administrator must change
the Initialisation Console user password. The change is required on first login when using a login prompt, or using the First Time Setup
wizard.
The Initialisation Console user password can be also changed after the first login. Learn more: Changing the Initialisation Console user
password.
Changing the Initialisation Console user password
About this task
You can change the Initialisation Console user password for a StoreOnce System. Learn more: Initialisation Console user name and
password.
You can change the password from within the Initialisation Console or from the StoreOnce Management Console. The following
procedure is for the StoreOnce Management Console.
Procedure
1. On the main menu, select Settings.
2. In the Security section, click the Console Password panel.
Data at Rest encryption guidelines
Data at Rest encryption ensures that data cannot be accessed on stolen, discarded, or replaced disks. It is not intended to protect a
running StoreOnce System from being attacked.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
221
General
The encryption is software-based and is a licensed feature of StoreOnce Systems.
Data at Rest encryption can be applied to VT libraries, NAS shares, and StoreOnce Catalyst stores. You must enable Data at Rest
encryption when creating the VT library, NAS share, or StoreOnce Catalyst store. The encryption cannot be enabled after creation
of the device.
Data is encrypted post-deduplication. Encryption has no impact on the deduplication ratio.
Data is unencrypted as it is read from disk for restore, replication, and copy jobs.
Detail
The encryption algorithm is AES-256.
A key obtained from the StoreOnce Key Manager is used for key wrapping keys (KEK) and data encryption keys (DEK).
The wrapped DEK is persisted on the StoreOnce System.
If a StoreOnce system is configured to use an external key manager, the KEK is not persisted within the StoreOnce system.
Support settings
Subtopics
Remote Support
Log Collection
Temporary support passwords
Remote Support
If Remote Support is enabled, your StoreOnce System automatically contacts Hewlett Packard Enterprise if issues arise, such as a
hardware component failure.
Also, Remote Support sends telemetry information to Hewlett Packard Enterprise. You can view this information on the HPE InfoSight
website at https://infosight.hpe.com.
Subtopics
Configuring remote support
Sending test events
Hardware Events Filter
Filtered Hardware Events
Software events
Configuring remote support
About this task
The Remote Support screen allows you to view the level of remote support with HPE.
Remote support can be enabled and disabled. Remote support is disabled by default. You can configure the remote support level, proxy
server, site information, and customer information.
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x 222
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Remote Support panel.
The Remote Support screen opens. A status bar near the top of the screen indicates whether remote support is enabled or disabled.
Remote support is disabled by default.
3. To enable or disable remote support, click Configure remote support on the Actions menu. The Configure Remote Support dialog
opens.
a. To enable or disable remote support, click the edit icon (
) on the General panel. The Remote Support Options dialog opens.
b. To enable remote support, click Send support data to HPE. To disable remote support, click No support.
c. If you chose to enable remote support, HPE recommends that you also select Allow HPE and partners to contact me.
d. You can also click Advanced options to see the URL of the Enterprise server that receives event messages. You do not need to
change the URL.
e. When you have completed your choices, click OK. The dialog closes and the Configure Remote Support dialog is redisplayed.
Your choice for remote support level is shown. If you have chosen to enable remote support, the Proxy panel is displayed.
4. On the Proxy panel, click Configure Remote Support Proxy . The Proxy dialog opens.
a. To specify a proxy server, click the Proxy Required toggle and enter:
IP address. The IP address of the proxy server that connects to the Internet.
Port. The port used by the proxy server.
b. To specify authentication (if required), click the Proxy server authentication toggle, and then enter Username and Password to
log in to the proxy server.
c. Click OK. The dialog closes and the Configure Remote Support dialog is redisplayed. Your entries for the proxy are shown.
NOTE: StoreOnce software versions 4.3.0 and above provide proxy support over HTTPS.
5. Click Enter Site Information. The Site Information dialog opens. Enter your site information. Click OK. The dialog closes and the
Configure Remote Support dialog is redisplayed. Your entries for site information are shown.
6. Click Enter Customer Information. The Customer Information dialog opens. Enter your customer information. Click OK. The dialog
closes and the Configure Remote Support dialog is redisplayed. Your entries for site information are shown.
7. Click Update. The Remote Support screen is redisplayed with the new Remote Support Configuration.
Sending test events
About this task
You can send a test event to verify Remote Support connectivity to HPE.
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Remote Support panel.
3. On the Remote Support screen, click Send test event on the Actions menu.
Hardware Events Filter
For systems running StoreOnce Gen 4 software which is registered with Remote Support, only a select portion of hardware events will
be sent through to create Remote Support cases.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
223
This change was made to provide a filter for hardware events on StoreOnce which are self-repairing or do not impact production.
Many hardware events are self-repairing and will regulate themselves using auto-repair. These events do not require any support
action.
The hardware events filter provides a significant reduction in repetitive contact for hardware events that do not require any support
action. This reduction in repetitive contact reduces the need for unnecessary administration or management actions by the customer.
Filtered Hardware Events
Drives
Event Name
Event Code
Event Description
Event Resolution
DRIVE_STATUS_UNKNOWN
E0703000001
The drive status cannot If the condition persists,
be determined.
contact technical
support for further
assistance.
DRIVE_FAILED
E0703000002
The drive has failed.
DRIVE_DEGRADED
E0703000003
The drive is degraded, Please wait for all drive
possibly due to a rebuild and volume rebuilds to
in progress.
complete. If the
condition persists,
contact technical
support for further
assistance.
DRIVE_MISSING
E0703000004
The drive is missing or
has failed.
Reseat the drive. If
reseating the drive does
not resolve the issue,
replace the drive. Please
ensure you obtain a
drive in the {0} drive
carrier.
DRIVE_TEMP_NON_CRITICAL_THRESHOLD_REACHED E0703000006
The drive temperature
has exceeded the noncritical threshold.
Ensure the enclosure is
properly cooled, and
check the enclosure fans.
Ensure the ambient
temperature of the
system location is no
greater than 35C. If it is
not an environmental
issue, contact technical
support for further
assistance.
Reseat the drive. If
reseating the drive does
not resolve the issue,
replace the drive. Please
ensure you obtain a
drive in the {0} drive
carrier.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
224
Event Name
Event Code
Event Description
Event Resolution
DRIVE_TEMP_CRITICAL_THRESHOLD_REACHED
E0703000007
The drive temperature
has exceeded the
danger threshold.
Ensure the enclosure is
properly cooled, and
check the enclosure fans.
Ensure the ambient
temperature of the
system location is no
greater than 35C. If it is
not an environmental
issue, contact technical
support for further
assistance.
DRIVE_PATH_FAILED
E0703001004
One or more drive paths Check the cabling to the
have failed.
enclosure. If the cabling
is OK then reseat the
drive.
DRIVE_NO_REMOTE_PATH
E0703001005
The drive is not
accessible from the
other controller.
Check the cabling to the
enclosure. If the cabling
is OK then reseat the
drive.
DRIVE_MAX_ENDURANCE_MET
E0703001006
This solid state drive
has exceeded its I/O
endurance limit.
Replace the drive as
soon as possible. Please
ensure you obtain a
drive in the {0} drive
carrier.
DRIVE_PREVIOUSLY_OVERHEATED
E0703001007
The drive has previously Ensure that the
overheated.
enclosure is properly
cooled and check the
enclosure fans.
DRIVE_STRESSED
E0700001009
The drive is stressed.
If the condition persists,
contact technical
support for further
assistance.
DRIVE_PREDICTIVE_FAILURE
E070300100A
The drive is reporting a
S.M.A.R.T Predictive
Failure.
Wait for volume rebuilds
to complete, then replace
the drive. Please ensure
you obtain a drive in the
{0} drive carrier.
DRIVE_UNSUPPORTED_DEVICE
E070300100B
This drive is not
supported by this
configuration.
Replace the drive. Please
ensure you obtain a
drive in the {0} drive
carrier.
