6 Configuring access attributes
Abstract
After provisioning your system, you can assign access attributes to open-system volumes to protect
the volume against read, write, and copy operations and to prevent users from configuring LU
paths and command devices.
Data Retention software is required to assign access attributes to volumes.
About access attributes
Open-systems volumes, by default, are subject to read and write operations by open-systems hosts.
With open-system volumes in this default condition, data might be damaged or lost if an
open-systems host performs erroneous write operations. In addition, confidential data on
open-systems volumes might be stolen if a malicious operator performs read operations on
open-systems hosts.
Therefore, it is recommended that you change the default read and write conditions by assigning
an access attribute to each logical volume. Access attributes can be set to read/write, read-only,
or protect.
By assigning access attributes, you can:
•
Protect a volume against both read and write operations of all hosts.
•
Protect a volume against write operations of all hosts, but allow read operations.
•
Protect a volume against erroneous copy operations, but allow other write operations.
•
Prevent other users from configuring LU paths and command devices.
One of the following access attributes can be assigned to each logical volume:
•
Read/write
If a logical volume has the read/write attribute, open-systems hosts can perform both read
and write operations on the logical volume.
You can use replication software to copy data to logical volumes that have read/write attribute.
However, if necessary, you can prevent copying data to logical volumes that have read/write
attribute.
All open-systems volumes have the read/write attribute by default.
•
Read-only
If a logical volume has the read-only access attribute, open-systems hosts can perform read
operations but cannot perform write operations on the logical volume.
•
Protect
If a logical volume has the protect access attribute, open-systems hosts cannot access the
logical volume. Open-systems hosts cannot perform either read nor write operations on the
logical volume.
Access attribute requirements
To assign access attributes, the Data Retention software must be installed.
About access attributes
159