Commvault ActivateÔ

Core Capabilities
October 2021

1
Table of Contents
1 Introduction ............................................................................................................................................ 3

2 Functional Use Cases ............................................................................................................................... 4

2.1 File Storage Optimization (FSO) .................................................................................................................................................. 4

2.1.1 Dynamic Dashboards and Insights ...................................................................................................................................................................... 4

2.1.2 Remediations ...................................................................................................................................................................................................... 4

2.1.3 Access Permissions and Entitlement Management ............................................................................................................................................ 4

2.1.4 Security and Controls .......................................................................................................................................................................................... 5

2.1.5 Customization ..................................................................................................................................................................................................... 5

2.2 Data Governance (DG) ................................................................................................................................................................ 5

2.2.1 Entity detection/extraction ...................................................................................................................................Error! Bookmark not defined.

2.2.2 Gathering insights ............................................................................................................................................................................................... 5

2.2.3 Dynamic Dashboards and Insights ...................................................................................................................................................................... 5

2.2.4 Remediations ...................................................................................................................................................................................................... 6

2.2.5 Subject Access Requests (e.g. GDPR Right to Access, Right to be Forgotten, etc.) ............................................................................................. 6

2.2.6 Customization ..................................................................................................................................................................................................... 6

2.3 eDiscovery................................................................................................................................................................................... 6

2.3.1 Managing case folders ........................................................................................................................................................................................ 6

2.3.2 Search, review, curate case folders..................................................................................................................................................................... 7

2.3.3 Export and production of case folders ................................................................................................................................................................ 7

2.3.4 Defensible deletion ............................................................................................................................................................................................. 7

2.4 Search Capabilities ...................................................................................................................................................................... 7

2.4.1 General Search capabilities ................................................................................................................................................................................. 7

3 Technical / Platform Capabilities ............................................................................................................. 8

3.1 Support Matrix ............................................................................................................................................................................ 8

3.1.1 Security and controls........................................................................................................................................................................................... 8

3.1.2 Developer/ Admin tools ...................................................................................................................................................................................... 8

4 Licensing ................................................................................................................................................. 9

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 2
1 Introduction
Commvault Activate addresses a number of use cases related to data found within backups and live data sources. We
provide 3 separately licensable modules to address the outcomes desired by our customers.

In our experience for a personal data scenario we recommend consideration of the following Commvault Activate™
modules:

• eDiscovery – provides expanded content search capabilities and supports collection, preservation and review of
electronically stored information related to data breach incidents and process audits.
• Data Governance – profiling of email and file environments to determine presence of sensitive data across the
organization, the remediation of that data, and response to regulation-driven subject access requests. We have a
number of customers who have augmented their eDiscovery functions with the data profiling functions.
• File Storage Optimization – used to rationalize information stored for opportunities to dispose of
redundant/obsolete data and other data risks, and to tune access permissions to sensitive files. Supports smart
configuration of Commvault Complete™ data archiving, which support a defensible deletion strategy commonly
employed to reduce eDiscovery risk.

Full product documentation can be found at https://documentation.commvault.com

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 3
2 Functional Use Cases
2.1 File Storage Optimization (FSO)
Objective of File Storage Optimization is to understand the characteristics of file data across silos, so that
storage architectures and strategies can be shaped. Key outcomes to optimize data volumes, understand
needs for performance and availability, highlight information risk – all of which drive storage cost and
requirements for SLA/QoS.