DRIVE_COMMAND_TIMEOUT
E070300100C
This drive is marked as
failed due to too many
SCSI timeouts.
Reseat the drive. If the
condition persists,
contact technical
support for further
assistance.
DRIVE_ABORTED_COMMAND
E070300100D
This drive is marked as
failed due to too many
SCSI command aborts or
transport errors.
Reseat the drive. If the
condition persists,
contact technical
support for further
assistance.
DRIVE_NOT_READY
E070300100E
The drive is marked as
failed due to a Not
Ready Condition that
cannot be cleared.
Reseat the drive. If the
condition persists,
replace the drive. Please
ensure you obtain a
drive in the {0} drive
carrier.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
225
Event Name
Event Code
Event Description
Event Resolution
DRIVE_MEDIUM_ERROR
E070300100F
Drive health has
degraded.
Replace the drive as
soon as possible. Please
ensure you obtain a
drive in the {0} drive
carrier.
DRIVE_HARDWARE_ERROR
E0703001010
The drive is marked as
failed due to a drive
hardware error.
Reseat the drive. If the
condition persists,
contact technical
support for further
assistance.
DRIVE_HOT_REMOVED
E0703001018
The drive has been hot
removed.
Replace the drive. Please
ensure you obtain a
drive in the {0} drive
carrier.
DRIVE_OLD_VOLUME_METADATA
E0703001020
The drive contains old
Use the GUI interface or
volume metadata and is run the hpsp_spt utility
not in a usable state.
using the --addSpare
command and the --force
option to clear the
metadata and return the
drive to a usable state.
DRIVE_SPARE_UNAVAILABLE_CONSUMED_REBUILD
E070300102E
Because the drive is the
target of a rebuild
operation, it is no longer
considered an available
spare for other drives.
Replace all failed or
missing drives and wait
for the ensuing rebuilds
to complete to ensure
adequate availability of
spares.
DRIVE_SMART_CARRIER_COMMUNICATION_ERROR
E0703001030
The drive is degraded
because the controller
was unable to
communicate with the
drive's Smart Drive
Carrier.
Replace the drive as
soon as possible. Please
ensure you obtain a
drive in the {0} drive
carrier. If the issue
persists, replace the
drive backplane.
DRIVE_FW_FLASH_FAILED
E0703001031
The controller
attempted to flash this
hard drive firmware on
boot, but the flash
failed.
Please attempt the
firmware flash again. If
the condition persists,
contact technical
support for further
assistance.
Drive Enclosure
Event Name
Event Code
Event Description
Event Resolution
DRIVE_ENCLOSURE_STATUS_UNKNOWN E0704000001
The drive enclosure status
cannot be determined.
If the condition persists,
contact technical support for
further assistance.
DRIVE_ENCLOSURE_FAILED
The drive enclosure has
failed.
Check the connections to the
drive enclosure. If the
condition persists, replace
the drive enclosure.
E0704000002
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
226
Event Name
Event Code
Event Description
Event Resolution
DRIVE_ENCLOSURE_MISSING
E0704000004
The drive enclosure is
missing, failed or has lost
power.
Check the connections to the
drive enclosure and that the
drive enclosure is powered
on. This could also indicate a
problem with an IO module, a
damaged IO module
connector, or an issue with
the controller firmware.
DRIVE_ENCLOSURE_TWARN
E0704000006
The enclosure temperature Ensure that enclosure is
has exceeded the non-critical properly cooled, and check
threshold.
the enclosure fans.
DRIVE_ENCLOSURE_TDANGER
E0704000007
The enclosure temperature
has exceeded the danger
threshold.
Ensure that enclosure is
properly cooled, and check
the enclosure fans.
DRIVE_ENCLOSURE_CONFIG_ERROR
E0704000008
The drive enclosure has a
configuration error.
Check the cabling and ensure
the configuration is correct.
Storage Volumes
Event Name
Event Code
Event Description
Event Resolution
VOLUME_FAILED
E0717000002
The volume has failed due to
more drive failures than the
RAID level can tolerate.
Contact technical support for
further assistance.
VOLUME_MISSING
E0717000004
The volume is missing or has
failed.
Check the configuration of the
volume. If the condition
persists, recreate the volume.
If the volume has been deleted
intentionally, you will need to
restart the monitoring service
to clear this indication.
VOLUME_SPARE_RATIO_WARN
E0717001001
Due to the use, removal, or
failure of a spare drive, the
spare ratio for the volume is
now inadequate.
Replace all failed or missing
drives to ensure adequate
availability of spares. If any
volumes are rebuilding, wait
for these rebuilds to complete
for the spare ratio to be
updated.
VOLUME_LOST_PATH_REDUNDANCY E071700100A
One or more of the drives in
this volume has lost a
redundant path.
Verify that the enclosure that
contains the affected drives
has redundant paths. If the
enclosure is OK, make sure
that the affected drives are
properly seated.
VOLUME_NO_SPARE_FOR_REBUILD
E071700100D
Reconstruction of this volume Immediately replace all failed
cannot start because there
or missing drives.
aren't any spare drives
available to the volume.
VOLUME_SPARE_RATIO_CRIT
E0717001002
Due to the use, removal, or
failure of a spare drive, there
are no longer any spare drives
available to the volume.
Immediately replace all failed
or missing drives to ensure
adequate availability of
spares.
Storage Cluster
Event Name
Event Code
Event Description
Event Resolution
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
227
Event Name
Event Code
Event Description
Event Resolution
STORAGE_CLUSTER_STATUS_UNKNOWN E071B000001
The storage cluster status
cannot be determined.
If the condition persists,
contact technical support for
further assistance.
STORAGE_CLUSTER_FAILED
E071B000002
The storage cluster has
failed.
Check the status of the
components of the storage
cluster.
STORAGE_CLUSTER_DEGRADED
E071B000003
The storage cluster is
operating in a degraded
state but all of its
components are OK.
Log into the storage array
management utility and
check the status of its
components and its event
log.
STORAGE_CLUSTER_MISSING
E071B000004
The storage cluster is
missing or has failed.
Verify that the storage
controllers are operational.
Check the connections to all
controllers and drive
enclosures in the cluster.
Verify that the drive
enclosures are powered on. If
the condition persists,
contact technical support for
further assistance.
STORAGE_CLUSTER_TWARN
E071B001007
A drive enclosure
temperature has exceeded
the non-critical threshold.
Verify that the system is
adequately ventilated. Check
for proper room temperature
and internal and external
airflow. Add or repair fans
and air baffling if necessary.
STORAGE_CLUSTER_TDANGER
E071B001008
A drive enclosure
temperature has exceeded
the danger threshold.
Verify that the system is
adequately ventilated. Check
for proper room temperature
and internal and external
airflow. Add or repair fans
and air baffling if necessary.
Storage Controller
Event Name
Event Code
Event Description
Event Resolution
CONTROLLER_STATUS_UNKNOWN
E0714000001
The controller status
cannot be determined.
If the condition persists,
contact technical support
for further assistance
CONTROLLER_FAILED
E0714000002
The controller has failed.
Reboot the server and
replace controller if this
does not resolve the issue.
CONTROLLER_DEGRADED
E0714000003
The controller is degraded If the condition persists,
for some unknown reason. contact technical support
for further assistance.
CONTROLLER_FW_UPGRADE
E0714000016
The storage controller
firmware needs to be
upgraded.
Perform a firmware update
using the integrated
firmware management
capability.
CONTROLLER_FW_DOWNGRADE
E0714000017
The storage controller
needs to be downgraded.
Perform a firmware update
using the integrated
firmware management
capability.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
228
Event Name
Event Code
Event Description
Event Resolution
CONTROLLER_FW_MANDATORY_UPGRADE
E071400001B
The storage controller
firmware needs to be
upgraded. Data
unavailability, loss, or
corruption may occur.
