Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup and NetBackup Appliances Hardening Guide
  3. Steps to protect NetBackup Flex Scale
  4. Support for immutability in NetBackup Flex Scale
  5. Configuring immutability using GUI
NetBackup and NetBackup Appliances Hardening Guide

Configuring immutability using GUI

You can configure immutability using the NetBackup Flex Scale GUI.

To configure immutability using GUI

  1. Go to Settings > Security management > Immutability. Click Edit.
  2. Choose any of the lockdown modes under Mode Selection. You can choose from Normal, Enterprise, and Compliance. The supported features for each mode are listed.

    Note:

    You cannot downgrade the lockdown mode after it is configured. For example, if the lockdown mode is set to compliance, you cannot change the lockdown mode to enterprise or normal.

  3. If you choose Enterprise or Compliance mode, you also have to configure the retention time range from which the NetBackup administrators will be allowed to select when creating backup images. Specify the maximum and minimum retention time. Click Save.

    Note:

    Ensure that the image retention period in backup policies is within the lockdown mode retention time to avoid any error during backup.

    If you select enterprise or compliance mode, you can restrict remote management access to the node by selecting the Restrict remote management access check box.

    Warning:

    Once you enable restricted remote management access, all destructive operations are disabled for all the IPMI users. Users can view and perform limited operations in the IPMI web GUI but cannot access the remote console. Physical access to the system is required to logon to the console.

Feedback

Was this page helpful?
Previous

Restricted access to Remote Management Platform (HPe iLO)

Next

Authenticating users using digital certificates or smart cards

Feedback

Was this page helpful?