2.1.1 Dynamic Dashboards and Insights

• Advanced reporting
o Use of interactive filters by clicking on the reporting criteria or using facets with a dynamic web
interface.
o Ability to automate data collection jobs using schedules.
o Ability to generate reports across multiple data sources.
o Support advanced reporting by blending file data external data sources to add a business
context. External data sources can be Active Directory, CRM database, SQL, etc... An example is
to show the department-based distribution of data on a share based on the ownership of the files.
o Supports one-time or scheduled data collection and analysis.
• Shaping data characteristics
o File distribution: Reporting based on file distribution, including type, extensions, size and other
technical file metadata. Manual file tagging to support data organization and process control.
o Duplicate files: Reporting to show file duplicates within and across data sources, which indicates
data sprawl.
o Tree size: Reporting based on tree size view to identify data volumes based on hierarchical
folder/file representation.
o File ownership dashboard: File ownership analysis to identify orphaned files; files owned by users
who left the organization; potential for governance risk.
• Manage data availability/performance
o Manage storage tiering based on business rules so that the business-critical data is available on
the primary storage, which is typically more expensive, and the non-critical data is periodically
moved to secondary storage including cloud.
o Ability to search and find data across all the tiers even after it is archived
o (Requires Commvault Complete™)
2.1.2 Remediations
• Support for immediately deleting the files by admin based on reporting filters.
• Manually tag files and folders to help organize and filter content.
• Delete from live data source and from backups.
• Moving\quarantine files based on reporting filters.
• Backing up data based on reporting filters.
• Archive data based on reporting filters.
• Provide audit trail for any actions on the data.

2.1.3 Access Permissions and Entitlement Management

• Security permission: identify security vulnerabilities on a data source by applying filters on Access Control
List.
• Assign file/folder ownership and access controls on CIFS/NTFS data sources between no access, read
only, modify, read & execute and full.
• Identify and remediate permission inheritance overrides.
• File Access History analysis for Netapp filers and Windows Servers
• Audit permission changes made through the entitlement management interface
• Support to revert one or more permission changes based on audit information.
• Support advanced reporting by blending file data external data sources to add a business context.
External data sources can be Active Directory, CRM database, SQL, etc... An example is to show the
department-based distribution of data on a share based on the ownership of the files.

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 4
2.1.4 Security and Controls
• Role based access control to set permissions at report, data source or file level
• Support for self-servicing reports where the end user will only see the distributions for files/folders on
which they have permissions

2.1.5 Customization
• Support advanced reporting by blending file data external data sources to add a business context.
External data sources include Active Directory, CRM database, SQL, CSV, etc... For example: show
department-based distribution of data on a share based on the externally defined ownership of the files;
chargeback reports for devices with externally defined device storage costs.
• Develop customized remediation workflows, notifications, actions and integrations using a robust
developer tools and APIs.

2.2 Data Governance (DG)

Objective of Data Governance is to:
• Profile email, files and other content across data silos for the presence of sensitive data (however defined by
the customer)
• Show the insights in order to plan action, support data remediation actions and data cleanup with IT and
business user decision making
• Support regulation-driven subject action requests (for GDPR/CCPA right to access, right to be forgotten,
etc.).

2.2.1 Data Classification

• Pre-built regex entities with keyword proximity rules, based on geographical locations which are
applicable for GDPR, CCPA, HIPAA and other regulations/policies.
• For entities where regular expression cannot be used, AI and ML models are used to weed out false
positives.
• Ability to build custom entities based on pattern matching and keyword proximity to weed out false
positives
• Sensitivity levels should be used to reflect priorities for review/remediation and should be customizable at
the entity level based on business needs.
• Document-type classifications based on ML models with training. Classifying documents for use with
remediation or information lifecycle management (ROT).

2.2.2 Gathering insights

• Grouping a diverse set of data sources (structured/unstructured) together to identify a certain set of
entities based on business needs,
o Shared sets of entities
o Common filtering (e.g. file types, sizes, etc.)
o Include/exclude locations
o Allocation of search/index resources
• Supports one-time or scheduled data collection and analysis

2.2.3 Dynamic Dashboards and Insights

• Use of interactive filters by clicking on the reporting criteria or using facets with a dynamic web interface.
Support dynamic drilldown.
• Analysis of sensitive data and associated risks across multiple data sources across multiple geographical
locations.
• Show geographical spread of data, risks including unsecured sensitive files, entities found, ownership,
retention/expiration
• Support to show sensitive files that are exposed to everyone (open folders)

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 5
 • Support to group the files based on sensitivity scores based on the number of entities and the criticality of
them. Occurrences of concentrated sensitive data (e.g. lists of driver’s license numbers).
• Show file lists, facets, filtering of keywords, timelines and all other metadata related to the abilities of each
data source.
• Content preview highlight sensitive data held within content, intra-document search.