Perform a firmware update
using the integrated
firmware management
capability as soon as
possible
CONTROLLER_FW_MANDATORY_DOWNGRADE E071400001C
The storage controller
firmware needs to be
downgraded. Data
unavailability, loss, or
corruption may occur.
Perform a firmware update
using the integrated
firmware management
capability as soon as
possible.
Fibre Channel (HBA)
Event Name
Event Code
Event Description
Event Resolution
HBA_STATUS_UNKNOWN
E0706000001
The HBA status cannot be
determined.
If the condition persists, contact
technical support for further
assistance.
HBA_FAILED
E0706000002
The HBA has failed.
Reseat the HBA. If the condition
persists, replace the HBA.
HBA_DEGRADED
E0706000003
The HBA is in a degraded state. Check all the HBA cable
connections.
HBA_MISSING
E0706000004
The HBA is missing or failed.
Reseat the HBA. If the condition
persists, replace the HBA.
HBA_FW_DUMP_OCCURRED
E0706001001
An HBA firmware dump has
been generated.
If the condition persists, contact
technical support for further
assistance.
HBA_DRIVER_MISSING
E0706001000
The HBA driver is missing.
If the condition persists, contact
technical support for further
assistance.
iLO (Integrated Lights-Out)
Event Name
Event Code
Event Description
Event Resolution
ILO_MODULE_OFFLINE
E070700000B
The iLO is offline. This may
prevent HA failover from
working.
Check the network interface
configuration.
The iLO module status cannot
be determined.
If the condition persists,
contact technical support for
further assistance.
ILO_MODULE_STATUS_UNKNOWN E0707000001
Memory DIMMs
Event Name
Event Code
Event Desription
Event Resolution
MEMORY_DIMM_STATUS_UNKNOWN E070B000001
The memory DIMM status
cannot be determined.
If the condition persists,
contact technical support for
further assistance.
MEMORY_DIMM_FAILED
E070B000002
The memory DIMM has failed. Reseat the memory DIMM. If
the condition persists, replace
the memory DIMM.
MEMORY_DIMM_DEGRADED
E070B000003
The memory DIMM is
degraded.
Reseat the memory DIMM. If
the condition persists, replace
the memory DIMM.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
229
Event Name
Event Code
Event Desription
Event Resolution
MEMORY_DIMM_MISSING
E070B000004
The memory DIMM is missing
or has failed.
Verify the DIMMs are in their
proper location. Reseat the
missing memory DIMM. If the
condition persists, replace the
memory DIMM.
Network Ports
Event Name
Event Code
Event Description
Event Resolution
PORT_STATUS_UNKNOWN
E070E000001
The port status cannot be
determined.
If the condition persists, contact
technical support for further
assistance.
PORT_MISSING
E070E000004
The port is missing or has failed. Check the connections to the
port. If the condition persists,
replace the parent component
Event Name
Event Code
Event Description
Event Resolution
SERVER_FAILED
E0711000002
The server has failed.
Check the status of the server
components.
SERVER_DEGRADED
E0711000003
The server is operating in a
degraded state.
Check the status of all
subcomponents to determine
the source of the problem.
SERVER_TWARN
E0711000006
The server temperature has
Ensure the enclosure is properly
exceeded the warning threshold. cooled, and check the enclosure
fans.
Server Events
Server BIOS
Event Name
Event Code
Event Description
Event Resolution
SERVER_BIOS_MANDATORY_UPGRADE
E071100001B
The server BIOS needs to be Perform a firmware update
upgraded. Server
using the integrated
unavailability may occur.
firmware management
capability as soon as
possible.
SERVER_BIOS_MANDATORY_DOWNGRADE E071100001C
The server BIOS needs to be Perform a firmware update
downgraded. Server
using the integrated
unavailability may occur.
firmware management
capability as soon as
possible.
IO Cache Module
Event Name
Event Code
Event Description
Event Resolution
IO_CACHE_MODULE_STATUS_UNKNOWN
E0708000001
The IO cache module
status cannot be
determined.
If the condition persists,
contact technical support
for further assistance.
IO_CACHE_MODULE_FAILED
E0708000002
The IO cache module has Reseat the IO cache
failed.
module. If reseating the
module does not resolve
the issue, replace the
module.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
230
Event Name
Event Code
Event Description
Event Resolution
IO_CACHE_MODULE_CACHE_DISABLED
E0708000003
Write caching using the
IO cache module has been
temporarily disabled.
This will cause degraded
performance.
Check the
battery/supercap status
and if applicable the
partner controller
battery/supercap status. If
the battery/supercap
statuses are good, contact
technical support for
further assistance.
IO_CACHE_MODULE_MISSING
E0708000004
The IO cache module is
missing or has failed.
Reseat the IO cache
module. If reseating the
module does not resolve
the issue, replace the
module
IO_CACHE_MODULE_FLASH_BACKUP_FAILED
E0708001001
The cache backup to flash If the battery/supercap has
failed after the last power failed, replace it. If the
failure.
battery/supercap is OK,
replace the IO cache
module.
IO_CACHE_MODULE_POSSIBLE_DATA_LOSS
E0708001003
It is possible that data
loss has occurred.
Review any associated
cache failure events to
determine what action is
necessary.
IO_CACHE_MODULE_CHARGING_CIRCUIT_FAILED E0708001005
The IO cache module
charging circuit has
failed.
Replace the IO cache
module.
IO_MODULE_DEGRADED_EXP_PORTS
One or more IO module
expander ports are
operating in a degraded
state.
There is a SAS
Communication Error
involving this IO Module.
Make sure that all SAS
cables are seated in their
connectors. If the problem
persists, one or more of the
cables may need to be
replaced. If the problem is
still not corrected, the IO
Module or a component
connected to it will need to
be reseated. If the
condition persists, contact
technical support for
further assistance.
E0709001001
Smart Array Controller
Event Name
Event Code
Event Description
Event Resolution
BATTERY_CHARGE_LOW
E0700001000
The battery charge for the
Smart Array Controller is
low.
The condition may resolve
itself. If the issue persists,
replace the battery.
SUPER_CAPACITOR_STATUS_UNKNOWN E071C000001
The supercap status cannot
be determined.
If the condition persists,
contact technical support for
further assistance.
SUPER_CAPACITOR_FAILED
E071C000002
The supercap has failed.
Replace the supercap.
SUPER_CAPACITOR_DEGRADED
E071C000003
The supercap is operating in The condition may resolve
a degraded state.
itself. If the issue persists,
replace the supercap.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
231
Event Name
Event Code
Event Description
Event Resolution
MGMT_PROCESSOR_NOT_ACCESSIBLE
E071D001000
The management processor
is not accessible.
Verify the credentials for the
management processor are
correct and the management
processor is responsive.
Check the IP address
assigned to the management
processor and check the
network cable.
MANAGED_CABLE_MISSING
E0725000004
The managed cable is
missing or has failed.
Reseat the cable. If the
condition persists, replace
the cable.
Software events
Table 1. System Configuration
Event Name
Event Code
pconfig.config.auto.backup.failed E033C000001
Event Description
Event Resolution
Automatic backup of the system If remote support is enabled, no
configuration failed.
further action is required as a
support case will be
automatically generated.
Otherwise, contact technical
support for further assistance.
Table 2. Storage Error
Event Name
Event Code
Event Description
Event Resolution
storage-event-fsckerrordetected
E0343000019
A storage error has been
detected. Data services will be
stopped to attempt to resolve
this issue. Contact technical
support.
A storage error has been
detected; the system will
automatically try to resolve this
issue. Data services will be
offline to preserve data
integrity, no backup/restore will
be permitted at this time. Make
sure there are no hardware
issues reported on the system.
Contact technical support for
further assistance.
storage-event-volfaileddetected
E034300001E
Data Storage has failed. Data
services will be stopped.
Contact technical support.
