Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup Web UI Vault Administrator's Guide
  3. Vaulting and managing media
  4. About Vault sessions
  5. About scheduling a Vault session
  6. Creating a Vault policy
NetBackup Web UI Vault Administrator's Guide

Creating a Vault policy

Setting up a Vault policy differs from setting up a regular policy in NetBackup, as follows:

  • First, you must specify Vault as the policy type.

  • Second, you do not specify clients for Vault policies.

  • Third, rather than specifying files to back up on the Backup Selections tab, you specify one of two Vault commands to run.

    • Use the vltrun command to run a Vault session. You specify the robot, vault name, and profile for the job. The vltrun command accomplishes all the steps necessary to vault media. If the profile is configured for immediate eject, media are ejected and reports are generated. If the vault profile name is unique, use the following format:

      vltrun profile_name

      If the vault profile name is not unique, use the following format:

      vltrun robot_number/vault_name/profile_name
    • Use the vlteject command to eject media or generate reports for sessions that are completed already and for which media have not been ejected. The vlteject command can process the pending ejects or reports for all sessions, for a specific robot, for a specific vault, or for a specific profile. For example:

      vlteject -vault vault_name -eject -report

Note:

Include one Vault command only in a Vault policy. If you use more than one command, the first command is initiated and the successive commands are interpreted as parameters to the first command. Failure may occur and images may not be duplicated or vaulted.

See Ejecting media by using a Vault policy.

For more information about the vlteject and the vltrun commands, see the NetBackup Commands Reference Guide.

Note:

If you create a vault policy by copying a regular NetBackup policy that has a client list configured, delete all the clients in the client list before you run the policy. If you do not, Vault creates one vault job for every client in the list even though the client is not used by the Vault job. The first vault job operates as a normal vault session; the rest terminate with a status 275 (a session is already running for this vault).

To create a Vault policy, navigate to Protection > Policies. Click Add and specify the required parameters.

For more information about creating NetBackup Vault policies, see the NetBackup Web UI Administrator's Guide.

Feedback

Was this page helpful?
Previous

About scheduling a Vault session

Next

About running a session manually

Feedback

Was this page helpful?