2.2.4 Remediations
• Support to delete one or more sensitive files (deep scrub, including deleting from backups)
• Quarantine one or more sensitive files (move data to a different primary location)
• Archive sensitive data (move from live to archive location)
• Set retention on one or more files based on data governance policies
• Support collaboration across departments with review and approval process for all actions.
o Reviewers should also accept/reject actions on an object, with contextual comments.
o Updates only performed when approver is satisfied that appropriate review has taken place.
• Support for auditing and reporting of all the actions taken.
• Support to update permissions to address security vulnerabilities.
• Ability to mark files that can be ignored in reporting although they have sensitive data. Example: if a file is
properly protected, the administrator will want to hide the file after reviewing the data for the first time.

2.2.5 Subject Access Requests (e.g. GDPR Right to Access, Right to be Forgotten, etc.)
• Support to create a Subject Access Request task and select the list of data sources that it is applicable to.
• Integration of SAR with an external ticketing system using Commvault rest API
• Support to assign reviewers and approvers to streamline the process with appropriate decision making
and accountability
• Support for Right to be Forgotten where the end user can request to delete all the PII data that belong to
one or more personnel.
• Support for Right to Access where the end user can request review/export the for information that meets
a criterion
• Ability to share the exported PDF in a secure and authenticated fashion
• Ability to redact sensitive data in exported PDFs.

2.2.6 Customization
• Support advanced reporting by blending file data external data sources to add a business context.
External data sources include Active Directory, CRM database, SQL, CSV, etc... For example: show
department-based distribution of data on a share based on the externally defined ownership of the files.
• Develop customized remediation workflows, notifications, actions and integrations using a robust
developer tools and APIs.

2.3 eDiscovery
Objective of eDiscovery is to collect, preserve, analyze and review electronically stored information to support the
needs of legal matters, investigations, FOIA requests, etc.
2.3.1 Managing case folders
• Proactively preserve and manage high-risk, high-value data custodians and data sources.
• Prevent content deletion or modification between the time a preservation order is issued and the
timeframe of the event/investigation.
• Analysis of backup and archive data sources to provide time-based recall of emails, files and other
content.
• Creation & deletion/release/closure of case folders & legal holds

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 6
 • Continually collect and preserve information on specified data custodians and other data sources such as
email systems, file shares, desktops/laptops, etc.
• Validate custodians using Active Directory or other Directory Services
• Leverage collection filtering of keywords, timelines and all other metadata related to the abilities of each
data source.
• Minimize reliance on employee self-preservation
• Support one-time, scheduled, or continuous data collection from all data sources.
• Support of hold retention periods including indefinite hold.
• Support addition of other relevant (non-automated) content into the case folder.
• Define lists of reviewers who will have access to review content relevant to the case/legal matter.

2.3.2 Search, review, curate case folders

• Support basic and complex searching of content inside and outside established cases (refer Search
section)
• Facet assisted searches using metadata to assist with filtering.
• Review tools including tagging and annotation
• Review, culling, removal of content from the case folder.
• Email, document and attachment previews.

2.3.3 Export and production of case folders

• Export to PST, NSF, HTML, CAB, EDRM XML PDF formats

2.3.4 Defensible deletion

• Automatically enforce defensible deletion of content, reducing organizational risk by removing redundant
and obsolete content
• Apply archiving and retention policies

2.4 Search Capabilities

2.4.1 General Search capabilities
• Search within a Web application that will return the results on the following criteria
o File\Folder name
o File path
o Size
o Date modified
o Date created
o Date accessed
o File owner
o File Access permissions
o File extensions
o Email to and from
o Email
o Content
o Entities for specific values. Example: searching phone number entity with a specific number.
• Support of Boolean queries. Example would be “and”, “or”
• Support of wildcard queries, ability to search for the data with the single and multiple wildcard character
within single terms.
• Support for Range search, ability to search for documents whose field values are between the lower and
upper bound specified in the query.
• Support for fuzzy search, ability to search for terms similar in spelling to the search keyword.
Support for proximity search, ability to search two words in a string that are separated by a specific
number of other words by performing a proximity search.