Data Storage has failed. Contact
technical support for further
assistance.
storage-event-volofflinedetected
E034300001F
Data storage has gone offline.
Data services will be stopped.
Contact technical support.
Data Storage has gone offline.
Resolve any hardware or
storage connectivity issues and
restart system. Contact
technical support for further
assistance.
storage-event-fsck-failed
E034300001B
The attempt to resolve storage
errors has failed due to internal
issues. Contact technical
support.
The storage errors detected
cannot be resolved due to
internal errors. Data services will
be offline to preserve data
integrity, no backup/restore will
be permitted at this time.
Contact technical support to
resolve this issue.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
232
Event Name
Event Code
Event Description
Event Resolution
storage-event-systemthreshold-alert
E034300000B
System storage alert threshold
reached. Storage {0}% full.
Add more storage.
Table 3. VTL
Event Name
Event Code
Event Description
Event Resolution
MSG_FAILED_TO_ADD_DRIVE
E084400008C
Failed to add drive to library
LIB{0} ({1})
Drive addition failed. Please
try again. If the error persists,
please contact support.
MSG_FAILED_TO_REMOVE_DRIVE
E084400008D
Failed to remove drive DRV{0} Drive removal failed. Please try
(SN - {1}) from library LIB{2} again. If the error persists,
({3})
please contact support.
MSG_FAILED_TO_MODIFY_DRIVE
E084400008E
Failed to modify drive DRV{0} Drive modification failed.
(SN - {1}) in library LIB{2}
Please try again. If the error
({3})
persists, please contact
support.
MSG_FAILED_TO_MODIFY_LIBRARY E084400008F
Failed to modify library LIB{0} Library modification failed.
({1})
Please try again. If the error
persists, please contact
support.
Table 4. NAS
Event Name
Event Code
Event Description
Event Resolution
MSG_NAS_DFS_ENTRY_CRC_CORRECTION_FAILED
E083D000020
DFS Entry CRC
correction failed,
ShareIndex {0},
EntryID {1}
Auto-correction of file
meta-data failed,
please contact support.
MSG_NAS_DFS_ENTRY_LINKS_CRC_CORRECTION_FAILED E083D000021
DFS Entry Links CRC
correction failed,
ShareIndex {0},
EntryID {1}
Auto-correction of file
meta-data failed,
please contact support.
MSG_NAS_DFS_META_DATA_FILE_RESTORE_FAILED
Restore from shadow
DFS meta-data file
failed, ShareIndex {0}
Recovery of backup
meta-data failed, share
may not be accessible,
please contact support.
E083D000025
Table 5. Licenses
Event Name
Event Code
Event Description
Event Resolution
licenseEventType.ongrace
E0833000056
The license server is offline and
one or more licenses are in the
grace period. Check your license
server
This client is unable to contact
the license server to renew the
license lease. Ensure the server
is online and the network
connection is working.
Table 6. Store Integrity Event
Event Name
Event Code
Event Description
Event Resolution
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
233
Event Name
Event Code
Event Description
Event Resolution
MSG_SMM_STORE_INTEGRITY_EVENT_JOBID_ERROR
E0805000029
An error has been
detected during space
reclamation of
reclamation job {0} in
{1}. Disk space
associated with this
reclamation job will not
be reclaimed.
You can continue using
the store. Contact HPE
Support for further
investigation and to
manually reclaim the
space associated with
the quarantined
reclamation jobs.
MSG_SMM_STORE_INTEGRITY_EVENT_NOJOBID_ERROR E0805000031
An error has been
detected during space
reclamation in {0}. Disk
space associated with
this reclamation job will
not be reclaimed.
You can continue using
the store. Contact HPE
Support for further
investigation and to
manually reclaim the
space associated with
the quarantined
reclamation jobs
Table 7. Secure Boot and TPM
Event Name
Event Code
Event Description
Event Resolution
secureboot.status.disabled
E0300000034
Secure Boot is disabled or
cannot be determined
Please contact HPE support
tpm.status.unsupported.version E0300000036
TPM version is unsupported.
Please contact HPE support to
update TPM firmware
tpm.status.ownership.failed
E0300000037
TPM version is enabled but
failed to initialize.
Please contact HPE support to
initialize TPM
tpm.status.degraded
E0300000038
TPM is missing or configuration Please contact HPE support to
failed.
initialize TPM
Log Collection
Hewlett Packard Enterprise Support will ask customers to upload support tickets to an FTP site to aid diagnosis of issues a customer
may be experiencing. Information about support tickets that have been generated is displayed on the Log Collection page.
There are three types of Log Collections that can be generated:
Comprehensive - Comprehensive log collection contains all the logs from the system, as well as the output of certain commands that are
required for debugging.
Slim - Slim log collection contains a subset of the logs from the Comprehensive ticket. It is typically used by Hewlett Packard Enterprise
Support to obtain an overview of all the components in the system.
Usage - Usage log collection contains log files that display statistics about recent system activity. It is typically used by Hewlett Packard
Enterprise Support to obtain an overview of system activity within the last 24 hours.
Subtopics
Viewing log collections
Generating, downloading, and removing log collections
Viewing log collections
Procedure
1. On the main menu, select Settings.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
234
2. In the Support section, click the Log Collection panel.
The Log Collection screen shows a list of log collections.
3. To view an individual log collection, click its panel.
Generating, downloading, and removing log collections
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Log Collection panel.
3. On the Log Collection screen, do one of the following:
To generate a log collection, click the plus icon (+).
To download or remove a log collection, click its download (
) or remove (
) icon.
NOTE:
You can generate log collection for any Federation member StoreOnce System from the Federation Lead. However,
to download the logs, you must download those logs from the Settings > Support > Log Collection panel as
described.
Temporary support passwords
The industry-wide use of static vendor-only support user passwords is not advised in security- and compliance-aware sites. Temporary
support passwords functionality replaces those types of passwords in StoreOnce systems.
There are two types of temporary support passwords:
Time-based passwords
Encrypted ciphertext passwords
Time-based passwords
Time-based passwords are unique to each support user account and StoreOnce system.
The passwords change each hour and can only be generated in the HPE support center to authorized HPE employees and contractors.
While operating in time-based mode, passwords cannot be changed since they change automatically each hour. If you chose time-based
passwords, you do not need to change your HPE support processes. Service personnel from HPE can acquire the password when needed
without customer interaction.
Encrypted ciphertext passwords
Encrypted ciphertext passwords are randomly created on the StoreOnce system for each support user account.
You can change these passwords any time. However, the passwords are not known to you or to HPE. Recovery is only possible by
exporting the ciphertext for transmission to HPE. An HPE authorized support center user can decrypt the ciphertext to provide the
password to onsite HPE service personnel or contractors.
If you choose encrypted ciphertext passwords, you must export the ciphertext and provide it to the HPE personnel working with you.
The ciphertext is pasted into a tool at HPE that can unwrap and decrypt the ciphertext to recover the password.
After the support activity is complete, you can change the password so that the recovered password is no longer valid.
Subtopics
Viewing the temporary support password mode
Changing the temporary support password mode
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
235
Exporting temporary support password ciphertext
Changing temporary support password ciphertext
Viewing the temporary support password mode
About this task
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Temporary Support Password panel.
3. The Temporary Support Password screen indicates the temporary support password mode, time, or ciphertext .
Changing the temporary support password mode
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Temporary Support Password panel.
3. On the Temporary Support Password screen, click Set mode.The Set mode dialog opens.
4. Select the mode ( time or ciphertext ) and click OK.
Exporting temporary support password ciphertext
About this task
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Temporary Support Password panel.
3. On the Temporary Support Password screen, select Display ciphertext on the Actions menu. The Display Ciphertext dialog opens.
