Introducing the Latest Features in PowerProtect Data Manager Appliance – 5.13 – DM5500

Here is a summay of the recent updates for the PowerProtect Data Manager Appliance.  The DM5500 – 5.13 (referred to as R2) has recently been released and comes with several new features, enhancements and stability improvements.

Here are the key highlights.


Active Directory Integration

Based on the group to role mapping defined, AD users from a specific group will be able to log in to the appliance.

Only, secure AD connection is supported. AD traffic is secured using TLS by default.

Figure 1: Access Control Settings


Figure 2: Access Role Settings Continued….

Group to Role mapping

To authorize the level of access for a specific user, the DM5500 appliance uses the group to role mapping mechanism. This mechanism can also be leveraged to authorize AD users.

There are different roles available which the user can opt for and the only caveat is that you cannot assign a security officer role to an AD group (AD group members have different privileges based on their roles). Only one security officer role can be assigned to a user, the user must be local to the application.

Figure 3: Group to Role Mapping


Integrating Active Directory with Dell PowerProtect Data Manager Appliance – Further Resources


Multi-factor authentication

PowerProtect Data Manager Appliance now supports Multi-factor authentication (MFA) for users to login to the UI dashboard by providing the valid One-Time Password (OTP)- Authenticator (OTP). Currently, Google Authenticator is the supported method, with more to come in future.

If configured – By default, all the users in DM5500 will have to login via MFA except admin and Security officer. MFA is enabled by default for AD users

For further detail, see the PowerProtect Data Manager Appliance Security Configuration Guide for DM5500 here


Figure 4: Access Control:- Multifactor Authentication

Bypassing MFA

MFA can be bypassed so a user doesn’t have to key in OTP to gain access to the system (Only credentials would be sufficient for login)

Any user with admin privilege can bypass local users from MFA with following steps:

  • Login via administrator role user, and select the user to be bypassed in access control panel
  • Go to Administrator -> Access Control Users/Groups tab
  • Click on EDIT button, and check the Bypass MFA checkbox
  • Follow next tabs and finish to bypass the user

Multi factor Authentication in PowerProtect Data Manager Appliance – Further Resources

Audit Logging – Enhancements

Apart from the existing Data Domain  and PPDM audit information. Audit logging now enables you to discover access violations, changed or deleted files, failed authentication, and so on. With the Administrator, Security Administrator, and User roles, you can view audit logs to monitor system activity.

Figure 5: Navigate to administration -> audit logs. To export the log files as CSV file. The User can click on “Export All” option. Only user with administrator role can export the logs


Physical Network Separation

With the DM5500 R2 Release, Physical network Separation is supported


–PCIe slot 3

  • 2 available ports for Optical
  • 4 available ports for Copper

–PCIe slot 4

  • 2 available ports for Copper

PowerProtect Data Manager Appliance Physical Network Separation- Further Resources

System configuration (re-configuration)

Enables you to modify the location, time zone, and the NTP server for the PowerProtect Data Manager Appliance.

Customers can  now change the following

–DNS, NTP, Time zone

Other System related changes are made by a Support driven activity


Further reading on all of the above updates can be found here

Share the Post:

Related Posts

%d bloggers like this: