WORM storage

Contributors netapp-bcammett netapp-tonacki Download PDF of this page

You can activate write once, read many (WORM) storage on a Cloud Volumes ONTAP system to retain files in unmodified form for a specified retention period. WORM storage is powered by SnapLock technology in Enterprise mode, which means WORM files are protected at the file level.

Once a file has been committed to WORM storage, it can’t be modified, even after the retention period has expired. A tamper-proof clock determines when the retention period for a WORM file has elapsed.

After the retention period has elapsed, you are responsible for deleting any files that you no longer need.

Activating WORM storage

You can activate WORM storage on a Cloud Volumes ONTAP system when you create a new working environment. This includes setting the default retention period for files.

You can’t activate WORM storage on individual volumes—​WORM must be activated at the system level.

The following image shows how to activate WORM storage when creating a working environment:

Shows the WORM option that is available when creating a new working environment.

Committing files to WORM

You can use an application to commit files to WORM over NFS or CIFS, or use the ONTAP CLI to autocommit files to WORM automatically. You can also use a WORM appendable file to retain data that is written incrementally, like log information.

After you activate WORM storage on a Cloud Volumes ONTAP system, you must use the ONTAP CLI for all management of WORM storage. For instructions, refer to ONTAP documentation.

Cloud Volumes ONTAP support for WORM storage is equivalent to SnapLock Enterprise mode.

Limitations

  • WORM storage in Cloud Volumes ONTAP operates under a "trusted storage administrator" model. While WORM files are protected from alteration or modification, volumes can be deleted by a cluster administrator even if those volumes contain unexpired WORM data.

  • In addition to the trusted storage administrator model, WORM storage in Cloud Volumes ONTAP also implicitly operates under a “trusted cloud administrator” model. A cloud administrator could delete WORM data before its expiry date by removing or editing cloud storage directly from the cloud provider.

  • When WORM storage is activated, data tiering to object storage can’t be enabled.

  • Cloud Backup must be disabled in order to enable WORM storage.