4. Select the Username for which the ciphertext is required ( hpeadmin or hpesupport). Click OK.
Changing temporary support password ciphertext
About this task
Procedure
1. On the main menu, select Settings.
2. In the Support section, click the Temporary Support Password panel.
3. On the Temporary Support Password screen, select Display ciphertext on the Actions menu. The Display Ciphertext dialog opens.
4. Select the Username for which the changed ciphertext is required ( hpeadmin or hpesupport). Click Regenerate.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
236
Notification settings
Subtopics
Notifications
SNMP
Remote Logging Server
Notifications
The Notifications screen displays the configuration for sending out event notifications through email.
The configuration includes information for routing email (SMTP server), as well as associating events with destination email addresses.
A single event can generate a notification to multiple email addresses. Also, different sets of events can generate notifications to
different email addresses.
Subtopics
Viewing email alerts
Editing SMTP settings
Importing a CA certificate into a StoreOnce client trust store (SMTP)
Adding SMTP subscriptions
Editing and deleting SMTP subscriptions
Sending test email
Viewing email alerts
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the Notifications panel.
The Notifications screen Subscriptions panel shows the configured email alerts.
Editing SMTP settings
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the Notifications panel.
3. On the Notifications screen, click Edit SMTP settings on the Actions menu.
4. Confirm SMTP settings by doing one of the following:
Edit the SMTP settings, and then click OK to save the settings.
Click Reset to open another dialog.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
237
The Reset dialog allows you to remove the SMTP settings and associated notification email subscriptions.
Starting with 4.3.2 release, you can use TLS 1.2 support to secure SMTP connection. To configure TLS, select the check box on the
Notification settings on the management concole GUI. You can enable or disable the check box to toggle TLS on or off.
Importing a CA certificate into a StoreOnce client trust store (SMTP)
If SMTP Is using a certificate that is signed by a Certificate Authority (CA), then the CA certificate needs to be imported into the
StoreOnce client trust store.
Follow the procedure Importing client CA certificate (License server or SMTP server) to import the CA into the client trust store.
Adding SMTP subscriptions
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the Notifications panel.
3. On the Notifications screen, select Add subscription on the Actions menu.
NOTE:
Each severity alert requires a separate subscription.
Editing and deleting SMTP subscriptions
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the Notifications panel.
3. On theNotifications screen, click its edit icon (
) or delete icon (
).
Sending test email
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the Notifications panel.
3. On the Notifications screen, click Send test email on the Actions menu.
SNMP
Subtopics
Viewing and configuring SNMP
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
238
Editing SNMP agent setups
Adding SNMP trapsinks
Editing SNMP trapsinks
Removing SNMP trapsinks
Adding SNMP users
Editing SNMP users
Removing SNMP users
Testing SNMP agents
Viewing and configuring SNMP
About this task
The SNMP (Simple Network Management Protocol) screen allows you to.
View and edit the SNMP Agent setup.
Add and manage SNMP users.
Add and manage SNMP trapsinks.
When the SNMP feature is enabled, it reports the overall StoreOnce System status through SNMP traps. It also reports software status
messages and hardware status messages as reported in the event log, email alerts, or the StoreOnce Management Console.
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the SNMP panel.
The SNMP screen includes tabs for Agent Setup, Trapsinks, and Users.
To view summaries of the SNMP configuration, click the Overview tab. To view lists of the items in the summaries, click the
graphic segments and legends.
To configure SNMP, select the tabs for Agent Setup, Trapsinks, and Users.
Editing SNMP agent setups
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the SNMP panel.
3. On the SNMP screen, click the Agent Setup tab.
4. On the Agent Setup tab, expand the Actions menu and select Edit Agent Setup.
Adding SNMP trapsinks
Prerequisites
At least one SNMP user has been added. Learn more: Adding SNMP users.
You know the destination IP address and port number of the trapsink.
Procedure
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
239
Procedure
1. On the main menu, select Settings.
2. In the Notifications section, click the SNMP panel.
3. On the SNMP screen, click the Trapsinks tab.
4. On theTrapsinks tab, expand the Actions menu and select Add Trapsink.
Editing SNMP trapsinks
Procedure
1. On the main menu, select Settings.
2. In the Notifications section, click the SNMP panel.
3. On the SNMP screen, click the Trapsinks tab.
4. On the Trapsinks tab, select the trapsink. Then, expand the Actions menu and select Edit Trapsink.
5. Make the necessary changes and click Update.
Removing SNMP trapsinks
Procedure
1. On the main menu, select Settings.
2. In the Notifications section, click the SNMP panel.
3. On the SNMP screen, click the Trapsinks tab.
4. On the Trapsinks tab, select the trapsink. Then, expand the Actions menu and select Remove Trapsink.
5. Confirm the action and click Remove.
Adding SNMP users
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the SNMP panel.
3. On the SNMP screen, click the Users tab.
4. On the Users tab, expand the Actions menu and select Add User.
Editing SNMP users
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the SNMP panel.
3. On the SNMP screen, click the Users tab.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
240
4. On theUsers tab, select the user, and then expand the Actions menu and select Edit User.
5. Make the necessary changes and click Update.
Removing SNMP users
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the SNMP panel.
3. On the SNMP screen, click the Users tab.
4. On the Users tab, select the user, and then expand the Actions menu and select Remove User.
5. Confirm the action and click Remove.
Testing SNMP agents
About this task
Once SNMP is configured, you can test that it is set up correctly. Testing also confirms that traps can make it to the trapsinks.
Procedure
1. On the main menu, select Settings.
2. In the Notification section, click the SNMP panel.
3. On the SNMP screen, click the Agent Setup tab.
4. On the Agent Setup tab, expand the Actions menu and select Test SNMP Agent.
Remote Logging Server
Subtopics
Adding remote logging servers
Editing and deleting remote logging servers
Adding remote logging servers
Prerequisites
To add a remote logging server, you must know:
IP address (or FQDN) and the port number of the remote logging server
The logging server type: Audit or Syslog
The connection protocol: TCP or UDP
Procedure
1. On the main menu, select Settings.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
241
2. In the Notifications section, click the Remote Logging Server panel.
3. On the Remote Logging Server screen, expand the Actions menu and select Add.
Editing and deleting remote logging servers
Procedure
1. On the main menu, select Settings.
2. In the Notifications section, click the Remote Logging Server panel.
3. On the Remote Logging Server screen, select the server. Then, expand the Actions menu and select Edit or Delete.
Best practices
Subtopics
Redundant hardware connectivity guidelines
Capacity upgrade planning considerations
3-2-1 strategy
Data services best practices
Housekeeping best practices
StoreOnce Catalyst over Fibre Channel best practices
StoreOnce Catalyst best practices
StoreOnce Catalyst via Micro Focus Data Protector best practices
Redundant hardware connectivity guidelines
For the hardware appliances:
Use dual Power Distribution Units (PDUs) to provide AC power to the controller node and the disk enclosures. Connect one PDU to
the first Power Supply Units (PSUs) in the controller node and the disk enclosures. Connect the other PDU to the second PSUs in the
controller node and disk enclosure. Provide an AC phase to each PDU.
To maintain the redundant hardware design of the system, correctly install the dual SAS cabling following the user instructions and
SAS cabling diagrams.
Capacity upgrade planning considerations
The StoreOnce System remains available and the existing storage remains accessible during the capacity upgrade process. However,
Hewlett Packard Enterprise recommends the following:
Schedule the capacity upgrade as a maintenance activity during a quiet period.
Notify administrators of the upgrade plan.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
242
Check to see how any scheduled jobs, such as replication, might be affected by decreased performance.
Check the status of the existing storage and resolve any issues before proceeding with the capacity upgrade.
The length of the upgrade process, including installing, cabling, licensing, and configuring the new storage, depends on the size of the
upgrade. The entire upgrade process takes from 8 -24 hours depending on the system.
StoreOnce 3660, 5260 and 5660 systems support only OFFLINE expansion. The server node and enclosures must be powered off
before connecting the new enclosure for offline expansion.
Cable installation and cable movements must follow the numbered sequence.
When additional shelves are added to a system, the Smart Array must initialize parity of the new logical volume.
Parity initialization on newly connected enclosures can take up to 24 hours.
If multiple shelves are added, parity is initialized in parallel.
Please ensure the following steps are taken when installing a new enclosure:
1. Cleanly shut down the server node and all existing enclosures.
2. Disconnect all power cables from the server and enclosures.
3. Perform the storage expansion, remembering the numbered sequence required to connect the enclosures. Ensure that only
necessary changes are made to complete the expansion.
WARNING: Incorrect connections can lead to Data Loss.
4. Connect back all of the SAS cables correctly the same order, following the configuration diagrams.
5. Connect back the enclosure power cables only and wait for a few minutes until the enclosures are powered up.
6. When the enclosures are powered up, connect the server power cables and power on the server.
3-2-1 strategy
For hardware and software appliances:
Save three copies of your data.
Keep two copies of data on different media (example: StoreOnce Catalyst copy of a backup).
Keep one copy of your data off site.
Data services best practices
Target similar data types to dedicated VT libraries, NAS shares, and StoreOnce Catalyst stores, and avoid mixing data types within
a library, share, and store. Backups of differing data types, such as two different database types, will not deduplicate well against
each other. Separating different data types into separate libraries/shares/stores reduces the complexity leading to optimum longterm performance.
Where possible, split a backup session into multiple backup streams. Allowing StoreOnce to process multiple backups streams in
parallel increases backup performance.
Do not delete backup items (StoreOnce Catalyst items, VT library cartridges, or files from NAS shares) directly from the StoreOnce
Management Console. Instead, use the backup application to expire the backup items to ensure application consistency.
Secure Erase on libraries/shares/stores will have a system performance impact due to increased disk I/O. Enable Secure Erase when
it is needed, and disabled it when no longer needed.
Do not enable backup application level compression, encryption, or deduplication. These processes will severely impact StoreOnce
deduplication.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
243
Housekeeping best practices
Housekeeping is an important process to maximize the deduplication efficiency of the appliance. Ensure that the housekeeping
process has enough time to complete by not overloading the device. For example, running backup, restore, replication, and
StoreOnce Catalyst Store operations with no break (that is, 24 hours a day) can result in housekeeping never completing. Use
Housekeeping statistics to determine if the system is appropriately loaded. If the housekeeping pending queue is steadily
increasing, you should decrease the load on the device to allow for more housekeeping processing.
Batch deleting a large amount of data at one time causes the pending housekeeping queue to spike higher than normal. If you are
experiencing an already high pending housekeeping queue, then reduce the amount of data deletion per batch, and delete data
more frequently.
Having many VTL libraries/NAS shares/Catalyst stores that each have a common data type can lead to better Housekeeping
performance versus having one large store that contains a mixture of data types.
StoreOnce Catalyst over Fibre Channel best practices
Be sure the “Number of Devices per Login” is set appropriately for StoreOnce Catalyst Copy, Windows, Linux, HP-UX, AIX, and
Solaris media and database servers.
If running the backup application as a nonroot or nonadministrator, be sure that the correct access permissions have been set on
the StoreOnce Catalyst over Fibre Channel client device files.
Zone every backup/media server to a minimum of two Fibre Channel ports with at least two StoreOnce node Fibre Channel ports
across different Fibre Channel cards, ideally across different SANs. Multiple connections allow for higher availability.
StoreOnce Catalyst best practices
Wherever possible, use low-bandwidth StoreOnce Catalyst for optimal backup performance and network usage.
When performing low-bandwidth StoreOnce Catalyst backups, spread the number of backup sessions across multiple media servers
to reduce the possibility of a media server becoming a performance bottleneck.
When using ProLiant media servers and database servers for low-bandwidth StoreOnce Catalyst, enable “HPE Static HighPerformance Mode” through the ProLiant “Power Management” settings for the best backup performance. This setting is not the
default.
For optimum performance, set StoreOnce Catalyst client log levels to the default ERROR log level.
When performing backups over Fibre Channel or Ethernet, StoreOnce Catalyst compression and checksums can be set to DISABLED
through the backup application configuration file. When performing StoreOnce Catalyst Ethernet backups over WAN, StoreOnce
Catalyst compression and checksums must be ENABLED (default) through the backup application (plug-in) configuration file.
When configuring a backup application to use a Fully Qualified Domain Name (FQDN) address for a StoreOnce System, be sure that
the FQDN is fully registered with a Domain Name Server. Do not use local host file entries. This step is important when using
StoreOnce Catalyst Copy jobs because the source StoreOnce System will use the FQDN to communicate directly with the target
StoreOnce System. Using local client host file entries will result in the source StoreOnce System not being able to resolve the target
FQDN address.
To reduce the chance of connection failures on busy Windows clients when using Catalyst over Ethernet, decrease the TIMED_WAIT
Windows TCP parameter.
And if needed, also increase the ephemeral port range. Ephemeral ports are range of ports that Windows Server uses for outbound
communications over TCP/IP. When an outbound connection is finished, the port associated to the connection is temporarily put
into a TIMED_WAIT state in which time it is temporarily unavailable for reuse.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
244
Decrease the TIMED_WAIT parameter from 120 seconds to 30 seconds by creating the TcpTimedWaitDelay parameter in the
following Windows registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters with value 30 and
type REG_DWORD.
StoreOnce Catalyst via Micro Focus Data Protector best practices
When protecting Microsoft SQL databases, the dedupe ratio and performance can be improved as follows. Increase the SQL
MAXTRANSFERSIZE and SQL BLOCKSIZE in the Data Protector omnirc configuration file.
In omnirc, set the following parameters:
OB2SQLMAXTRANSFERSIZE=4194304
OB2SQLBLOCKSIZE=65536
For further details of how to modify omnirc, refer to the Micro Focus Data Protector user guide .
Troubleshooting
Subtopics
All member systems in a federation are unreachable
Backup application connection issues
Cannot re-add StoreOnce System to federation after changing IP address
CIFS share cannot be accessed from Windows with Authentication mode set to none
NAS CIFS timeout issues
NAS NFS stale handle error
Obtaining log collections
Password issues
Reported capacity shows an unexpected drop
Restarting data services
StoreOnce Catalyst Cloud Bank store status is not Online
When editing Client Access Description details on a Catalyst Store, Password Details are cleared
Unable to create Catalyst Stores or VT libraries using localized characters
When adding multiple additional encryption links, the network activation does not complete
Connectivity is lost when static routes are used but "Allow Management Traffic" is disabled
All member systems in a federation are unreachable
Symptom
When you are logged in to the lead system in a federation, the status of all member systems in the federation shows as unreachable.
Cause
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
245
This issue can occur when the IP address of the lead system in a federation has changed since the federation was created. A change in
the IP address of the lead system breaks the trust relationship between the lead system and the member systems.
Action
For each member system in the federation:
1. Remove the member system from the federation.
2. Add the member system back in the federation.
Backup application connection issues
When having issues connecting to a StoreOnce System from a backup application, perform the following checks:
Make sure that you have the latest version or software patches for the backup application. For supported applications, see the HPE
StoreOnce Support Matrix https://www.hpe.com/Storage/StoreOnceSupportMatrix.
Stop and restart the backup application services after the backup device has been discovered. If you still cannot access the device,
check the Device Manager to make sure it is accessible from the host.
iSCSI devices
Make sure that the iSCSI initiator is connected to the devices and log on to them. If the devices are not connected, configure them
on the targets tab of the iSCSI Initiator.
Fibre Channel devices
All supported Fibre Channel cards have a theoretical limit of 255 devices per Fibre Channel port on a host or switch.
Practical limitations
There are practical limitations on the number of devices that each host or HBA can access. It is possible to configure more drive and
library devices than a host can access.
