Time based retention is one of the primary requirements of regulatory compliance standards. To meet this requirement, a PPDD or DDVE system must ensure that any undesired changes to the system clock cannot be executed. Once enabled, the RL-C feature prevents users from changing the system clock using system commands (CLI) or the DDSM interface.
The following controls are defined to ensure that the system clock cannot be modified:
- Security Officer approval is required for any system commands that can change the system clock
- The system clock values are periodically writing into the file metadata on the system
- The system continuously checks the current system clock time against the persistent system clock value If the current time on the system clock is not within acceptable range (15 minutes) from the persistent time information, then a clock skew is considered.
- The RL feature tracks of the total clock skew accumulated at any point of time. If it exceeds two weeks, the Data Domain filesystem shuts down automatically
- If the PPDD or DDVE filesystem shuts down due to security clock violation, it can only resume operation by providing Security Officer credentials.