Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Snapshot Manager for Data Center Administrator's Guide
  5. Storage array plug-ins for Snapshot Manager for Data Center
  7. Dell EMC PowerMax and VMax array
  9. Roles and privileges on Dell EMC Unisphere for PowerMax and VMax
NetBackup™ Snapshot Manager for Data Center Administrator's Guide

Roles and privileges on Dell EMC Unisphere for PowerMax and VMax

To allow NetBackup to perform snapshot management operations, ensure that the Dell EMC Unisphere user account used for plug-in configuration has the following roles and privileges assigned:

  • Create snapshot

  • Export snapshot

  • Restore snapshot

  • Delete snapshot

RBAC is managed using Unisphere for VMAX, Unisphere for PowerMax, or the Solutions Enabler CLI symauth command. Using symauth, a user or group of users, may be mapped to a specific access role, which defines the operations that these users are permitted to perform on the entire VMAX array.

There are currently seven users-defined roles that are available with RBAC: None, Monitor, PerfMonitor, StorageAdmin, SecurityAdmin, Admin, and Auditor. The following are the base capabilities of these current roles:

  • None: No capabilities.

  • Monitor: Performs read-only operations on an array, excluding the ability to read the audit log or access control definitions.

  • PerfMonitor: Includes Monitor role permissions and grants additional privileges within the performance component of Unisphere for the VMAX application to set up various alerts and update thresholds to monitor array performance.

  • StorageAdmin: Perform all management and control functions. See the specific permissions pertaining to this role:

    • SecurityAdmin Performs security operations (symaudit, symacl, symauth) on an array in addition to all monitor operations. Users or groups assigned the SecurityAdmin or Admin roles can create or delete component-specific authorization rules. The SecurityAdmin also has all Auditor rights.

    • Admin: Performs all operations on an array, including security operations and monitor operations. The Admin also has StorageAdmin rights, SecurityAdmin rights, and application performance monitoring privileges.

  • Auditor: Grants the ability to view, but not modify, security settings for an array (including reading the audit log, symacl list, and symauth) in addition to all monitor operations. This is the minimum role required to view the array audit log.

It is important to clarify that your Storage_Admin role remains your ssuper user, and keeps sole control of provisioning storage on the array.

Feedback

Was this page helpful?
Previous

DELL EMC PowerMax and VMax plug-in configuration parameters

Next

Dell EMC XtremIO plug-in considerations and limitations

Feedback

Was this page helpful?