Veritas Alta™ SaaS Protection Administrator's Guide

Last Published:
Product(s): Veritas Alta SaaS Protection (1.0)
  1. Section I. Introduction to Veritas Alta™ SaaS Protection
    1. Introduction to Veritas Alta™ SaaS Protection
      1.  
        About Veritas Alta SaaS Protection
      2.  
        Features of Veritas Alta SaaS Protection
      3.  
        Tenant hosting methods
      4.  
        Architecture of Veritas Alta SaaS Protection
      5.  
        Services and utilities
  2. Section II. Administration portal
    1. Administration portal
      1.  
        About the Administration portal
      2.  
        Connectors page
      3.  
        Analytics
      4.  
        About the System page
    2. General administrative tasks
      1.  
        Configuring system
      2.  
        Configuring the Administration portal
      3.  
        Viewing upgrade history
      4. Viewing licensing details
        1.  
          License page - SKU based
        2.  
          License page - Usage based
  3. Section III. Manage users and roles
    1. Managing users and roles
      1.  
        About permissions
      2.  
        Adding users
      3.  
        Assigning the Default role to users
      4.  
        Adding roles
      5.  
        Searching for a specific user/group
      6.  
        Assigning permissions to users
      7.  
        The allowed list of the unrecognized retrieval users
  4. Section IV. Manage searches/eDiscovery/cases
    1. Manage searches/eDiscovey/cases
      1.  
        About eDiscovery/searches
      2.  
        Adding search templates
      3.  
        Adding Discovery cases
      4.  
        Performing an ad hoc search and adding data to Discovery cases
      5.  
        Viewing data in Discovery cases
      6.  
        Editing Discovery cases
      7.  
        Deleting Discovery cases
      8.  
        Assigning Discovery cases to users
  5. Section V. Configure policies
    1. About policies in Veritas Alta™ SaaS Protection
      1.  
        About policies in Veritas Alta SaaS Protection
      2.  
        About WORM policies
      3.  
        About the Deletion policy
      4. About the Tiering policy
        1.  
          Storage tiering and full-text search
        2.  
          User experience on storage tiering
        3.  
          Priority for storage Tiering
      5.  
        About the Tagging policy
      6.  
        How to edit the policy evaluation interval?
    2. Configuring policies for data retention (WORM policies)
      1.  
        Ingestion WORM policies page
      2.  
        Guidelines to add retention policies
      3.  
        Adding/updating ingestion WORM retention policies
      4.  
        Adding/updating At-Rest WORM retention policies
    3. Configuring policies for data deletion (Deletion policy)
      1.  
        Adding/updating Deletion policies
      2.  
        Viewing the deletion history
    4. Configuring policies for data tiering (Tiering policy)
      1.  
        Adding/updating Tiering policies
    5. Configuring Tagging polices
      1.  
        Adding Tags
      2.  
        Adding/updating Tagging policies
      3. Adding regular expressions
        1.  
          RegEx and query examples for PII detection
    6. Managing policies
      1.  
        Deleting policies
      2.  
        Analyzing the effect of policies
      3.  
        Analytics page for policies
  6. Section VI. Perform restores
    1. About restore
      1.  
        About restore
    2. Prerequisites for restore
      1.  
        Prerequisites for restore
    3. Restore dashboard
      1.  
        About the Restore dashboard
      2.  
        Restore job statuses
      3.  
        How to cancel the restore job?
      4.  
        View the restore events
    4. Restore Exchange Online mailboxes
      1. Restore Exchange Online mailboxes
        1.  
          Overwrite restore behavior for Exchange Online data
        2.  
          Supported Item Class for restore
    5. Restore SharePoint Online Sites and data
      1. Restore SharePoint/OneDrive/Teams Sites and data
        1.  
          Overwrite restore behavior for SharePoint Online
      2.  
        Recovery process and restore location options
      3.  
        Recovery of OneDrive, Microsoft 365 Group, and Microsoft Teams sites
      4.  
        Stub restore behavior
      5.  
        Permissions restore
      6.  
        Restrictions for SharePoint Online restore
      7.  
        Limitations of SharePoint Online data and sites restore
    6. Restore Teams chats and Teams Channel conversations
      1.  
        Restore Teams chats and Teams channel conversations
      2.  
        Limitations of Teams chat data restore
    7. Restore Audit logs
      1.  
        Restore O365 audit logs
    8. Restore Box data
      1.  
        Restore Box data
      2.  
        Limitations of Box data restore
    9. Restore Google Drive data
      1. Restore Google Drive data
        1.  
          About the overwrite restore behavior for Box/Google Drive data
    10. Restore Gmail data
      1.  
        Restore Gmail data
    11. Restore Salesforce data and Metadata