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 7
 • Support for searching across different data types, files, emails, SharePoint, etc.. , from one interface.
• Support multiple languages and character sets including CJK.
• Ability to search on history of files\folder locations to see where file or folder was located before the file or
folder was moved.
• Search for power users to provide results regardless of access permissions
• Support to save the most frequently used search criteria and share it with other users in the organization
• Search across data silos, disparate data types and sources
• Filter duplicate files/email components from search results

3 Technical / Platform Capabilities

3.1 Support Matrix
• Support for NAS filers including the ability to read from snapshots
• Support with CIFS, NFS protocols
• Support for Windows and Unix file servers including VM’s
• Support for cloud data sources including Office365, SharePoint, OneDrive, Gmail, GDrive
• Support of object storage including that from Azure, AWS, GCS.
• Throttling of the scanning operations to ensure no adverse business impact while performing crawls
• Efficiency in the scanning operation for the initial crawl and subsequent incremental data crawls.
• Ability to analyze the information from secondary storage (backup data)
• Support to scan Active Directory to report on the inventory and organizational data
• Ability to horizontally scale and have the capabilities to aggregate results across multiple index servers.

For platform support, please refer to:

https://documentation.commvault.com/11.22/essential/123904_data_source_support_in_activate.html

3.1.1 Security and controls

• RBAC permissions for read-only, edit access and other access
• Encryption of data at rest and transit.
• Provide access to the reviewers to the data that is not accessible to them through a secure web interface

3.1.2 Developer/ Admin tools

• Admin and developer tools packaged with Commvault Activate
• Ability to edit existing or build new applications based on custom business requirements
o Mapping to data structured and unstructured data sources
o Data blending
o Handlers including API access to data views
o Widget driven dashboards (no-code/low-code)
o Forms and workflows
o Data policies
o Roles/security management
o Release management tools
o Search and analytics
o Stored procedures
o Objectstore with well define content/object model and supporting metadata controls
o Scheduling

• Multi-tenancy
• Multi-language, multi-character-set
• APIs support to support development and integration

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 8
 • Command-line/Powershell level control
• Full range of administration tools

4 Licensing
Commvault Activate is licensed with the following model:
• Each of the 3 use cases (DG, FSO, eDiscovery) can be licensed separately with a subset of enterprise
data.
• For file-system based data, Activate use cases are licensed by the size of the assets on the live data
sources, measured in TB (we refer to this as front-end-TB since it is based on the equivalent of a live
data source, not a compressed Commvault backup).
• For email and collaboration tools (such as Exchange, SharePoint, Office365, Gmail, Google Apps),
Activate is licensed by User, which would equate to mailboxes.
• Virtual machines are licensed by VM, Endpoints by User.

Commvault offers customers the ability to procure on a subscription basis only.

Monthly subscriptions can be purchased for 1 to 5 year commitments. If a customer needs to add additional licensing
during the commitment period, Commvault will allow the customer to co-term their purchase to the end of their
contract. Once the subscription expires, the customer can re-subscribe to a new commitment period. If the customer
does not re-subscribe, they will receive a read-only copy of their data.

Commvault Activate™ - Product Licensing Options

✓ VM File Endpoint E-Mail/O365

File Storage
✓ VM ✓ TB ✓ USER
Optimization
Data
✓ VM ✓ TB ✓ USER ✓ USER
Governance
eDiscovery & ✓ VM ✓ TB ✓ USER ✓ USER
Compliance

Copyright © 2019 Commvault | All Rights Reserved.

commvault.com | 888.746.3849 | [email protected]

©1999-2019 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, and “Be ready” are trademarks or registered trademarks
of Commvault Systems, Inc. A complete list of trademarks owned by Commvault can be found here. All other third party brands, product names, and trademarks are the
property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Page 9