Hello and welcome to this Dell PowerProtect Data Manager appliance video. In this demo, we'll cover PowerProtect Data Manager appliance integration with PowerProtect Cyber Recovery. Before performing a successful cyber recovery integration with the PowerProtect Data Manager appliance, you must create a security officer role on the DM5500 and ensure that at least one uplink of the DM5500 is physically connected to the vault storage replication network, either directly or routed through a switch. You can use any free port on the PCIe slot three or PCIe slot four for replication to the cyber recovery vault using a Google Chrome web browser.
Enter the appliance's management IP on the main login screen, use the admin user and the password set during the initial deployment to log in to the appliance. After we log in, we see the appliance dashboard. To start the cyber recovery integration, navigate to infrastructure networks and then uplinks. On the uplinks tab, click ""add"" to display the ""add uplink group"" dialog, select the radio button next to the vault replication option. Enter an uplink group name. Notice that the direct connection available to the Cyber Vault option is selected by default. Select this option if there is a direct connection available to the Cyber Vault. In this case, we'll deselect this option. From the available uplinks list, select the appropriate port to be used for the vault connection.
Note that if the system is not cabled, the UI will display a warning stating that there are no available uplinks for selection. Click save. Next, select the network tab and click ""add"" to create the dedicated network to connect to the vault. On the network configuration page, select the radio button next to the vault replication option. In the network name field, enter the name of the new virtual network. Below that, specify the VLAN ID of the virtual network. From the uplink group lists, select the uplink group name that we previously created. Enter the subnet mask range for the network, followed by the data IP that we will use for replicating data into the vault. Click next, review the summary details, and then click apply. We've now completed the network settings for replication to the vault DD system. The network configuration job is now in progress. We'll wait for it to complete before progressing further.
When the status of the network configuration is ready, we can examine the details to configure the cyber recovery vault storage in the DM5500. Navigate to infrastructure storage and then click the cyber recovery tab. On the cyber recovery tab in the vault storage area, click configure. In the configure vault storage dialog, in the FQDN field, enter the management FQDN of the vault DD system. In the IP field, enter the replication interface IP of the vault DD system. Accept the default value for the port field and click save. We have now successfully mapped the external vault storage with the DM5500 to enable vault replication for a protection policy.
Navigate to protection policies and then click add. On the policy page, enter a name for the protection policy, select the type of asset source to be protected, and click next. On the purpose page, select the crash-consistent radio button and click next. On the assets page, select the asset that needs to be protected as part of the policy and click next. On the objectives page, define the purpose of the backup policy, such as schedules, retention policy, and which network interface to use. When you are finished, click save. Continuing on the objectives page, select the vault option, then click ""add."" The add vault dialog displays information about the vault storage and the network interface on the DM5500 to use for the replication between the DM5500 and the vault DD system.
Click OK. On the summary page, review the options and click finish. On the protection policies page at the bottom of the screen, click the ""view details"" link to view the policy creation workflow, called ""configuring vault protection."" This workflow creates a replication context for the storage units of the policy and initializes the replication context to streamline the process on the DM5500. Note that when the very first protection policy is vault-enabled, we auto-create the replication context for the system server DR backup as well. To complete the replication between the DM5500 and the vault DD system, we need to manually configure the replication context on the vault DD using the storage units generated by the DM5500.
To get started, we begin by recording the source and destination storage unit names associated with the policy. Navigate to protection policies and then click the policy name to view the policy's details. We can copy the storage unit names to a clipboard under the objective section. After we copy the storage unit names, open an SSH session, connect to the vault DD system, and configure the replication context.
Fetch the DM5500 server DR information from the infrastructure menu. Select storage, then in the active tier area, click the three vertical dots and copy the server DR storage unit. Use this storage unit name to create other replication contacts on the vault DD for the server DR backup. Set the source as the server DR storage unit on DM5500 and the destination storage unit on the vault DD to the same named storage unit and include the ""-V"" suffix. Because the source replication contexts are pre-initialized, that is, both policy and server DR storage units on the DM5500, the context is synchronized automatically. This can take up to 15 minutes.
After the replication is complete, we go on to create cyber recovery policies using the Cyber Recovery UI. Log in to the Cyber Recovery UI as admin, then navigate to policies and click ""add."" In the name field, enter a name for the policy. From the type list, choose PPDM as the backup software. In the storage field, choose the vault DD system, then click save. On the replication page, select the destination storage units of the DM5500 policy and the DM5500 server DR backup. For each, select the DD interface that will be used for the replication from the server DR context list. Select the DM5500 server DR context. We define a replication window of choice, here 10 hours, and click next. On the retention page, select none as the retention lock type.
Note that if your vault DD system is licensed for governance or compliance, you can enable the desired retention lock for the policy. Click next. On the summary page, review the options we've selected and click finish. On the policies page, select the policy, and under actions, select ""sync."" This will unlock the vault and allow the DM5500 to replicate its backup data to the vault. When the sync operation completes, the vault replication interface is disabled, thus creating an air gap and securing business-critical data. To learn more, for white papers, videos, and blogs, see the Data Protection Info Hub. For hands-on labs and interactive demos, visit our demo center. Thanks for watching.