      1.  
        About the Salesforce Data, Metadata, and CRM Content restore
      2.  
        Restoring Standards and Custom objects (Structured data)
      3.  
        Custom Object restore - post processing steps
      4.  
        Restoring specific Records (Structured data) using Query filters
      5.  
        Restoring Salesforce CRM Content (Unstructured data)
      6.  
        Limitations of Salesforce Data restore
      7.  
        Considerations for Salesforce Metadata restore
      8.  
        Restoring Salesforce Metadata
      9.  
        Limitations of Salesforce Metadata backup and restore
      10.  
        Salesforce Objects not supported for restore
    12. Restore Entra ID objects
      1. About restoring Entra ID (Azure AD) objects and records
        1.  
          Permissions requirement
      2.  
        Best practices to restore Entra ID objects
      3.  
        Restoring an Entra ID object
      4.  
        Restoring specific records within Entra ID objects
    13. Restore Slack data
      1.  
        Restore Slack data
    14. Restore data to File server
      1.  
        Restore data to File server
    15. Restore options
      1.  
        Set the default restore point
      2.  
        Selecting items to restore (all items, all versions, or point-in-time)
      3.  
        Configuring email addresses for notifications
  7. Section VII. Perform data share
    1. Share data
      1.  
        Sharing data with other users
      2.  
        Removing admin shares
  8. Section VIII. Perform data downloading
    1. Download data
      1.  
        Downloading an item
  9. Section IX. Add and configure connectors
    1. About connectors
      1. About connectors
        1.  
          Supported SaaS applications for backup and restore
      2. Overview of connectors
        1.  
          Configuring the general settings
        2. Configuring the capture scope
          1.  
            Filtering users based on Entra ID (Azure AD) extended attributes
          2.  
            Filtering users based on Entra ID (Azure AD) group membership
          3.  
            Filtering folders
        3. Configuring credentials
          1.  
            Configuring credentials using the Manual mode
          2. Configuring credentials using the M365 App Registrations mode
            1. Assigning apps to connector
              1.  
                Statuses of the Microsoft 365 registered apps
            2.  
              Granting admin consent manually
            3.  
              Granting multiple admin consents using the App Consent Grant utility
          3.  
            Recovery of Microsoft 365 apps
        4.  
          Points to consider when configuring the Custom backup policy
        5.  
          Configuring Custom backup policy
        6.  
          Points to consider when configuring Delete policy for SharePoint environments
        7.  
          Configuring Delete policy
        8.  
          Points to consider when configuring Stubbing policies for SharePoint environments
        9.  
          Configuring Stub policy
        10.  
          Scheduling backup
    2. Apps Consent Grant Utility
      1.  
        About the Apps Consent Grant Utility
      2.  
        Prerequisites to download and install the Apps Consent Grant Utility
      3.  
        Downloading the Apps Consent Grant Utility
      4.  
        Installing or upgrading the Apps Consent Grant Utility
      5.  
        Post-installation activities for the Apps Consent Grant Utility
    3. Exchange Online connector
      1.  
        What can be backed up and restore?
      2.  
        API permissions for the Exchange Online
      3. Adding Exchange Online connectors
        1. Configuring the capture scope for Exchange connectors
          1.  
            Configuring the capture scope to back up mailboxes of all users
          2.  
            Configuring the capture scope to back up mailboxes of all users using the Rolling mailbox scope option
          3.  
            Configuring the capture scope to back up the mailboxes of users using the Alphabetical mailbox scope option
          4.  
            Configuring the capture scope to back up the mailboxes of specific users only
          5.  
            Configuring the capture scope to back up mailboxes from specific domains only
          6.  
            Configuring the capture scope to back up Group/Teams mailboxes
          7.  
            Configuring the capture scope to back up Public folders
    4. SharePoint Online connector
      1. What can be backed up and restore?
        1.  
          Supported and unsupported SharePoint Settings and Types for backup and restore
        2.  
          Supported Sites and List templates for backup and restore
        3.  
          Supported SharePoint permission objects for backup and restore
      2.  
        API permissions for SharePoint, OneDrive for Business, and Teams Sites Collections
      3. Adding SharePoint Online connectors
        1. Configuring the capture scopes for SharePoint connectors
          1.  
