Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. Cohesity Data Cloud for NetBackup™ Administrator's Guide
  3. Deploying Cohesity Data Cloud for NetBackup
  4. Configuring SpanFS subnet whitelists for NetBackup access
Cohesity Data Cloud for NetBackup™ Administrator's Guide

Configuring SpanFS subnet whitelists for NetBackup access

SpanFS enforces IP based access control for filesystem RPC operations. To allow NetBackup media servers and clients to communicate with the SpanFS file system during Direct-IO operations, you must configure one or more IP subnet whitelists on the SpanFS cluster. Only the systems within these whitelisted subnets are permitted to access SpanFS services.

You can use the iris_cli command-line tool to manage subnet whitelists.

To configure subnet whitelists for NetBackup

  1. Add an IP subnet to the whitelist.

    iris_cli cluster add-subnet-to-whitelist subnet-ip=<IPv4 address> subnet-mask-ip4=<IPv4 subnet mask>

  2. View all subnet entries currently allowed to access SpanFS.

    iris_cli cluster get-subnet-whitelist

  3. Remove a subnet from the whitelist.

    iris_cli cluster remove-subnet-from-whitelist subnet-ip=<subnet IPv4 address>

Feedback

Was this page helpful?
Previous

Configuration using the DNS delegation

Next

Provisioning the storage

Feedback

Was this page helpful?