The limit for Windows or Linux hosts using the iSCSI interface is 64.
For Fibre Channel, Hewlett Packard Enterprise recommends that no more than 64 devices be configured for use by a single host.
(Even though Fibre Channel connection supports a greater theoretical number of devices per Fibre Channel port on a host or
switch.)
Cannot re-add StoreOnce System to federation after changing IP address
Symptom
If you try to re-add a StoreOnce System to a federation after its IP address has changed, the re-adding operation fails.
Cause
If the IP address of the member StoreOnce System changes while it is still part of a federation, then the trust link breaks between the
StoreOnce system and the federation lead. To re-establish access, you must remove the federation lead from the member StoreOnce
System so that a new trust link can be established with the new IP.
Action
1. Log in to the StoreOnce System and navigate to the Federation Dashboard > Federation Management screen.
2. Click the Leads tab.
3. Select the lead system, expand the Actions menu and select Remove system.
4. Log in to the federation lead.
5. Re-add the StoreOnce System with the changed IP address.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
246
CIFS share cannot be accessed from Windows with Authentication mode set to none
Symptom
A CIFS share cannot be accessed from Windows File Explorer.
Cause
Guest access to a remote server is disabled by default in the following versions of Windows:
Windows 10
Windows Server 2016 version 1709
Windows Server 2019
Action
Configure Group Policy settings to enable insecure guest logons (not recommended by Microsoft).
See the Microsoft article https://support.microsoft.com/en-gb/help/4046019/guest-access-in-smb2-disabled-by-default-inwindows-10-and-windows-ser.
NAS CIFS timeout issues
About this task
By default, the Windows CIFS timeout is set low for NAS backup implementations.
A low timeout setting can lead to various error messages related to lost connection to the share, unrecoverable write errors or timeout
issues. The timeouts can result in backup job failures.
HPE recommends that you add or increase the SessTimeout value from the default of 45 seconds to 300 seconds (five minutes).
Increasing the timeout ensures that the Windows CIFS timeout does not cause your backup application to prematurely timeout the
running job.
NOTE: Increasing the timeout setting can resolve issues resulting from timeouts. However, it is not exclusively the only
reason for such failures.
Many out-of-sequence writes causing slow response times within the product often can be the root cause. If increasing
the timeout is not successful, further analysis may be required.
Procedure
1. On the client machine. From the Windows Start menu, click Run.
2. In the Open: box, type regedit and click OK.
3. Expand and locate the registry subtree:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \LanmanWorkstation \Parameters
4. Add a REG_DWORD key with the name of SessTimeout.
5. Set the timeout value. HPE recommends to initially set the timeout value at 300 and then change the value according to the
situation of your machine.
6. Reboot the client machine.
NAS NFS stale handle error
The following process can cause problems when connecting to a NAS NFS share:
1. A NAS NFS share is created on a StoreOnce System and then is mounted on a host Linux machine.
2. The NAS NFS share is deleted on the StoreOnce System without first unmounting it on the host Linux machine.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
247
3. The NAS NFS share is created again on the StoreOnce System with the same name.
In this process, the Linux client will assign a new set of inodes to the new share. But when trying to access the old mount point it will use
the previous set of inodes and will therefore not connect.
To resolve the stale handle issue, and restore the connection, reboot the host Linux machine.
Obtaining log collections
About this task
A log collection is a snapshot in time of the StoreOnce System. The log collection shows the configuration, status, and health of the
product, as well as historical events for use with troubleshooting the product.
Procedure
1. The support ticket contains lower-level trace logs for the use of Hewlett Packard Enterprise engineers.
2. If a kernel or process crash occurs, an automatic ticket is generated.
3. To manually generate a log collection, see Generating, downloading, and removing log collections.
Password issues
About this task
If the Admin password is lost, you can reset the password using the StoreOnce Initialisation Console.
The reset Admin password functionality in the Initialisation Console is available only when you are logged in locally to the StoreOnce
System or iLO. Or from the hypervisor console for a StoreOnce VSA.
This procedure applies to local authentication only. If you are using LDAP or Active Directory, this feature has no effect.
Procedure
1. Log in to the Initialisation Console. Use the username console and the password that was set during the first configuration of the
StoreOnce system.
2. Select Reset admin password. The password is reset to the default admin.
3. After the reset is applied, navigate to the web interface on a new tab. On the password dialog, change the default password.
Reported capacity shows an unexpected drop
Symptom
The reported capacity for a StoreOnce system is less than expected. The low reported capacity can last for several minutes and
involves the capacities of Cloud Bank stores or VT libraries.
On a Capacity Usage graph, the unexpected drop can appear as a dip (white area) in the total capacity of the StoreOnce System.
Cause
This issue can occur after a StoreOnce System is rebooted, or the data services on the StoreOnce System are restarted.
After a reboot or restart, the capacities of Cloud Bank stores and VT libraries are first reported as zero. It can take up to several
minutes for the actual capacities to be reported.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
248
Action
Review a Capacity report graph.
If the drop occurred in the past, and the reported capacity has returned to expected levels, no action is required.
If the drop is being reported now, allow several minutes to verify that the reported capacity returns to expected levels.
Restarting data services
About this task
The Restart data services action is only available if you are logged as a user with the role of administrator. It is intended for use in
limited circumstances. For example, when the status of the data services reports a critical fault and recommends restarting the data
services.
WARNING: Restarting data services will cause running backups, restores, and copies to be canceled. Ongoing
replications will be interrupted but will attempt to resume after the restart is complete.
Procedure
1. On the main menu, select Data Services.
2. On the Data Services screen, expand the Actions and select Restart data services.
StoreOnce Catalyst Cloud Bank store status is not Online
Symptom
The StoreOnce Catalyst Cloud Bank store status is one of the following:
Cloud storage offline
Read license expired
Ownership lost
Failed to connect
Integrity
Logical Quota Reached
Physical Quota Reached
Solution 1
Cause
The StoreOnce Catalyst Cloud Bank store status is "Cloud storage offline" when the system loses connectivity to the Cloud Service
Provider.
Action
An event was generated that describes the connectivity issue.
Proxy settings are valid and network access to the Cloud Service Provider is possible.
The StoreOnce System time is synchronized with the Cloud Service Provider. Hewlett Packard Enterprise recommends using NTP
to be sure that the time is synchronized.
The container/bucket still exists and has not been tampered with.
IMPORTANT:
If the container/bucket has been deleted or tampered with, the data in this store might be unrecoverable.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
249
The store status will automatically change to "Online" when connectivity is resumed.
Solution 2
Cause
The StoreOnce Catalyst Cloud Bank store status is "Read license expired" on any StoreOnce System connected read-only when:
The store is deleted on a StoreOnce System that is connected to the store read write.
The store Not For Resale Detach license expires.
The Demo or Not For Resale Cloud Bank Storage License on the StoreOnce System that is connected read write expires.
The StoreOnce System that is connected read write has been turned off or is unable to access the container/bucket, for at least 60
days.
The StoreOnce System that is connected read write has disconnected the store or suffered a disaster, and no new StoreOnce
System has been connected read write for at least 60 days.
Action
In all cases, you cannot recover data from the store on this system.
Solution 3
Cause
The StoreOnce Catalyst Cloud Bank store status is "Ownership lost" when a StoreOnce System has been brought online after a period
of being offline, and the Cloud Bank Storage store has been subsequently connected read write on another StoreOnce System.
Action
1. Be sure that you have the Cloud Service Provider credentials for this store ready.
2. Be sure that there are no active backups to the online store taking place.
3. Be sure that sufficient time for this process to run is allowed. Connect (Read Write) is only possible 24 hours after the disconnect.
Also, the time required for the connection to complete increases with the amount of data stored.
4. On the StoreOnce System where the store is connected read write with the store status "Online":
a. Export and record the store Encryption Key.
b. Disconnect the store.
