EMC Isilon SmartLock
Available in version 8.1 and later |
---|
This page provides a guide to configuring an EMC Isilon SmartLock storage as a Storage Target in the Verba Recording System.
EMC Isilon SmartLock helps you protect your critical data against accidental, premature, or malicious alteration or deletion. Because SmartLock is a software-based approach to Write Once Read Many (WORM) data protection, you can store SmartLock-protected data alongside other data types in your Isilon scale-out storage environment with no effect on performance or availability, and without the added cost of purchasing and maintaining specialty WORM-capable hardware.
SmartLock operates in either an Enterprise mode or a Compliance mode. The Compliance mode provides an extra level of protection against malicious modification of data by disabling logins by the root user. This way, you can meet regulatory compliance requirements to provide absolute retention and protection of business-critical data—including stringent SEC 17a-4 requirements.
For a general description of storage targets, please refer to Storage and export targets.
Please refer to the official EMC Isilon SmartLock guide to deploy and configure the storage system. For you reference you can access OneFS 7.2 Administration guide here: http://isiblog.emc.com/2014/11/new-features-emc-isilon-onefs-7-2/
Verba uses the OneFS RESTful Access to the Namespace (RAN) application programming interface (API).
Creating an EMC Isilon SmartLock target
Follow the steps below to create a new Verba storage target for EMC Isilon SmartLock:
Step 1 - Open the Verba Web interface then select Data Management > Storage targets from the top menu.
Step 2 - Click on Add New Storage Target
Step 3 - Fill out the configuration form according to the requirements in the following table.
Configuration item | Description |
---|---|
Name | Name your storage target. This name will identify this target across the system. |
Type | Select EMC Isilon SmartLock |
Path | Specify the path where the storage is accessible in the Windows file system (UNC path) |
API URL | Specify the EMC Isilon SmartLock specific share path |
API User | User name of the API user configured for Verba access in EMC Isilon SmartLock |
API Password | Password of the API user configured for Verba access in EMC Isilon SmartLock |
Step 4 - Click Save to save the settings
After this point, the storage target is available for use by other Verba components (e.g. Data retention policies).
Configuring SSL certificates for the API connection
EMC Isilon SmartLock can be configured to accept SSL connections from trusted sources only. You can configure the trusted and signed certificates used by the Verba system on the servers directly. If you intend to use multiple EMC Isilon SmartLock systems for Verba, you need to use the same certificates for all, because it is a server-side setting in the Verba system. By default, Verba uses its own self-signed certificates for the SSL connection.
Follow the steps below to configure the certificates.
Step 1 - Copy the X.509 certificate and key files to the Verba server
Step 2 - Navigate to the System / Servers
Step 3 - Click on the Verba server you would like to configure
Step 4 - Click on the Change Configuration Settings tab
Step 5 - Open the Storage Management / Upload Targets / EMC Isilon SmartLock tree on a Verba Recording Server or the Storage Management / Storage Targets / EMC Isilon SmartLock tree on a Verba Media Repository server or on a Verba Media Repository and Recording Server
Step 6 - Configure a trusted custom X.509 certificate for the connection
Step 7 - Click the Save icon and follow the instructions on the page to apply the configuration on the server
Step 8 - Repeat the steps above on all Verba servers where you move files to EMC Isilon SmartLock
Using custom credentials for accessing file share (available from Verba 8.5)
It is possible to use credentials other than the service user for each EMC Isilon SmartLock storage. If you want to use custom credentials, check the "Use custom credentials for accessing the file share" checkbox, then provide the credentials.