Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Web UI Administrator's Guide
  5. Section IX. Managing security
  7. Configuring multiperson authorization
  9. Workflow to configure multiperson authorization for NetBackup operations
NetBackup™ Web UI Administrator's Guide

Workflow to configure multiperson authorization for NetBackup operations

Here are the high-level steps to configure multiperson authorization for NetBackup operations:

Table:

Step

Description

Step 1

Identify critical NetBackup operations that require multiperson authorization.

See NetBackup operations that need multiperson authorization.

Step 2

Identify the approvers who can approve requests or multiperson authorization tickets.

Step 3

Assign the Default multiperson authorization approver RBAC role to the approvers.

See RBAC roles and permissions for multiperson authorization.

Step 4

Configure multiperson authorization using the NetBackup web UI.

See Configure multiperson authorization.

Step 5

When a user or a requester tries to perform an operation that requires multiperson authorization (for example, expiring an image), a ticket is generated.

Initially, the ticket is in the pending state.

Step 6

The ticket is visible to all multiperson authorization approvers in the NetBackup web UI where they can review the ticket information and approve or reject the ticket.

Step 7

When the approver approves or rejects the ticket, the requester is notified. If the ticket is approved, the associated operation is executed.

Note:

For API key operations, the requester needs to execute the operation using the web UI after the ticket is approved.

Multiperson authorization configuration begins when the Administrator or the Security Administrator enables critical operations that require multiperson authorization and specifies other settings like expiration period and purge period.

A multiperson authorization configuration ticket is generated. After the approver approves the ticket, multiperson authorization configuration comes into effect.

Initial multiperson authorization configuration

Configuring multiperson authorization for the first time involves adding users to the Default multiperson Authorization Approver role. To start using the multiperson authorization for additional data security, the Security Administrator must enable the multiperson authorization for critical pre-defined operations that require an additional approval from a user with the Default multiperson Authorization Approver role.

Initially, the Security Administrator should configure multiperson authorization that results into a multiperson authorization ticket. After the approver approves the ticket, multiperson authorization becomes mandatory for the specified NetBackup operation (such as image expiry). The Administrator or Security Administrator can add users to the Default multiperson Authorization Approver role at any point in time.

Feedback

Was this page helpful?
Previous

About multiperson authorization

Next

RBAC roles and permissions for multiperson authorization

Feedback

Was this page helpful?