5. On the StoreOnce System with the store status "Ownership lost":
a. Delete the store.
b. Connect (Read Write) to the store.
Solution 4
Cause
The StoreOnce Catalyst Cloud Bank store status is "Failed to Connect":
If during the connection process, the StoreOnce System is rebooted.
If during the connection process, a StoreOnce System that still has this store connected read write has come online after a period
of being offline.
In the unlikely event that the StoreOnce System encountered an issue trying to Connect (Read Write) or Connect (Read Only) to a
Cloud Bank Storage store.
IMPORTANT:
If the container/bucket has been deleted or tampered with, the data in this store might be unrecoverable.
Action
Check that the container/bucket still exists and has not been tampered with.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
250
Delete the "Failed to connect" store and try again to connect. If the failure persists, contact HPE support.
Solution 5
Cause
The Cloud Bank store status is "Integrity" when an integrity issue has been detected.
Action
If the failure persists, contact HPE support.
Solution 6
Cause
The Cloud Bank store status is “Logical Quota Reached” or "Physical Quota Reached" when a quota has been exceeded.
Action
See the Physical Data Size Quota and Logical Data Size Quota entries in StoreOnce Catalyst stores screens and properties .
When editing Client Access Description details on a Catalyst Store, Password Details are
cleared
Symptom
Adding or modifying the description field of a Catalyst Client causes access authentication failures for catalyst stores configured for
access with the changed catalyst client.
Cause
When editing the Catalyst Client Description Field, the password field is nullified. If changes are committed by pressing the update
button, the password is in effect removed.
After that change, when the Catalyst Client attempts to access the store, there will be an authentication failure. This authentication
failure is caused because the client is providing the known password. However, that password no longer matches the stored password
in the Catalyst Server Database as that was changed to the null string.
Action
When updating the description field, re-enter the password to save the changes.
Unable to create Catalyst Stores or VT libraries using localized characters
Symptom
Cannot use localized languages such as Japanese or Chinese to create and name Catalyst Stores or VT libraries.
Cause
Catalyst Stores and VT libraries do not support using localized characters for naming shares.
Action
Create shares using the following characters: 0-9 a-z A-Z _ . + [ ] ^ | ? * ( ) # : ; = @ { }. The name cannot include spaces.
When adding multiple additional encryption links, the network activation does not
complete
Symptom
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
251
Encryption links have been configured previously. When additional multiple encryption links are added, the server connection is lost
during network activation. When the network is reconnected, or the network page is refreshed, the encryption links are not updated.
Solution 1
Cause
This issue is likely caused by a mismatch between the host and target encryption link credentials.
Action
1. Set up the new target encryption links.
2. Set up the new StoreOnce host encryption links.
Solution 2
Action
1. Remove all the StoreOnce host encryption links, including those links configured previously.
2. Reactivate the network.
3. Re-add all the StoreOnce host encryption links, both the previously configured links and the new links.
Connectivity is lost when static routes are used but "Allow Management Traffic" is
disabled
Symptom
When adding a static route from the StoreOnce GUI with the Allow Management traffic toggle disabled, connecivity will fail and no
route will be established.
When adding a static route for data traffic only with the Allow Management traffic toggle disabled, connectivity will fail after a
system reboot.
Cause
When the Allow Management traffic toggle is disabled, the route is not added to the main routing table, and the static route is not
established.
Action
Contact HPE support to resolve this issue.
StoreOnce websites
HPE Support Center Knowledge Base for StoreOnce products
www.hpe.com/info/storeonce/docs
HPE StoreOnce Support Matrix
www.hpe.com/storage/StoreOnceSupportMatrix
HPE StoreOnce Systems QuickSpecs
www.hpe.com/support/StoreOnceQuickSpecs
HPE StoreOnce Data Protection Backup Appliances information page
www.hpe.com/storage/storeonce
General websites
Storage white papers and analyst reports
www.hpe.com/storage/whitepapers
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
252
Enter "StoreOnce" into the keyword search box.
Support and other resources
Subtopics
Accessing Hewlett Packard Enterprise Support
Accessing updates
Remote support
Customer self repair
Warranty information
Regulatory information
Documentation feedback
Accessing Hewlett Packard Enterprise Support
For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website:
https://www.hpe.com/info/assistance
To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website:
https://www.hpe.com/support/hpesc
Information to collect
Technical support registration number (if applicable)
Product name, model or version, and serial number
Operating system name and version
Firmware version
Error messages
Product-specific reports and logs
Add-on products or components
Third-party products or components
Accessing updates
Some software products provide a mechanism for accessing software updates through the product interface. Review your product
documentation to identify the recommended software update method.
To download product updates:
Hewlett Packard Enterprise Support Center
https://www.hpe.com/support/hpesc
Hewlett Packard Enterprise Support Center: Software downloads
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
253
https://www.hpe.com/support/downloads
My HPE Software Center
https://www.hpe.com/software/hpesoftwarecenter
To subscribe to eNewsletters and alerts:
https://www.hpe.com/support/e-updates
To view and update your entitlements, and to link your contracts and warranties with your profile, go to the Hewlett Packard
Enterprise Support Center More Information on Access to Support Materials page:
https://www.hpe.com/support/AccessToSupportMaterials
IMPORTANT:
Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise
Support Center. You must have an HPE Onepass set up with relevant entitlements.
Remote support
Remote support is available with supported devices as part of your warranty or contractual support agreement. It provides intelligent
event diagnosis, and automatic, secure submission of hardware event notifications to Hewlett Packard Enterprise, which initiates a fast
and accurate resolution based on the service level of your product. Hewlett Packard Enterprise strongly recommends that you register
your device for remote support.
If your product includes additional remote support details, use search to locate that information.
HPE Get Connected
https://www.hpe.com/services/getconnected
HPE Pointnext Tech Care
https://www.hpe.com/services/techcare
HPE Complete Care
https://www.hpe.com/services/completecare
Customer self repair
Hewlett Packard Enterprise customer self repair (CSR) programs allow you to repair your product. If a CSR part needs to be replaced, it
will be shipped directly to you so that you can install it at your convenience. Some parts do not qualify for CSR. Your Hewlett Packard
Enterprise authorized service provider will determine whether a repair can be accomplished by CSR.
For more information about CSR, contact your local service provider.
Warranty information
To view the warranty information for your product, see the links provided below:
HPE ProLiant and IA-32 Servers and Options
https://www.hpe.com/support/ProLiantServers-Warranties
HPE Enterprise and Cloudline Servers
https://www.hpe.com/support/EnterpriseServers-Warranties
HPE Storage Products
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
254
https://www.hpe.com/support/Storage-Warranties
HPE Networking Products
https://www.hpe.com/support/Networking-Warranties
Regulatory information
To view the regulatory information for your product, view the Safety and Compliance Information for Server, Storage, Power,
Networking, and Rack Products, available at the Hewlett Packard Enterprise Support Center:
https://www.hpe.com/support/Safety-Compliance-EnterpriseProducts
Additional regulatory information
Hewlett Packard Enterprise is committed to providing our customers with information about the chemical substances in our products as
needed to comply with legal requirements such as REACH (Regulation EC No 1907/2006 of the European Parliament and the Council). A
chemical information report for this product can be found at:
https://www.hpe.com/info/reach
For Hewlett Packard Enterprise product environmental and safety information and compliance data, including RoHS and REACH, see:
https://www.hpe.com/info/ecodata
For Hewlett Packard Enterprise environmental information, including company programs, product recycling, and energy efficiency, see:
https://www.hpe.com/info/environment
Documentation feedback
Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation,
use the Feedback button and icons (located at the bottom of an opened document) on the Hewlett Packard Enterprise Support Center
portal (https://www.hpe.com/support/hpesc) to send any errors, suggestions, or comments. All document information is captured by
the process.
HPE StoreOnce 3660, 5260 and 5660 Systems User Guide for StoreOnce software version 4.3.x
255