            Configuring the capture scope to back up all SharePoint site collections
          2.  
            Configuring the capture scope to back up specific SharePoint sites only
          3.  
            Configuring the capture scope to back up only specific sites using the Rolling site collection scope option
    5. Teams Sites collections connector
      1.  
        What can be backed up and restore?
      2. Adding Teams site collections connectors
        1. Configuring the capture scopes for Teams site connectors
          1.  
            Configuring the capture scope to back up all Team site collections
          2.  
            Configuring the capture scope to back up specific Team sites only
          3.  
            Configuring the capture scope to back up only specific Team sites using the Rolling site collection scope option
    6. OneDrive connector
      1.  
        What can be backed up and restore?
      2. Adding OneDrive connectors
        1. Configuring the capture scope for OneDrive for Business connectors
          1.  
            Configuring the capture scope to back up all OneDrive site collections
          2.  
            Configuring the capture scope to back up specific OneDrive sites only
          3.  
            Configuring the capture scope to back up only specific OneDrive sites using the Rolling site collection scope option
    7. Teams chat connector
      1.  
        What can be backed up and restore?
      2.  
        API permissions for Teams chat
      3. Adding Teams chat connectors
        1.  
          Configuring the capture scope for Teams chat connectors
    8. Audit log connector
      1.  
        Adding Audit Log connectors
    9. Google Drive connector
      1.  
        Prerequisites to add Google Drive connector
      2.  
        What can be backed up and restore?
      3.  
        API permissions for Gmail and Google Drive
      4. Adding Google Drive connectors
        1.  
          Configuring the capture scope for Google Drive connectors
    10. Gmail connector
      1.  
        What can be backed up and restore?
      2. Adding Gmail connectors
        1.  
          Configuring backup scopes for Gmail data
    11. Salesforce connector
      1.  
        About the Salesforce connector
      2.  
        Prerequisites to add Salesforce connectors
      3.  
        Adding Salesforce connectors
      4.  
        About the Salesforce connector backup process
      5.  
        Uploading a certificate to the Salesforce organization
      6.  
        Limitations of Salesforce connector
      7.  
        Salesforce Objects not supported for backup
    12. Entra ID (Azure AD) connector
      1.  
        What can be backed up and restore?
      2.  
        Adding Entra ID (Azure AD) connectors
    13. Box connector
      1.  
        Prerequisites to add Box connectors
      2.  
        What can be backed up and restore?
      3. Adding Box connectors
        1.  
          Configuring backup scopes for Box data
    14. Slack connector
      1.  
        Adding Slack connectors
      2.  
        Limitations of Slack connector
    15. EML connector
      1. Add Email/Messages
        1.  
          Prerequisite
        2.  
          Adding EML/Messages connectors
    16. Managing connectors
      1.  
        Editing connectors
      2.  
        Deleting connectors
  10. Section X. Perform backups
    1. Managing backups
      1.  
        Modifying a backup schedule
      2.  
        Performing an on-demand/ad-hoc backup
      3.  
        Running Delete and Stub policies for SharePoint Online data
      4.  
        Browsing backed-up data
      5.  
        Getting backup status
      6.  
        Connector page
      7.  
        Viewing backup tasks details
  11. Section XI. Backup limitations
    1. Backup limitations
      1.  
        Limitations for SharePoint Online connector
      2.  
        Limitations for Teams site collections connector
      3.  
        Limitations for Teams chat connector
      4.  
        Limitation for Google Drive connector
      5.  
        Limitations for Entra ID connector
      6.  
        Limitations for Box data backup
  12. Section XII. Events
    1. Events
      1.  
        Viewing backup events
      2.  
        About Event suppression
      3.  
        Creating event suppression rules
  13. Section XIII. Manage Stors (Storages)
    1. Manage Stors (Storages)
      1.  
        Viewing Stors (Storages)
      2.  
        Requesting a new Stor
      3.  
        General tab
      4.  
        Metadata tab
      5.  
        Statistical policies tab
      6.  
        Location-Mapping tab
      7.  
        Backup tab
      8.  
        Custodian Groups tab
      9.  
        Advanced tab
      10.  
        Analytics tab
  14. Section XIV. Manage Scopes
    1. Managing Scopes
      1.  
        About Scopes
      2.  
        Enabling Scopes
      3.  
        Configuring Scopes
      4.  
        Using Scopes
  15. Section XV. Manage auditing
    1. Managing auditing
      1.  
        About auditing
  16. Section XVI. Known Issues
    1. Known Issues
      1.  
        Know Issues

