EMC Isilon SmartLock

Available in version 8.1 and later

This page provides a guide to configuring an EMC Isilon SmartLock storage as a Storage Target in the Verba Recording System.

EMC Isilon SmartLock helps you protect your critical data against accidental, premature, or malicious alteration or deletion. Because SmartLock is a software-based approach to Write Once Read Many (WORM) data protection, you can store SmartLock-protected data alongside other data types in your Isilon scale-out storage environment with no effect on performance or availability, and without the added cost of purchasing and maintaining specialty WORM-capable hardware.

SmartLock operates in either an Enterprise mode or a Compliance mode. The Compliance mode provides an extra level of protection against malicious modification of data by disabling logins by the root user. This way, you can meet regulatory compliance requirements to provide absolute retention and protection of business-critical data—including stringent SEC 17a-4 requirements.

For a general description of storage targets, please refer to Storage and export targets.

Please refer to the official EMC Isilon SmartLock guide to deploy and configure the storage system. For you reference you can access OneFS 7.2 Administration guide here: http://isiblog.emc.com/2014/11/new-features-emc-isilon-onefs-7-2/

Verba uses the OneFS RESTful Access to the Namespace (RAN) application programming interface (API).

Creating an EMC Isilon SmartLock target

Follow the steps below to create a new Verba storage target for EMC Isilon SmartLock:

Step 1 - Open the Verba Web interface then select Data Management > Storage targets from the top menu.

Step 2 - Click on Add New Storage Target

Step 3 - Fill out the configuration form according to the requirements in the following table.

Configuration itemDescription
NameName your storage target. This name will identify this target across the system.
TypeSelect EMC Isilon SmartLock
PathSpecify the path where the storage is accessible in the Windows file system (UNC path)
API URLSpecify the EMC Isilon SmartLock specific share path
API UserUser name of the API user configured for Verba access in EMC Isilon SmartLock
API PasswordPassword of the API user configured for Verba access in EMC Isilon SmartLock

Step 4 - Click Save to save the settings

After this point, the storage target is available for use by other Verba components (e.g. Data retention policies).

Configuring SSL certificates for the API connection

EMC Isilon SmartLock can be configured to accept SSL connections from trusted sources only. You can configure the trusted and signed certificates used by the Verba system on the servers directly. If you intend to use multiple EMC Isilon SmartLock systems for Verba, you need to use the same certificates for all, because it is a server-side setting in the Verba system. By default, Verba uses its own self-signed certificates for the SSL connection.

Follow the steps below to configure the certificates.

Step 1 - Copy the X.509 certificate and key files to the Verba server

Step 2 - Navigate to the System / Servers

Step 3 - Click on the Verba server you would like to configure

Step 4 - Click on the Change Configuration Settings tab

Step 5 - Open the Storage Management / Upload Targets / EMC Isilon SmartLock tree on a Verba Recording Server or the Storage Management / Storage Targets / EMC Isilon SmartLock tree on a Verba Media Repository server or on a Verba Media Repository and Recording Server 

Step 6 - Configure a trusted custom X.509 certificate for the connection

Step 7 - Click the Save icon and follow the instructions on the page to apply the configuration on the server

Step 8 - Repeat the steps above on all Verba servers where you move files to EMC Isilon SmartLock

Using custom credentials for accessing file share (available from Verba 8.5)

It is possible to use credentials other than the service user for each EMC Isilon SmartLock storage. If you want to use custom credentials, check the "Use custom credentials for accessing the file share" checkbox, then provide the credentials.