Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup and NetBackup Appliances Hardening Guide
  3. Steps to protect Flex Appliance
  4. About lockdown mode
NetBackup and NetBackup Appliances Hardening Guide

About lockdown mode

Flex Appliance lockdown mode offers additional security levels to protect your appliance and data, in addition to the hardened, secure operating environment that comes out of the box.

Lockdown mode provides the following benefits:

  • It prevents unauthorized access or modification to the underlying operating system (OS). Once lockdown mode is enabled, administrators cannot make changes to the OS or the internal components. 

    If you need access to the OS for emergency operations, an access key is required to temporarily unlock the appliance. This functionality prevents unauthorized changes even if a malicious actor gained access to stolen credentials.

  • It includes the option to create WORM storage instances that prevent your data from being encrypted, modified, or deleted. WORM is the acronym for Write Once Read Many. Any data that is saved on these instances is protected with the following security measures:

    • Immutability

      This protection ensures that the backup image is read-only and cannot be modified, corrupted, or encrypted after backup.

    • Indelibility

      This property protects the backup image from being deleted before it expires. The data is protected from malicious deletion.

    • Compliance clock

      The fundamental attribute of WORM is the ability to accurately measure elapsed time to ensure the duration of data retention. The compliance clock is independent of the operating system time and the Network Time Protocol (NTP). It cannot be edited.

Administrators can manage lockdown mode through the Flex Appliance Console. Only administrators with security administrator role can enforce lockdown mode.

Lockdown mode can be enabled at the appliance level using the Flex Appliance Console.

Warning:

Lockdown mode does not block access to the remote management (IPMI) port. Cohesity recommends that you set up your network to restrict access and only allow security administrators or the users that manage the physical hardware to use the port.

Lockdown mode must be enabled in the appliance before you can create WORM storage instances.

For more information on creating and managing WORM storage instances, see the NetBackup Application Guide for Flex Appliance.

Lockdown mode behavior
  • You can enable or disable at the appliance level. When disabled, the appliance does not receive any of the security benefits associated with lockdown mode. Disabled mode is the default appliance state and does not support WORM storage.

    When lockdown mode is enabled, the default mode is enterprise mode.

  • After a new installation of Flex Appliance, the Lockdown mode dialog will appear at every login until the administrator explicitly enforces or opts out. If the dialog is closed without making a choice, the user remains on the home page, and the Lockdown mode screen will reappear on subsequent logins. An opt-out without providing a reason is treated as no choice, so the dialog continues to appear at each login.

  • There is no change to the appliance lockdown mode during platform upgrade.

  • During upgrade, instance specific lockdown mode configuration files are created for immutable storage instances if the appliance was in enterprise or compliance mode. The instance lockdown mode remains the same as appliance lockdown mode prior to upgrade. If the lockdown mode was disabled, no instance specific lockdown mode configuration files are created.

  • If appliance lockdown mode was disabled before upgrade, you are prompted to enforce the lockdown mode on each login until a selection is made.

  • If lockdown mode is enabled, you can disable the lockdown mode only if you have not configured immutable instances. If immutable instances are configured, then you need to delete them before you can disable the lockdown mode.

Feedback

Was this page helpful?
Previous

Managing user authentication with smart cards or digital certificates

Next

Managing lockdown mode at the appliance level

Feedback

Was this page helpful?