What SnapLock is

SnapLock is a high-performance compliance solution for organizations that use WORM storage to retain files in unmodified form for regulatory and governance purposes. A single license entitles you to use SnapLock in strict Compliance mode, to satisfy external mandates like SEC Rule 17a-4, and a looser Enterprise mode, to meet internally mandated regulations for the protection of digital assets.

Differences between Compliance and Enterprise modes

SnapLock Compliance and Enterprise modes differ mainly in the level at which each mode protects WORM files:

A related difference involves how strictly each mode manages file deletes:

After the retention period has elapsed, you are responsible for deleting any files you no longer need. Once a file has been committed to WORM, whether under Compliance or Enterprise mode, it cannot be modified, even after the retention period has expired.

You cannot move a WORM file during or after the retention period. You can copy a WORM file, but the copy will not retain its WORM characteristics.

The following table shows the differences between SnapLock Compliance and Enterprise modes:


SnapLock Compliance

SnapLock Enterprise

Privileged delete No Yes
Reinitialize disk No Yes
Destroy SnapLock aggregate and volume during retention period No Yes
Rename an aggregate or volume No Yes

Non-NetApp disks

No Yes (with FlexArray Virtualization)
Use SnapLock volume for audit logging Yes Yes, starting with ONTAP 9.5
Single-file SnapRestore No Yes
SnapRestore No Yes

You can clone SnapLock volumes, but you cannot clone files on a SnapLock volume.

You can clone SnapLock volumes, but you cannot clone files on a SnapLock volume.

LUNs No No
SMTape No No
MetroCluster configurations SnapLock Compliance or Enterprise aggregates are supported to host SnapLock audit log volumes on MetroCluster configurations, with the following limitation:
  • SnapLock Enterprise is supported on mirrored and unmirrored aggregates.
  • SnapLock Compliance is supported only on unmirrored aggregates only.

All MetroCluster configurations support mirrored aggregates. See the ONTAP release notes to determine if your MetroCluster configuration supports unmirrored aggregates.

ONTAP 9 Release Notes

Support FabricPools on SnapLock aggregates No Yes, starting with ONTAP 9.8
Note: If data on the SnapLock aggregate is tiered to a bucket (StorageGRID, Amazon, Azure, and so on), SnapLock no longer ensure that the data will not be deleted. Once data is tiered off from SnapLock Enterprise storage, a cloud admin can potentially delete the data, so that data is no longer compliant.

MetroCluster configurations and compliance clocks

MetroCluster configurations use two compliance clock mechanisms, the Volume Compliance Clock (VCC) and the System Compliance Clock (SCC). The VCC and SCC are available to all SnapLock configurations. When you create a new volume on a node, its VCC is initialized with the current value of the SCC on that node. After the volume is created, the volume and file retention time is always tracked with the VCC.

When a volume is replicated to another site, its VCC is also replicated. When a volume switchover occurs, from Site A to Site B, for example, the VCC continues to be updated on Site B while the SCC on Site A halts when Site A goes offline.

When Site A is brought back online and the volume switchback is performed, the Site A SCC clock restarts while the VCC of the volume continues to be updated. Because the VCC is continuously updated, regardless of switchover and switchback operations, the file retention times do not depend on SCC clocks and do not stretch.

Committing files to WORM

You can use an application to commit files to WORM over NFS or CIFS, or use the SnapLock autocommit feature to commit files to WORM automatically. You can use a WORM appendable file to retain data that is written incrementally, like log information.

Data protection

SnapLock supports data protection methods that should satisfy most compliance requirements:

Storage efficiency

Starting with ONTAP 9.9.1, SnapLock supports storage efficiency features, such as data compaction, cross-volume-deduplication, and adaptive compression for SnapLock volumes and aggregates.

7-Mode Transition

You can use the Copy-Based Transition (CBT) feature of the 7-Mode Transition Tool to migrate SnapLock volumes from 7-Mode to ONTAP. The SnapLock mode of the destination volume, Compliance or Enterprise, must match the SnapLock mode of the source volume. You cannot use Copy-Free Transition (CFT) to migrate SnapLock volumes.


ONTAP offers both software- and hardware-based encryption technologies for ensuring that data at rest cannot be read if the storage medium is repurposed, returned, misplaced, or stolen.

Disclaimer: NetApp cannot guarantee that SnapLock-protected WORM files on self-encrypting drives or volumes will be retrievable if the authentication key is lost or if the number of failed authentication attempts exceeds the specified limit and results in the drive being permanently locked. You are responsible for ensuring against authentication failures.

Note: Starting with ONTAP 9.2, encrypted volumes are supported on SnapLock aggregates.