Adding Salesforce connectors

Salesforce connector backs up both data and metadata. When you add a connector, ensure that you have the following information readily available:

  • The name of the user (Veritas Backup Admin) you have created within the targeted Salesforce organization.

  • The instance URL of the targeted Salesforce organization.

  • The Consumer key that is generated when you add a Connected App within the targeted Salesforce organization.

For more information, refer to the following links:

Note:

Salesforce Data includes objects, records, files, attachments, documents, and Salesforce CRM Content. Salesforce metadata includes object schemas such as layouts, profiles, object schemas, permission sets, Apex classes, workflows, reports, dashboards, and so on.

Note:

By default, the connector backs up all objects in the Salesforce organization except for Feed, History, and Share objects.

By default, skips the objects in the connector configuration wizard that are not typically critical for business continuity, such as History, Share, and Feed. However, you can enable backup of these objects while configuring the connector. Before doing this, you should consider the following points:

  • History objects are not restorable. They should only be selected for backup if there is a strong need to retain historical information on record or field-level changes for auditing purposes.

  • Share objects of the type Manual only can be restored. Other types of Share records cannot be restored due to Salesforce API limitations.

    Note:

    During Salesforce setup, share tables are automatically created during a restore unless they contain manual share rules.

  • Feed objects are essentially views into the FeedItem object. Veritas Alta SaaS Protection backs up only the FeedItem object to avoid duplicating records.

    Due to Salesforce API limitations, only FeedItem records of specific types can be restored.

  • When these objects are skipped, backups complete more quickly and require less storage space for recovery points in Veritas Alta SaaS Protection.

To add a connector for Salesforce data and metadata

  1. Access the Veritas Alta SaaS Protection Administration portal.

    The home page of the Administration portal is displayed.

  2. Click Administration.
  3. On the left, click Connectors.
  4. Click + New Connector.
  5. Click Salesforce.
  6. On the New Connector page, do the following to configure the General settings:

    • In the Connector name field, enter a name for the connector.

      Note:

      The Type field displays the connector type.

    • From the Stor for unstructured data (files, attachments and metadata) drop-down list, select the SalesforceFiles Stor that Veritas provided for you as one of the prerequisites for connector creation.

      Note:

      The same Stor can be used with multiple connectors.

      If the Stor is not available, contact Veritas Support.

    • From the Stor for structured data (objects and records) drop-down list, select the SalesforceFiles Stor that Veritas provided for you as one of the prerequisites for connector creation.

      If the Stor is not available, contact Veritas Support.

    • The Machine field displays the Connector service to host this connector.

      You can change the selected one from the list if required.

    • (Optional) Enable the Enable email notification option to receive backup job status email notifications.

    • Click Next.

  7. Configure the capture scope.

    By default, Veritas Alta SaaS Protection supports the backup of all Standard Objects, Custom Objects, Files, Attachments, Documents, and Metadata from the targeted Salesforce organization.

    See Limitations of Salesforce connector.

    You can also choose to have backup and restore support for items such as Feed objects, History objects, and Share objects. By default, these objects are skipped from being backed up. Selecting these objects for backup results in a longer backup time. If required, select checkboxes of these items to back up and then click Next.

  8. Do the following to configure the credentials.

    • From the Salesforce organization type drop-down list, select the required type: Production or Sandbox.

    • In the Salesforce organization user name field, enter username of the Veritas Alta SaaS Protection backup admin user that is created as pre-requisites.

    • In the Salesforce organization instance URL field, enter the URL of the targeted Salesforce organization.

    • In the Consumer key field, enter the key, which is generated while adding the Veritas Alta SaaS Protection Connected application within the targeted Salesforce organization.

    • Click Generate certificate.

      A success message is displayed.

      Note:

      Certificate is used for OAuth-based authentication.

    • On the pop-up, click Keep to download the certificate.

    • Save the certificate to the local computer.

      Note:

      After completing the connector creation process, upload this certificate to the targeted Salesforce organization.

    • Click Next.

  9. (Optional) Do the following to scheduled backups for the target Salesforce organization.

    • Click + Add task.

    • On the Add task page, do the following:

      • Enter the time to start the backup in the Local start time field.

      • Enter the time duration in hours in the Duration in hours field. The backup stops if it exceeds the allotted time. In such a case, the remaining items from the previous backup and the new items are backed up on the next backup, which can be a full backup. If this option is configured, provide a suitable time for the backup to finish.

      • Set the recurrence option for the backup schedule Recurrence section.

      • Click Add.

    • Click Next.

  10. (Optional) If you have enabled the Enable email notification options option while configuring the general settings, do the following:

    • Click Enable this feature > enter the email address.

    • Select the Send an email when error count exceeds check box > enter the number.

    • Click Next.

  11. Do any of the following:

    • Click the corresponding Edit option to edit the configuration.

    • Click Save & Backup to save the connector configuration and start a backup.

      After the backup starts, you can go to the Connectors page to view the progress of the backup. The status of the connector must be displayed as Running.

    • Click Save to save the connector. You can go to the Connectors page to view the status of the connector. The status must be displayed as Created.

    On the successful creation of a Salesforce connector, the following settings are linked together:

    • The targeted Salesforce organization.

    • The Stors that hold the backed-up data in Veritas Alta SaaS Protection.

    • The Connected app to get permissions and access needed for reading the organization.

    • Veritas Alta SaaS Protection Backup admin user is created in the targeted Salesforce organization for authentication.

    • The connector configuration also captures the backup schedule so that periodic backups of the same Salesforce organization are taken. Each backup scans Salesforce items and stores them as a separate Restore Point.

    • An export location is auto-created when you create a connector using the Veritas Alta SaaS Protection Administration portal.

      Note:

      Veritas Alta SaaS Protection does not support creating export locations using the Export service for the current release.

  12. Upload the generated certificate to the targeted Salesforce organization.

    For more information, See Uploading a certificate to the Salesforce organization.

You can refer to the following topics if required:

See Performing an on-demand/ad-hoc backup.

See Editing connectors.

See Deleting connectors.

See Connector page .

See Browsing backed-up data.

See Viewing backup events .